|
PHP - Cannot Call Session Variable To Regular Variable For Sql Lookup
My login script stores the user's login name as $_SESSION[ 'name'] on login. For some unapparent reason, i'm getting errors stating that $user and $priv are undefined variables, though I've attempted to define $user as being equal to $_SESSION['name'], using $user to look up the the user's privilege level (stored as the su column ) in the SQL table, and then where the result of the sql query is $priv which is then evaluated in an if statement. I can't seem to figure out why this might not be working. The code I'm using:
<?php
session_start();
function verify() {
//verify that the user is logged in via the login page. Session_start has already been called.
if (!isset($_SESSION['loggedin'])) {
header('Location: /index.html');
exit;
}
//if user is logged in, we then lookup necessary privleges. $_SESSION['name'] was written with the login name upon login. Privleges // are written in db as a single-digit integer of of 0 for users, 1 for administrators, and 2 for special users.
$user === $_SESSION['name'];
//Connect to Databse
$link = mysqli_connect("127.0.0.1", "database user", "password", "database");
if (!$link) {
echo "Error: Unable to connect to MySQL." . PHP_EOL;
echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
exit;
}
//SQL Statement to lookup privlege information.
if ($result = mysqli_query($link, "SELECT su FROM accounts WHERE username = $user", MYSQLI_STORE_RESULT)) {
//LOOP TO CYCLE THROUGH SQL RESULTS AND STORE Privlege information as vairable $priv.
while ($row = $result->fetch_assoc()) {
$priv === $row["su"];
}
}
// close SQL connection.
mysqli_close($link);
// Verify privleges and take action. Only a privlege of "1" is allowed to view this page. A privlege of "2" indicates special
//accounts used in other scripts that have certain indermediate additional functions, but are not trusted administrators.
if ($priv !== 1) {
echo $_SESSION['name'];
echo "you have privlege level of $priv";
echo "<br>";
echo 'Your account does not have the privleges necessary to view this page';
exit;
}
}
verify();
?>
Similar TutorialsI have found postings close, but not close enough to find my error. I am looking up data from a MySql table and putting it in a dropdown box on a form. I can select the item, but apparently not really. I am not able to echo it, or post it to a record. I'm sure I am missing something simple, but... Code attached if anyone can show me the errors of my ways. Thank you. Hello everyone, I can get Test 2 to successfully operate the if statement using a variable variable. But when I try the same method using a session variable (Test 1) the if statement is not executed. Please could you tell me why the if statement in Test 1 is not being executed? Code: [Select] <?php # TEST 1 $_SESSION[test_variable] = "abcd"; $session_variable_name = "_SESSION[test_variable]"; if ($$session_variable_name == "abcd") { echo "<br>line 373, abcd<br>"; } # TEST 2 $test_variable = "efgh"; $test_variable_name = "test_variable"; if ($$test_variable_name == "efgh") { echo "<br>line 379, efgh<br>"; } ?> Many thanks, Stu hi all, I have an language pack for example: languages/en.php: Code: [Select] $en['mail']['letter closing'] = "regards,\n your friend!"; and in my config: Code: [Select] $language = "en"; $include_language = @include("languages/".$language.".php"); if(!($include_language)) { $try_default_language = @include("languages/nl.php"); if(!($try_default_language)) { echo "kan de taalpakket niet vinden<br>"; echo "Could not find the language pack.<br>"; echo "example on error: ".