Multi Page Script Problem (plz help)

rdwestsr

hi guys,
i\'m sorda a nooB to php, so plz bare with me here. what i\'m trying to do is write an admin interface within one script(a multi page script). after login and script goes to the default page it will print out the valid_user just find. now when i access STAFF or MEMBERS page through $action=page, it will not print out valid_user. you will stay logged in. it has something to do with accessing the other pages through the functions maybe...
all input would be appreciated 🙂
tx guys

rdwestsr

here\'s the main script.

html.php is all html fuctions

<?php

require_once(\"html.php\");

session_start();
#check if user is trying to login
if ($userid && $password)
{

$db_conn = mysql_connect(\"localhost\", \"user\", \"pass\");
mysql_select_db(\"xdfw\", $db_conn);
$query = \"select * from admin \"
.\"where nick=\'$userid\' \"
.\" and pass=password(\'$password\')\";
$result = mysql_query($query, $db_conn);
if (mysql_num_rows($result) >0 )
{
#if they are in the database register the #userid as valid_user

$valid_user = $userid;
session_register(\"valid_user\");
}
}

if (session_is_registered(\"valid_user\"))
{
if ($action == \"\") {
myHeader();
myPagetop();
myMainopen();
myAboxopen();
myMenu();
myAboxclose();
myMaindivider();
myBboxopen(\"admin.jpg\");
echo \"<p>You are logged in as $valid_user.</p>\";
echo \"<p>Admin only content goes here</p>\";
myBboxclose();
myMainclose();
myFooter();
}
if ($action == \"staff\") {
staff();
}
if ($action == \"members\") {
members();
}

}
else
{
myHeader();
myPagetop();
myBboxopen(\"admin.jpg\");
echo \"<p>You are not logged in.</p>\";
echo \"<form method=post action=\\"admin2.php\\">\";
echo \"<table>\";
echo \"<tr><td>Userid:</td>\";
echo \"<td><input type=text name=userid></td></tr>\";
echo \"<tr><td>Password:</td>\";
echo \"<td><input type=password name=password></td></tr>\";
echo \"<tr><td colspan=2 align=center>\";
echo \"<input type=submit value=\\"Log in\\"></td></tr>\";
echo \"</table></form>\";
myBboxclose();
myMainclose();
myFooter();
}

exit;

function staff() {
#***********************************************************#
session_start();

if (session_is_registered(\"valid_user\"))
{
myHeader();
myPagetop();
myMainopen();
myAboxopen();
myMenu();
myAboxclose();
myMaindivider();
myBboxopen(\"staff.jpg\");
echo \"Staff page\";
echo \"<p>You are logged in as $valid_user.</p>\";
myBboxclose();
myMainclose();
myFooter();
}
else
{
echo \"<p>You are not logged in.</p>\";

}
}

function members() {
#***********************************************************#
session_start();

if (session_is_registered(\"valid_user\"))
{
myHeader();
myPagetop();
myMainopen();
myAboxopen();
myMenu();
myAboxclose();
myMaindivider();
myBboxopen(\"members.jpg\");
echo \"Members page\";
echo \"<p>You are logged in as $valid_user.</p>\";
myBboxclose();
myMainclose();
myFooter();
}
else
{
echo \"<p>You are not logged in.</p>\";

}
}

Anon

Hi , I am a noob myself, but do you mind telling me why you are excaping every " even in the case of an echo where it would normally be echo "something here"\n;
?? just for future reference.

Anon

The gratuitous escaping is a bug in the forum software.

As for the problem, try dropping the session_start() from the staff and member functions. If you can only reach the staff and member functions in the event of a successfull login, you don't need to check the login again. However, you will need to declare $valid_user as global before you can use it in the functions.

Eg.,
function staff()
{
global $valid_user;
...
}

This is the sort of thing that's easier as multiple files.