Weird session_register problem

gehenna801

I'm trying to straighten out this function which will determine authentication results and either register a session or redirect to an error page.

First, here is the function:

function processLogin($user, $pass)
{

$status = authenticate($user, $pass);

if ($status == 1) {

	session_start();

	session_register("SESSION");

	//get the user id from db
	$sql = "SELECT u_id from user WHERE email='$user'";
	$dbase = "family";

	//set user id as session variable
	session_register("U_ID");
	$_SESSION['U_ID'] = runQuery($sql, $dbase);

	session_register("UNAME");
	$_SESSION['UNAME'] = $user;

	header ("Location: main.php");

	exit;

} else {

	header ("Location: login.php?msg=failed");
	exit;

}

}

Firstly, I know it's not elegant or even pretty. I don't pretend to be a good programmer.

You'll notice the authenticate() and runQuery() function calls. These all work lovely; use the db function all over in other pages with no problem. In fact, almost the entire function works lovely. The problem came up when I tried implementing this bit:

		//get the user id from db
		$sql = "SELECT u_id from user WHERE email='$user'";
		$dbase = "family";

	//set user id as session variable
	session_register("U_ID");
	$_SESSION['U_ID'] = runQuery($sql, $dbase);

This is the part that doesn't work. No matter what I do, I cannot get $SESSION['U_ID'] to echo on a results page. The variable $SESSION['UNAME'] works just fine. U_ID only returns "0" unless I manually set it like $_SESSION['U_ID'] = "blah". Then, of course, it will echo "blah" on my results page.

Here is the results page:

	
.require_once ('lib/Session.php');
// main.php

if (!$_SESSION['UNAME']) {

echo "username not set.";

} else {

echo "Logged in as " . $_SESSION['UNAME'];
echo "<br>";
echo "User id = " . $_SESSION['U_ID'];
echo "<br>";
echo "<a href=\"logout.php\">logout</a>";

}

Any ideas? I'm sure I've just bung'd somthing up in there that I'm not seeing.....

batman

First you should make a db.php page that looks like this:


$dbh=mysql_connect ("localhost", "username", "password") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("family");

Then try changing this:

function processLogin($user, $pass)
{

$status = authenticate($user, $pass);

if ($status == 1) {

    session_start();

    session_register("SESSION");

    //get the user id from db
    $sql = "SELECT u_id from user WHERE email='$user'";
    $dbase = "family";

    //set user id as session variable
    session_register("U_ID");
    $_SESSION['U_ID'] = runQuery($sql, $dbase);

    session_register("UNAME");
    $_SESSION['UNAME'] = $user;

    header ("Location: main.php");

    exit;

} else {

    header ("Location: login.php?msg=failed");
    exit;

}

}

To this:

include 'db.php';

function processLogin($user, $pass)
{

$status = authenticate($user, $pass);

if ($status == 1) {

    session_start();

    session_register("SESSION");

//get the user id from db

$sql = mysql_query("SELECT u_id from user WHERE email='$user'");
$row = mysql_fetch_array($sql);
$u_id = $row['u_id'];

//set user id as session variable
session_register("U_ID");
$_SESSION['U_ID'] = $u_id;

session_register("UNAME");
        $_SESSION['UNAME'] = $user;

    header ("Location: main.php");

    exit;

} else {

    header ("Location: login.php?msg=failed");
    exit;

}

}

Hope that helps,
-Blake

gehenna801

Thanks... I actually had everything about the query in the runQuery() function. What I had left out was the mysql_fetch_array(). So, it ended up looking like this:

		//get the user id from db
		$sql = "SELECT u_id from user WHERE email='$user'";
		$dbase = "family";

	//set user id as session variable
	session_register("U_ID");
	$result = runQuery($sql, $dbase);
	$row = mysql_fetch_array($result);
	$_SESSION['U_ID'] = $row['u_id'];

I must have forgot that I actually needed to do something with the result returned by the runQuery() function before I could use.

Thanks for your help!