$test." shows nothing"; exit; } } In my function I want to include the language pack for example i have $language = 'en' so I want to include $en['general']['letter closing'] I will do this: Code: [Select] global $language,${$language}['general']; But that gives an error unexpected '[' blah blah. How can i call the variable variable array in the valid php way? I have a session variable that will be set to a number called... Code: [Select] $_SESSION['number'] I have page where I want to set a variable in the format of $serv# (with "#" being the value of the session variable). Is there a way to write one simple line of code that in effect says... Code: [Select] $serv . $_SESSION['number'] = "selected='selected'"; I'm just looking to avoid having to write this code... Code: [Select] if ($_SESSION['number'] == 1) { $serv1 = "selected='selected'"; } elseif ($_SESSION['number'] == 2) { $serv2 = "selected='selected'"; } etc etc It's basically putting a variable inside of a variable and I'm not sure if this is allowed/proper? Any insight would be appreciated. Thanks, Gary Code: [Select] <? $i=1; $analysts[$i] = array(0=>'alpha'); $regions[$i] = array(0=>'beta'); $countries[$i] = array(0=>'gamma'); $provinces[$i] = array(0=>'delta'); $events[$i] = array(0=>'epsilon'); $selectable_document_elements = array ( 0=> analysts, 1=> regions, 2=> countries, 3=> provinces, 4=> events ); foreach($selectable_document_elements as $value) { echo $value; print_r($$value[$i]); echo "</br>"; } ?> I can't seem to call $$value[$i], however when I leave off the [$i] part Code: [Select] print_r($$value); I get the individual elements... Code: [Select] analystsArray ( [1] => Array ( [0] => alpha ) ) regionsArray ( [1] => Array ( [0] => beta ) ) countriesArray ( [1] => Array ( [0] => gamma ) ) provincesArray ( [1] => Array ( [0] => delta ) ) eventsArray ( [1] => Array ( [0] => epsilon) ) However, I would like to get the 1 part of the array, in this example. Is there a magic trick to calling variable arrays' individual elements? Hi I am buidling a Blog System using OO techniques (or at least attempting to).. I keep getting an error : Notice: Undefined variable: blog_categoryName in C:\wamp\www\atkinsonsCMS\admin170976\blog_categories.php on line 13 ...And then underneath all that is is displaying 'Call Stack'. I've never come across this notification before so I guess it is an OO term, and the a list of unexpected outputs: #, time, memory, function and location....each with an associated value. I attempted to resolve the variable issue in the usual way (as you can see in my code), but still the errors/warnings persist. The purpose of this part of the code is to simply retrieve SQL data (which is a list of blog categories), allowing the user to select one and then click through to be directed to the appropriate category page (although this last requirement of the code has not yet been programmed). Could those who have experience of this please take a look at my code and let me know where I am going wrong? Thanks blog_categories.php This file calls on the the blogFunctions.php Category Class, and the displays the results. session_start(); $pageTitle = "Blog Categories"; include("../includes/admin_header.php"); include("../classes/blogFunctions.php"); echo '<div class="admin_main_body"><br /><br />'; echo "<h2>Category List</h2><br />"; $content = new Category; $content -> process(); //print_r(debug_backtrace()); echo "<a href=blog.php>$blog_categoryName</a>"; echo '</div>'; echo '</div>'; include("../includes/admin_footer.php"); blogFunctions.php This class deals with the retreaval of the SQL data, and then passes it to blog_categories.php class Category { public $errors; public $blog_categoryName = NULL; public function __construct() { $this->errors = array(); $blog_categoryName = $this->blog_categoryName; } public function getCategories(){ if(!isset($blog_categoryName)) { $blog_categoryName = 'value'; } ($GLOBALS["___mysqli_ston"] = mysqli_connect("localhost", "atkinson", "XYZ111WA")) or die(((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false))); ((bool)mysqli_query($GLOBALS["___mysqli_ston"], "USE atkinsonscms")) or die (((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false))); mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM blog_category ORDER BY ASC"); $result = @mysqli_query($GLOBALS["___mysqli_ston"], $query); if ($result) { while ($row = $result->fetch_object()) { $blog_categoryName = $row->blog_categoryName; } //need to use mysqli query to retrieve results. if(mysqli_affected_rows($GLOBALS["___mysqli_ston"])< 1) $this->errors[] = 'Could not retrieve data'; } } public function show_errors(){ echo "<h3>Errors</h3>"; foreach($this->errors as $key=>$value) echo $value."<br>"; } public function process() { $this->getCategories(); return count($this->errors)? 0 : 1; } } //Closes Category Class. hi all , i am working on a script which is oop driven and i m not much familiar with it, i appericiate if someone can help me to solve this problem , so basicaly current script is only setting one session variable to true if user login $_SESSION['is_successful_login'] , here is my code <?php include('files/db.php'); class ajaxLoginModule { private $timeout = null; private $target_element = null; private $wait_text = null; private $form_element = null; private $wait_element = null; private $notify_element = null; function __construct() { include ('config.php'); $msql = new Db; $msql->connect(); $this->is_login(); } function get_config() { $this->set_ajax_config(); } function set_ajax_config() { $this->timeout = AJAX_TIMEOUT; $this->target_element = AJAX_TARGET_ELEMENT; $this->wait_text = AJAX_WAIT_TEXT; $this->wait_element = AJAX_WAIT_ELEMENT; $this->notify_element = AJAX_NOTIFY_ELEMENT; $this->form_element = AJAX_FORM_ELEMENT; } function initLogin($arg = array()) { $this->get_config(); $this->login_script(); } function initJquery() { return "<script type='text/javascript' src='files/jquery-1.3.2.min.js'></script>"; } function login_script() { include ('files/login_script.php'); } function is_login() { if(isset($_POST['username'])) { $username = $_POST['username']; $password = $_POST['password']; $strSQL = "SELECT * FROM ".USERS_TABLE_NAME." WHERE username ='$username' AND password = '$password' "; $result = mysql_query ($strSQL); $row = mysql_fetch_row($result); /* //THIS IS WHAT I NEED $_SESSION['user'] = $row['username']; $_SESSION['id'] = $row['id']; */ $exist = count($row); if($exist >=2) { $this->jscript_location(); } else { $this->notify_show();} exit; } } function notify_show() { echo "<script>$('.".AJAX_NOTIFY_ELEMENT."').fadeIn();</script>"; } function jscript_location() { $this->set_session(); echo "<script> $('#container').fadeOut();window.location.href='".SUCCESS_LOGIN_GOTO."'</script>"; } function set_session() { session_start(); $_SESSION['is_successful_login'] = true; } } ?> i comment that line what i need is username and id to store in those session variables $_SESSION['user'] = $row['username']; $_SESSION['id'] = $row['id'] i tried to add code in function set_session but did not helped, appreciate for any help. Thanks I wonder whether someone can help me please. I'm using the script below to create a page whereby users are presented with a list of image folders they have created. Clicking on any of the folders allows the user to drill down and view the individual images. Code: [Select] <?php session_start(); $_SESSION['username']=$_POST['username']; $_SESSION['locationid']=$_POST['locationid']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <?php //This variable specifies relative path to the folder, where the gallery with uploaded files is located. $galleryPath = 'UploadedFiles/' . $_SESSION['username'] . '/' . $_SESSION['locationid'] . '/'; $absGalleryPath = realpath($galleryPath) . DIRECTORY_SEPARATOR; $descriptions = new DOMDocument('1.0'); $descriptions->load($absGalleryPath . 