sessions, forms, and PHP_SELF = Plz Help

Gary

Hello all,

I have been reading the boards for a few days and still can't get my sessions to work the way I would like them to work...actually, they're not working at all. :-D

Here is what I am trying to do:
1) Display a page with a login form if the user is not logged in
2) Display the same page without the login form if the user is logged in.
3) keep track of username across the site so I can pull data from mysql database if I need to.

I have a functions file that is included at the top of index.php
and in the functions file there is an include statement for all database interactions.

In the functions file, I wrote a function to display a login form, check that the form fields are filled in, and check the form fields against the database to make sure the user exists.

In index.php I called the function. The login form shows up, but when I click the 'login' button, all that happens is that the login form is displayed again....nothing happens.

I will attach the function for you to look at...maybe fresh eyes is all that is needed.

I would like to display the form as long as the user is not logged in...then if they login, have index.php not display the form anymore, yet keep track of the username if it exists in the database.

I hope this all makes sense.
Function to follow.
Thanks in advance.

function login () {

$login_form = "<form action=index.php method=POST>
	session_register("username","password");
	<tr>
	<td>Username:
	<br>
	<input type=text name=username>
	</td>
	</tr>
	<tr>
	<td>Password:
	<br>
	<input type=text name=password>
	</td>
	</tr>
	<tr>
	<td>
	<input type=submit name=login value=login>
	</td>
	</tr>
	</form>";



// if not logged in, display the login form
if (!isset($login)) {
	print $login_form;
}

// if login form is submitted with an empty form field, redisplay loginform with error message
if (isset($login) && ((!$_POST[username]) || (!$_POST[password]))) {
		print ("You must fill in all fields in order to proceed <br> $login_form");

}

// if login form is passed with data in both form fields, check the database
if (isset($login)) {
	$result = mysql_query("SELECT * FROM members WHERE username = '$_POST[username]' AND password = '$_POST[password]'") or die( mysql_error() );
		$number_results = mysql_num_rows($result);

	if(isset($login) && ($number_results < 1) && $_POST[username] && $_POST[password]) {
		print ("We have no record of you in our records. Please try again. <br> $login_form");
	}

 	else {


		while ($a = mysql_fetch_array($result)) {
		$_SESSION["username"] = $a['username'];

		}


	}
}

}

milind24

variable "$login" in the function is not your global variable so in function it have no value setted at step follow :

// if not logged in, display the login form 
if (!isset($login)) { 
print $login_form; 
}

This will always true and it will display login form

so try to declare $login variable global or register session with variable name "login" and then check it .

Gary

I'm not sure I understand what you mean.

Thank you for replying though.