[Resolved] Sessions

raouleduke

This is where I end up after logging in, I want to get the id of the user, but don't know how to get it. It displays the name, but I want to use the id and pass it along to other pages to use.


include_once("config.php");
include_once("header.php");

checkLoggedIn("yes");
doCSS();
print("Caller: <b>".$_SESSION["login"]."</b><br>\n");
echo $login;
$query = "SELECT CALLER_ID FROM callers WHERE login ='$login'";
$result = mysql_query($query);
echo $CALLER_ID;

Thanks in advance.

batman

Not to sure about this, but on your query where login = $login. $login is not defined. Try changing your code to this:

include_once("config.php");
include_once("header.php");

$login = $_SESSION['login'];

checkLoggedIn("yes");
doCSS();
print("Caller: <b>$login</b><br>\n");
echo $login;
$query = "SELECT CALLER_ID FROM callers WHERE login ='$login'";
$result = mysql_query($query);
echo $CALLER_ID;

Let me know if that helps.

-Blake

raouleduke

I tried that, I even added an echo query, the query looks correct but does not return any results. Basically once they log in all I want to use is the CALLER_ID and Their Name.

batman

Ok, well.. post try it this way. Have the login page, a checkuser page and then the successfull page. What you will mant to do is on the login page have the form action point to checkuser.php. On the checkuser page you will want to do all the checking to make sure the user validates and if so set the sessions. If all your trying to do is a basic login script let me know if you would just like to use some of my stuff. If so then I'll post the pages you need into a zip and attach it.

-Blake

P.S. Do you have AOL Instant Messanger?

raouleduke

I have this code, I have only been working with sessions for about two weeks, some is copied from online help articles.

<?php

include_once("config.php");


checkLoggedIn("no");


$title="Caller Login ";


if($_POST["submit"]) {

field_validator("login name", $_POST["login"], "alphanumeric", 4, 15);

field_validator("password", $_POST["password"], "string", 4, 15);


if($messages){ 
	doIndex();

	exit;
}


if( !($row = checkPass($_POST["login"], $_POST["password"])) ) {

    $messages[]="Incorrect login/password, try again";
} 


if($messages){
	doIndex();
	exit;
}


cleanMemberSession($row[login], $row[password]);


header("Location: selectdealer.php?".session_name()."=".session_id());
} else {	

doIndex();
}


function doIndex() {

global $messages;


global $title;


?>
<html>
<head>
<title><?=$title?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<?php doCSS()?>
<body>
<h1><?=$title?></h1>
<?php

if($messages) { displayErrors($messages); }

?>
<form action="<?=$_SERVER["PHP_SELF"]?>" method="POST">
<table>
<tr><td>Login:</td><td><input type="text" name="login" value="<?php print $_POST["login"] ?>" maxlength="15"></td></tr>
<tr><td>Password:</td><td><input type="password" name="password" value="" maxlength="15"></td></tr>
<tr><td>&nbsp;</td><td><input name="submit" type="submit" value="Submit"></td></tr>
</table>
</form>
</body>
</html>
<?php
}
?>

By the way sorry don't have instant messenger, I do appreciate your help. Thanks, alot. I kind of get what you mean by passing the variables, but a little fuzzy.
Thanks,

batman

Ok, post all the pages that have to deal with the login scripts. Also give a good description of what you are trying to do, what pages you want to do what, etc. If you are specifically having trouble with sessions, mention what page you are trying to set the sessions, and what pages are calling it. NOTE: don't post snippets, post the whole pages code.

I will then take a look at how you are doing things more closely.

  -Blake

raouleduke

The first page is at the top of the post. There are two pages that it need and here you go.
config.php

<?php
include_once("functions.php");


session_register("login");
session_register("password");
session_register("loggedIn");

$messages=array();

$dbhost="";
$dbuser="";
$dbpass="";
$dbname="";

connectToDB();
?>

And here is the functions page:
[/code]
<?php

function connectToDB() {
global $link, $dbhost, $dbuser, $dbpass, $dbname;

($link = mysql_pconnect("$dbhost", "$dbuser", "$dbpass")) || die("Couldn't connect to MySQL");

mysql_select_db("$dbname", $link) || die("Couldn't open db: $dbname. Error if any was: ".mysql_error() );