'files.xml'); $items = array(); for ($i = 0; $i < $descriptions->documentElement->childNodes->length; $i++) { $xmlFile = $descriptions->documentElement->childNodes->item($i); $path = $xmlFile->getAttribute('name'); $path = explode('/', $path); $t = &$items; for ($j = 0; $j < count($path); $j++) { if (empty($t[$path[$j]])) { $t[$path[$j]] = array(); } $t = &$t[$path[$j]]; } $t['/src/'] = $xmlFile->getAttribute('source'); $t['description'] = $xmlFile->getAttribute('description'); $t['size'] = $xmlFile->getAttribute('size'); } $basePath = empty($_GET['path']) ? '' : $_GET['path']; if ($basePath) { $basePath = explode('/', $basePath); for ($j = 0; $j < count($basePath); $j++) { $items = &$items[$basePath[$j]]; } } $files = array(); $dirs = array(); function urlpartencode(&$item, $index) { $item = rawurlencode($item); } foreach ($items as $key => $value) { if (isset($value['/src/'])) { $value['/src/'] = explode('/', $value['/src/']); array_walk($value['/src/'], 'urlpartencode'); $value['/src/'] = implode('/', $value['/src/']); $files[] = array( 'name' => $key, 'src' => $value['/src/'], 'description' => htmlentities($value['description'], ENT_COMPAT, 'UTF-8'), 'size' => htmlentities($value['size'], ENT_COMPAT, 'UTF-8') ); } else { $dirs[] = $key; } } $basePath = empty($_GET['path']) ? '' : $_GET['path']; $up = dirname($basePath); if ($up == '.') { $up = ''; } sort($files); sort($dirs); ?> <head> <title>View Image Folders</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <link href="Styles/style.css" rel="stylesheet" type="text/css" /> <script src="Libraries/jquery/jquery-1.4.3.min.js" type="text/javascript"></script> <style type="text/css"> <!-- .style1 { font-size: 14px; margin-top: 5px; margin-right: -50px; } --> </style> <body style="font-family: Calibri; color: #505050; margin-right: 160px; margin-left: -180px;"> <div align="right" class="style1"> <a href = "index.php" /> Add Images <a/> → <a href = "javascript:document.imagefolders.submit()"> View All Images </a> </div> <form id="imagefolders" name="imagefolders" class="page" action="gallery.php" method="post" enctype="application/x-www-form-urlencoded"> <div id="container"> </div> <div id="center"> <div class="aB"> <div class="aB-B"> <?php if ('Uploaded files' != $current['title']) :?> <?php endif;?> <div class="demo"> <input name="username" type="hidden" id="username" value="IRHM73" /> <input name="locationid" type="hidden" id="locationid" value="1" /> <div class="inner"> <div class="container"> <div class="gallery"> <table class="gallery-link-table" cellpadding="0" cellspacing="0"> <thead> <tr class="head"> <th class="col-name"> Name </th> <th class="col-size"> Size </th> <th class="col-description"> Description </th> </tr> </thead> <tbody> <tr class="directory odd"> <td class="col-name"> <a href="?path=<?php echo rawurlencode($up); ?>">..</a> </td> <td class="col-size"> </td> <td class="col-description"> </td> </tr> <?php $i = 1; ?> <?php foreach ($dirs as $dir) : ?> <tr class="directory <?php $i++; echo ($i % 2 == 0 ? 'even' : 'odd'); ?>"> <td><a href="?path=<?php echo rawurlencode(($basePath ? $basePath . '/' : '') . $dir); ?>"><?php echo htmlentities($dir, ENT_COMPAT, 'UTF-8'); ?></a></td> <td>Folder</td> <td></td> </tr> <?php endforeach; ?> <?php foreach ($files as $file) : ?> <tr class="<?php $i++; echo ($i % 2 == 0 ? 'even' : 'odd'); ?>"> <td><a target="_blank" href="<?php echo $galleryPath . $file['src']; ?>"><?php echo htmlentities($file['name'], ENT_COMPAT, 'UTF-8'); ?