registering sessions

darkvirus

Im trying to register a userID from a database so i can then use it to get the user information on other pages

<?php
$time = time();
session_start();
if(!isset($_SESSION['logged_in'])){
if ((!isset ($usernick) ) || ($usernick == 'Anonymous')){
$username = "Guest";
$login_info = "<form action='$PHP_SELF' method='post' STYLE='margin-bottom: 0px' STYLE='margin-top: 0px'>
<span class='smalltext'>Username:</span><br>
<input name='usernick' type='text' value='Anonymous' size='15'><br>
<span class='smalltext'>Password:</span><br>
<input type='password'  name='password' size='15'><br>
<input type='checkbox' value='1' name='rememberme'><span class='smalltext'>Remember me</span><br>
<input type='submit' value='Login'></form>

<a href=#><span class='smalltext'>Forgot Password</span></a><br>
<a href=#><span class='smalltext'>Create Account</span></a>";

} else {
$result = mysql_query("SELECT userID, username, password FROM users WHERE username='$usernick'") or die ("Invalid query");
if (mysql_num_rows($result) == 0){

$login_info = "Error: Incorrect username or password<br>
<a href='$PHP_SELF'>Try again</a>";
} else {
$select = mysql_fetch_array($result);
if (md5($password) != $select['password']) {
$login_info = "Error: Incorrect username or password <br>
<a href='$PHP_SELF'>Try again</a>";
} else {
$_SESSION['logged_in'] = "$userID";

$username = "$usernick";
$login_info = "Done";
}}}} else {
$login_info = "Logged in";
print_r($_SESSION);
$result = mysql_query("SELECT * FROM users WHERE userID='$_SESSION[logged_in]'") or die ("Invalid query");
$num_rows = mysql_num_rows( $result );
echo $num_rows;
while ( $a_row = mysql_fetch_array( $result ))
{
$username = $a_row['username'];
}}
?>

the result of print_r($_SESSION); gives

Array ( [logged_in] => )

and it also finds no rows in the database

paulnaj

Replace ...

session_start();

... with ...

session_register("logged_in");

You need to tell the server which session variables are 'relevant' to this page ... using the session_register() function. Note that this function automatically calls session_start(), so you don't NEED to put that line in (doesn't matter if you leave it in).

darkvirus

that didnt seem to change anything :/

paulnaj

Are sessions working apart from this?

darkvirus

yeah, sessions are seems to be working fine. I just cant get the info out of the users table

paulnaj

If the problem is not session-related, then here are some possibilities:

1) Use $SERVER["PHP_SELF"] instead of $PHP_SELF. The latter is deprecated, anyway.
2) Use the $POST and $GET arrays ... eg use $POST["usernick"] (or $_GET["usernick"]) rather than $usernick
3) Don't use variables inline strings because they are error-prone, so ...

$name = "Fred";
echo "Hello ".$name.", how are you!";

//... is better than ...

$name = "Fred";
echo "Hello $name, how are you!";

// In fact, I think this may be your problem. You've got ...

$result = mysql_query("SELECT * FROM users WHERE userID='$_SESSION[logged_in]'") or die ("Invalid query"); 

// Try ...

$result = mysql_query("SELECT * FROM users WHERE userID='".$_SESSION["logged_in"]."'") or die ("Invalid query");

darkvirus

It still doesnt seem to be pulling the details out of the database, its saying its pulling out 0 rows

print_r($_SESSION);
is displaying
Array ( [logged_in] => )

and sessions must be working because when i change pages its not showing the login form, its showing the the last bit of code

$login_info = "Logged in";
print_r($_SESSION);
echo "test";
$result = mysql_query("SELECT * FROM users WHERE userID='".$_SESSION["logged_in"]."'") or die ("Invalid query");
$num_rows = mysql_num_rows( $result );
echo $num_rows;
while ( $a_row = mysql_fetch_array( $result ))
{
$username = $a_row['username'];

paulnaj

The only thing I can say is to make sure the line ...

session_register("logged_in");

... is there, along with the later changes.

Apart from that, I'm stumped!

darkvirus

yeah, all that is done