passing session var question, but different

depraved

Okay I've made a membership script (based off of the script at phpfreaks) It seems to be working correctly. You can't access the main.php unless your login/pass are valid, if they aren't you are sent back to the login page.

Problem is I'm not to sure if it's passing the variables. I used echo to check for the email and it returned nothing

Here's the code:

###login.php###
Obviously the page that checks the entered info


<?php

include 'config.php';


/* Check User Script */ 
session_start();  // Start Session 

// Conver to simple variables 
$userid = $_POST['userid']; 
$pass = $_POST['pass']; 

if((!$userid) || (!$pass)){ 
    echo "Please enter ALL of the information! <br />"; 
    include 'index.php'; 
    exit(); 
} 



// check if the user info validates the db 
$sql = mysql_query("SELECT * FROM downline_users WHERE userid='$userid' AND pass='$pass' AND activated='1'"); 
$login_check = mysql_num_rows($sql); 

if($login_check > 0){ 
    while($row = mysql_fetch_array($sql)){ 
    foreach( $row AS $key => $val ){ 
        $$key = stripslashes( $val ); 
    } 
        // Register some session variables!
		session_register('userid'); 
        $_SESSION['userid'] = $userid;  

        session_register('email'); 
        $_SESSION['email'] = $email; 
        session_register('special_user'); 
        $_SESSION['user_level'] = $user_level; 


    header("Location: login_success.php"); 
} 
} else { 
    echo "You could not be logged in! Either the userid and password do not match or you have not validated your membership!<br /> 
    Please try again!<br />"; 
    include 'index.php'; 
} 







?>

###login_success.php###
Success page. Also directs them to the correct link depending on their user level

<? 
session_start();

$_SESSION['email']; 

$_SESSION['userid']; 


include 'config.php';


echo "Welcome
    You have made it to the members area!<br /><br />"; 

echo "Your user level is ". $_SESSION['user_level']." which enables 
    you access to the following areas: <br />"; 

if($_SESSION['user_level'] == 0){ 
    echo "<br /><a href=main.php>Continue</a>"; 
} 
if($_SESSION['user_level'] == 1){ 
    echo "<br /><a href=admin.php>Continue</a>"; 
} 

echo "<br /><a href=logout.php>Logout</a>"; 

?>

###checkuser.php###
I include this on all my secured pages


<?php
session_start();

$_SESSION['userid'];

$_SESSION['email'];

if(!session_is_registered('email'))
{ 
include 'login.php'; 
exit(); 
}





?>

###main.php###

Main members page. Their is more but I'm trying to see if I'm even passing the variables


<?php
session_start();

$_SESSION['email'];

$_SESSION['userid'];

include 'checkuser.php';

include 'config.php';

echo"Email is . $_SESSION['email'] . ";


?>

I'm thinking the problem is with registering the variables because I also had tried to echo the email on the login_success.php and it didn't work BUT it did echo the user_level

Thanks for any help
Derek

suntra

You can't mix $SESSION["variable_name"] with session_register(). Simply use $SESSION["variable_name"] = "value" and it will be stored in the session.

depraved

Thanks!