></a></td> <td><?php echo htmlentities($file['size'], ENT_COMPAT, 'UTF-8'); ?></td> <td><?php echo htmlentities($file['description'], ENT_COMPAT, 'UTF-8'); ?></td> </tr> <?php endforeach; ?> </tbody> </table> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </form> </body> </html> I can create the list of folders, but when I click on any of these, instead of being able to view the images, I receive the following error: Quote Warning: DOMDocument::load() [domdocument.load]: I/O warning : failed to load external entity "/homepages/2/d333603417/htdocs/development/UploadedFiles/files.xml" in /homepages/2/d333603417/htdocs/development/imagefolders.php on line 16 Warning: Invalid argument supplied for foreach() in /homepages/2/d333603417/htdocs/development/imagefolders.php on line 52 Line 16 is this line Code: [Select] $descriptions->load($absGalleryPath . 'files.xml'); and line 52 is this Code: [Select] foreach ($items as $key => $value){ However, if I change this line Code: [Select] $galleryPath = 'UploadedFiles/' . $_SESSION['username'] . '/' . $_SESSION['locationid'] . '/'; to Code: [Select] $galleryPath = 'UploadedFiles/' . 'IRHM73' . '/' . '1' . '/'; i.e. replacing the 'Session Variables' with the actual values, the page works. I've been working on this for days now, and I just can't find the solution. I just wondered whether someoen could perhaps have a look at this and let me know where I'm going wrong. Many thanks and regards Hi I am using very simple code. Here it is Code: [Select] <?php session_start(); $user = "guest"; $uid = "1"; echo $_SESSION['user']."<br />"; echo $_SESSION['uid']; ?> it displays this error Code: [Select] Notice: Undefined index: user in C:\wamp\www\DealDash\index.php on line 5 Notice: Undefined index: uid in C:\wamp\www\DealDash\index.php on line 6 how can I solve this problem? Help please Need help declaring some session variable guys. I have a login form where the member enters his 1. Pilot Callsign 2. Password I want to declare that Pilot Callsign as the session variable on authentication. Using that Pilot Callsign session variable, I will fetch data from the database relevant to his profile. I already have the whole login page coded along with the restricted access pages (not coded by me). Check this out 1. Page is coded like this and working PERFECTLY --- Code: [Select] <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); } $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['pilot_callsign'])) { $loginUsername=$_POST['pilot_callsign']; $password=$_POST['password']; mysql_select_db($database_brn_system, $brn_system); $LoginRS__query=sprintf("SELECT pilot_callsign, password, staff_level, firstname FROM pilots WHERE activated = 1 AND pilot_callsign=%s AND password=%s", GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $brn_system) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = mysql_result($LoginRS,0,'staff_level'); if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();} //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; ?> --- 2. As you can see, there already is a session variable declared for Pilot Callsign But on the next page "Restricted Access Page", when I try to call this same Session Variable, it doesn't work. I tried doing this <?php echo $_SESSION['MM_Username'] ?> Moreover, I even tried to fetch data from the table like this - SELECT * FROM pilots WHERE pilot_callsign=$_SESSION['MM_Username'] Doesn't work Hello, I have the situation shown below in the code:
if(//condition is met)
{ $val = new Val();
$valon = $val->check($_POST, array(.........));
}
if($valon->passes())
{ $use = new Use();
........
}
//check() and passes() both belong to class Val
public function check($source, $items = array())
{ ......................
