Baffled?!?

djdaz

Been staring at this for 3 days trying to figure out why the session variable for level isnt been set. Its baffled me. I also think all the coding is messed up, can anyone ere see anything wrong?

<?php
//session
session_start(); 

//load the variables

//mysql

$conn = mysql_connect("localhost", "djdaz", "********");
mysql_select_db (djdaz);
$dbq = mysql_query("SELECT * FROM staff_users WHERE username='$username'");

$results = mysql_fetch_array($dbq);
$dbpass = $result['password'];	
$level = $result['level'];

mysql_close($conn);


if (!isset($_SESSION['logged_in'])) { 
?>
<html>
<head>
<title>Staff Login - GeneralsOracle</title>
<?php include($_SERVER["DOCUMENT_ROOT"].'/'.'nav.shtml');?>
<br>
Please enter your details below to access the site administration.
<br>
<form action="index.php" method="post">
<center>
<table border="0" cellspacing="0" cellpadding="2">
	<tr>
		<td><b>Username:</b></td>
		<td align="center"><b><input type="text" name="username" size="30"></td>
	</tr>
	<tr>
		<td><b>Password:</b></td>
		<td align="center"><input type="password" name="password" size="30"></td>
	</tr>
	<tr align="center">
		<td><input type="submit" value="Submit"><input type="reset" value="Reset"></td>
	</tr>
</table>
</center>
</form>
<?php include($_SERVER["DOCUMENT_ROOT"].'/'.'footer.shtml');

	$password = md5($password);

	if ($password == $dbpass){
	$_SESSION['username'] = $username;
	$_SESSION['level'] = $level;
	$_SESSION['logged_in'] = TRUE;

	header("Location: index.php");
	}else{
	?>
		<html>
		<head>
		<title>Staff Login - GeneralsOracle</title>
		<?php include($_SERVER["DOCUMENT_ROOT"].'/'.'nav.shtml');?>
		<br>
		That username/password is incorrect, please try again.
		<?php include($_SERVER["DOCUMENT_ROOT"].'/'.'footer.shtml');
	}
}else{
?>
<html>
<head>
<title>Admin home - GeneralsOracle</title>
<?php include($_SERVER["DOCUMENT_ROOT"].'/'.'nav.shtml');?>
<br>
<center>
<a href="index.php">Home</a>|<a href="addnews.php">Add News</a>|<a href="editprofile.php">Profile</a>|<a href="logout.php">Logout</a>
</center>
<br>
Welcome, <?php echo $_SESSION['username'];?>.<br>
News will be posted here when completly finished.
<?php include($_SERVER["DOCUMENT_ROOT"].'/'.'footer.shtml');
}
?>

Thanks in advance.

dankstick

Could it be you are replacing the value of $level at the beginning of your code?


$results = mysql_fetch_array($dbq);
$dbpass = $result['password'];    

//the line below
$level = $result['level'];

Change that to...

$level_found = $result['level'];

and futher down in your code...

$_SESSION['level'] = $level_found;

Hafkas

the name of the fetched array is $results not $result

$results = mysql_fetch_array($dbq); 
$dbpass = $result['password'];     

$level = $result['level'];

should read

$results = mysql_fetch_array($dbq); 
$dbpass = $results['password'];     

$level = $results['level'];

should it not?