}

function newUser($login, $password) {

global $link;

$query="INSERT INTO callers (login, password) VALUES('$login', '$password')";
$result=mysql_query($query, $link) or die("Died inserting login info into db.  Error returned if any: ".mysql_error());

return true;

}

function displayErrors($messages) {

print("<b>There were problems with the previous action.  Following is a list of the error messages generated:</b>\n<ul>\n");

foreach($messages as $msg){
	print("<li>$msg</li>\n");
}
print("</ul>\n");

}

function checkLoggedIn($status){

switch($status){

	case "yes":
		if(!$_SESSION["loggedIn"]){
			header("Location: login.php");
			exit;
		}
		break;

	case "no":
		if($_SESSION["loggedIn"]){
			header("Location: selectdealer.php?".session_name()."=".session_id());
		}
		break;			
}	

return true;

}

function checkPass($login, $password) {

global $link;

$query="SELECT login, password FROM callers WHERE login='$login' and password='$password'";
$result=mysql_query($query, $link)
	or die("checkPass fatal error: ".mysql_error());

if(mysql_num_rows($result)==1) {
	$row=mysql_fetch_array($result);
	return $row;
}

return false;

}

function cleanMemberSession($login, $password) {

$_SESSION["login"]=$login;
$_SESSION["password"]=$password;
$_SESSION["loggedIn"]=true;

}

function flushMemberSession() {

unset($_SESSION["login"]);
unset($_SESSION["password"]);
unset($_SESSION["loggedIn"]);


session_destroy();

return true;

}

function doCSS() {

?>

function field_validator($field_descr, $field_data, $field_type, $min_length="", $max_length="", $field_required=1) {

global $messages;


if(!$field_data && !$field_required){ return; }


$field_ok=false;


$email_regexp="^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|";
$email_regexp.="(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$";


$data_types=array(
	"email"=>$email_regexp,
	"digit"=>"^[0-9]$",
	"number"=>"^[0-9]+$",
	"alpha"=>"^[a-zA-Z]+$",
	"alpha_space"=>"^[a-zA-Z ]+$",
	"alphanumeric"=>"^[a-zA-Z0-9]+$",
	"alphanumeric_space"=>"^[a-zA-Z0-9 ]+$",
	"string"=>""
);


if ($field_required && empty($field_data)) {
	$messages[] = "$field_descr is a required field.";
	return;
}


if ($field_type == "string") {
	$field_ok = true;
} else {

	$field_ok = ereg($data_types[$field_type], $field_data);		
}


if (!$field_ok) {
	$messages[] = "Please enter a valid $field_descr.";
	return;
}


if ($field_ok && $min_length) {
	if (strlen($field_data) < $min_length) {
		$messages[] = "$field_descr is invalid, it should be at least $min_length character(s).";
		return;
	}
}


if ($field_ok && $max_length) {
	if (strlen($field_data) > $max_length) {
		$messages[] = "$field_descr is invalid, it should be less than $max_length characters.";
		return;
	}
}

}
?>
[/code]
Like I had said before I cut copied and pasted this together from tutorials.

batman

Well...first of all it's kinda confusing. In the functions page you have this function:

function checkPass($login, $password) { 

global $link; 

$query="SELECT login, password FROM callers WHERE login='$login' and password='$password'"; 
$result=mysql_query($query, $link) 
or die("checkPass fatal error: ".mysql_error()); 

if(mysql_num_rows($result)==1) { 
$row=mysql_fetch_array($result); 
return $row; 
}

On the checking if the password and username match correctly or not, is when you need to set the sessions if the info is correct. But it would be a bit odd, because then below the check pass function, there is a function that clears all sessions. ?????

If you would like I attached you a zip with some pages that will make all this login stuff a lot easier for you. It consists of a database, register, login, and a checkuser page, which all three are easy to modify to your needs. I will change as much as I can to fit your needs myself, then you will have to change a little more. I'm asuming that you know some php correct?? Well...you will need to put some kind of way of getting the id to enter the db when someone registers. Basically everything should work (there might be some minor bugs) except for the id part, which you will need to set up.

Let me know if you decide to use my codes and I will help you modify them more if you would need help.

-Blake