return $this;
}
I get the following warning and error:Notice: Undefined variable: valon and Fatal error: Call to a member function passes() on a non-object I can't see anything wrong with the code. check() returns an object of class Val which is assigned to $valon, $valon then calls a member function of class Val. Could you please help. Please let me know whether to include further code. Is it good practice to put an oop object in session variable hi there, i'm trying to put a message in the footer of a page which welcomes a person who is logged in with his/her name, using sessions of course; when i place this: Code: [Select] $username = $_SESSION['valid_user']; in the footer before the echo: Code: [Select] echo "You are logged in as $username"; but the session is also needed before the footer to use the username for other things , such as -checking his credit- so if place in footer the footer shows name in browser but checking credit would not happen as the assignment is at the buttom. IF i place the assignment above at the top of the file: everything works for the user and checking credit ..etc...but the footer is not there... cud not put this any clearer..sorry...hope if someone cud help...thanks The $_SESSION['record_to_chage'] variable is set- I know this as I can echo it out. $openedfile = file("myfile.txt"); sort($openedfile); // foreach($openedfile as $key => $newpick) { echo "<a href=\"/editpage.php?request=$_SESSION['record_to_chgange']&newcat=$newpick\" target=\"_parent\">$newpick</a>"; echo "<br>"; } The Resulting error: Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in For the life of me I can not figure where I am going wrong. Going to get coffee and some fresh eyes. Cheers Hey guys, been awhile since I have been here, but I hit a little issue in reading session data reliably every time. What I am doing is reading the variables and values from a rarurlencoded string. Then putting that into a session array to populate parts of a form and fill in some hidden fields. After the form posts every now and then, about 1 in 50 or so attempts, I have one (always the same one) that just vanishes. Anyone ever experience anything like this? I am trying to define a session variable where I can save it and use it as the user surfs the site. I need the variable saved as $amano so I can use it in my select from/where statement and to echo within a table. This is a test trying to capture and define the variable and works, but I can't get the variable $amano into the session. If I am then I don't know how to display it. <?php> session_start(); $id = $_POST['amano']; $_SESSION['amano'] = '$amano'; echo "Pageviews = ". $_SESSION['amano']; // My effort to see what is happening. echo "<br />"; echo "AMA # = ". $_POST['amano']; // I have it just like I want it here. echo "<br />"; echo "Sessions AMA # = ".$_SESSION['amano']; ?> Currently I am adding the concept of "entitlements" to my website. In the past, my "article.php" script would simply look to the URL for which article was being requested and then load it. However now that I am also adding the concept of "premium content" for "paid members", I need a way to control who sees what. What I am wondering is - from a security standpoint - how much information I should load into the $_SESSION variable. For instance, right now when a user logs in, I think I just store the "memberID" and "FirstName" and possibly "Username". It would be more efficient when a Member logs in to also retrieve their "Membership Plan" and store that in the $_SESSION variable, so that as they browse my website, each page can simply grab $_SESSION['MembershipPlan'] and run that through a function that I need to build and then determine if the user gets to access said page. However, maybe it would be more secure to have it so when a user lands on page XYZ, I would look at their "memberID" and query the database to get their "MembershipPlan"? Any thoughts on each approach? Again, my main concern is *security*, but I also suppose this plays into "performance".
Question about variable variables and using session variables for them. O.K. So if I have: $foo = 3; $_SESSION['bar'] = "foo"; $$_SESSION['bar'] should equal the value of $foo, however I can't get it to work. Can someone tell me what I am doing wrong..... is it formatting??? Thanks, Thomas The first page is used to submit data to second page (and also show errors if there are any with the data submitted). The second page should be retrieving the posted data and assigning that data to session should it need to refresh back to the first page to show errors. The session data is used to repopulate the form. Right now I'm typing test into the review_name variable and when the page redirects back to the form to display the error messages, that field is not populated with "test". Code: [Select] $product_id=$_GET['product']; session_start(); $error=$_SESSION['error']; $content.='<div class="product_information_text review_form"> <div class="review_header">Write a Review for '.$product_name.'</div> <form action="./review_process.php?product='.$product_id.'&p=php" method="POST"> <p class="form_item"><label>Name:</label> <input type="text" name="review_name" size="30"'; if(isset($_SESSION['review_name'])){$content.=' value="'.$_SESSION['review_name'].'"';} $content.=' />'; if($error[0]=="1"){$content.=' <span class="red">This field is required.</span>';} $content.=' </p> <p class="form_item"><label>E-Mail:</label> <input type="text" name="review_email" size="30"'; if(isset($_SESSION['review_email'])){$content.=' value="'.$_SESSION['review_email'].'"';} $content.=' />'; if($error[2]=="1"){$content.=' <span class="red">This field is required.</span>';} $content.=' </p> <p class="form_item"><label>Location:</label> <input type="text" name="review_location" size="30"'; if(isset($_SESSION['review_location'])){$content.=' value="'.$_SESSION['review_location'].'"';} $content.=' />'; if($error[3]=="1"){$content.=' <span class="red">This field is required.</span>';} $content.=' </p> <p class="form_item"><label>Describe Yourself:</label> <input type="text" name="review_describe" size="30"'; if(isset($_SESSION['review_describe'])){$content.=' value="'.$_SESSION['review_describe'].'"';} $content.=' />'; if($error[4]=="1"){$content.=' <span class="red">This field is required.</span>';} $content.=' </p> <p class="form_item"><label>Review Title:</label> <input type="text" name="review_title" size="30"'; if(isset($_SESSION['review_title'])){$content.=' value="'.$_SESSION['review_title'].'"';} $content.=' />'; if($error[1]=="1"){$content.=' <span class="red">This field is required.</span>';} $content.=' </p> <p class="form_item"><label>Best Use of Product:</label> <input type="text" name="review_best_use" size="30"'; if(isset($_SESSION['review_best_use'])){$content.=' value="'.$_SESSION['review_best_use'].'"';} $content.=' />'; if($error[5]=="1"){$content.=' <span class="red">This field is required.</span>';} $content.=' </p> <p class="form_item"><label>Product Pros:</label> <input type="text" name="review_pros" size="30"'; if(isset($_SESSION['review_pros'])){$content.=' value="'.$_SESSION['review_pros'].'"';} $content.=' />'; if($error[6]=="1"){$content.=' <span class="red">This field is required.</span>';} $content.=' </p> <p class="form_item"><label>Product Cons:</label> <input type="text" name="review_cons" size="30"'; if(isset($_SESSION['review_cons'])){$content.=' value="'.$_SESSION['review_cons'].'"';} $content.=' />'; if($error[7]=="1"){$content.=' <span class="red">This field is required.</span>';} $content.=' </p> <p class="form_item"><label>Product Rating:</label><br /> <div class="rating_radio"><input type="radio" name="review_product_rating" value="1"'; if(isset($_SESSION['review_product_rating']) && $_SESSION['review_product_rating']=="1"){$content.='checked';} $content.=' /> <br />1</div> <div class="rating_radio"><input type="radio" name="review_product_rating" value="2"'; if(isset($_SESSION['review_product_rating']) && $_SESSION['review_product_rating']=="2"){$content.='checked';} $content.=' /> <br />2</div> <div class="rating_radio"><input type="radio" name="review_product_rating" value="3"'; if(isset($_SESSION['review_product_rating']) && $_SESSION['review_product_rating']=="3" || !isset($_SESSION['review_product_rating'])){$content.='checked';} $content.=' /> <br />3</div> <div class="rating_radio"><input type="radio" name="review_product_rating" value="4"'; if(isset($_SESSION['review_product_rating']) && $_SESSION['review_product_rating']=="4"){$content.='checked';} $content.=' /> <br />4</div> <div class="rating_radio"><input type="radio" name="review_product_rating" value="5"'; if(isset($_SESSION['review_product_rating']) && $_SESSION['review_product_rating']=="5"){$content.='checked';} $content.=' /> <br />5</div> <div class="worst">(Worst)</div><div class="best">(Best)</div> </p> <p> </p> <p class="form_item"><label>Comments on Product:'; if($error[7]=="1"){$content.=' <span class="red">This field is required.</span>';} $content.=' </label><br /> <textarea name="review_text" rows="10" cols="60">'; if(isset($_SESSION['review_text'])){$content.=$_SESSION['review_text'];} $content.='</textarea> </p> <p><input type="submit" value="Submit" name="Submit" /></p> </form> </div> '; session_unset(); session_destroy(); Code: [Select] session_start(); $product_id=$_GET['product']; $review_name=$_POST['review_name']; $_SESSION['review_name']==$review_name; $review_name = stripslashes($review_name); $review_name = mysql_real_escape_string($review_name); if($review_name==""){ $error0=1; } else{ $error0=0; } $review_title=$_POST['review_title']; $_SESSION['review_title']==$review_title; $review_title = stripslashes($review_title); $review_title = mysql_real_escape_string($review_title); if($review_title==""){ $error1=1; } else{ $error1=0; } $review_email=$_POST['review_email']; $_SESSION['review_email']==$review_email; $review_email = stripslashes($review_email); $review_email = mysql_real_escape_string($review_email); if($review_email==""){ $error2=1; } else{ $error2=0; } $review_location=$_POST['review_location']; $_SESSION['review_location']==$review_location; $review_location = stripslashes($review_location); $review_location = mysql_real_escape_string($review_location); if($review_location==""){ $error3=1; } else{ $error3=0; } $review_describe=$_POST['review_describe']; $_SESSION['review_describe']==$review_describe; $review_describe = stripslashes($review_describe); $review_describe = mysql_real_escape_string($review_describe); if($review_describe==""){ $error4=1; } else{ $error4=0; } $review_best_use=$_POST['review_best_use']; $_SESSION['review_best_use']==$review_best_use; $review_best_use = stripslashes($review_best_use); $review_best_use = mysql_real_escape_string($review_best_use); if($review_best_use==""){ $error5=1; } else{ $error5=0; } $review_pros=$_POST['review_pros']; $_SESSION['review_pros']==$review_pros; $review_pros = stripslashes($review_pros); $review_pros = mysql_real_escape_string($review_pros); if($review_pros==""){ $error6=1; } else{ $error6=0; } $review_cons=$_POST['review_cons']; $_SESSION['review_cons']==$review_cons; $review_cons = stripslashes($review_cons); $review_cons = mysql_real_escape_string($review_cons); if($review_cons==""){ $error7=1; } else{ $error7=0; } $review_product_rating=$_POST['review_product_rating']; $_SESSION['review_product_rating']=$review_product_rating; $review_product_rating = stripslashes($review_product_rating); $review_product_rating = mysql_real_escape_string($review_product_rating); $review_text=$_POST['review_text']; $_SESSION['review_text']==$review_text; $review_text = stripslashes($review_text); $review_text = mysql_real_escape_string($review_text); if($review_text==""){ $error8=1; } else{ $error8=0; } $review_show="n"; date_default_timezone_set('US/Eastern'); $review_date = date("F j, Y, g:i a T"); $error="".$error0."".$error1."".$error2."".$error3."".$error4."".$error5."".$error6."".$error7."".$error8.""; if($_GET['p']=="php"){ if($error!=="000000000"){ $_SESSION['error']=$error; //header("Location: ./store.php?product=".$product_id."&write=review"); echo $_SESSION['review_name']; } else{ $sql="INSERT INTO $tbl_name3 (product_id, review_show, review_title, review_email, review_name, review_location, review_date, review_describe, review_best_use, review_pros, review_cons, review_product_rating, review_text) VALUES ('$product_id', '$review_show', '$review_title', '$review_email', '$review_name', '$review_location', '$review_date', '$review_describe', '$review_best_use', '$review_pros', '$review_cons', '$review_product_rating', '$review_text')"; mysql_query($sql); header("Location: ./store.php?product=".$product_id."&reviews=thankyou"); } } On this second page echo $_SESSION['review_name']; returns nothing, when changed to $_SESSION['review_product_rating']; it returns the rating I selected in the form. I'm probably missing something obvious here. page.php <a href="cart.php?action=add&id=38"> cart.php session_start(); $cart = $_SESSION['cart']; $action = $_GET['action']; switch ($action) { case 'add': if ($cart) $cart =$cart. ','.$_GET['id']; else $cart = $_GET['id']; } $_SESSION['cart'] = $cart; echo $cart; output: Insted of one time it adds the id two times. It prints : 38,38. can pls suggest me what's problem in the code. Thank's in advance. |
|||||||