Hi - I wonder if someone could point out where I am going wrong please?
I want to create a set of session variables which are defined by the fields. These fields come from a record which matches username and password pair input by the user. The code to validate the username/password match is working. But any other variables I try to define don't appear to be working.
I have stripped down the code somewhat to see if I can simplify the problem, so all I have now is a $full_name variable which I am not even trying to put into $HTTP_SESSION_VARS - yet I am still not getting any joy.
Here's the code:
<?php
session_start();
//validates data from the log in form
if (isset($HTTP_POST_VARS['username']) && isset($HTTP_POST_VARS['password']))
{
//create short variable names
$username = $HTTP_POST_VARS['username'];
$password = $HTTP_POST_VARS['password'];
//check database for username and password match
$result = mysql_query("select * from user where username='$username' and
password=password('$password')");
$full_name = mysql_query("select full_name from user where username='$username'");
if (!$result)
echo 'No result';
if (mysql_num_rows($result)>0)
{
echo 'Login Successful. <br />';
$HTTP_SESSION_VARS['valid_user']=$username;
echo ' You are logged in as: '.$HTTP_SESSION_VARS['valid_user'].' <br />';
echo 'Your full name is: ';
echo "$full_name";
echo ' <br />';
}
else
echo 'Username or password not correct. Please try again.';
}
else
echo 'You must log in first before viewing this page. Please go back and log
in.';
?>
[END OF CODE]
The output I am getting is:
Login Successful.
You are logged in as: John
Your full name is: Resource id #5
[END OF OUTPUT]
Resource id #5 should be a text string containing the user's full name.
Any ideas why it isn't?
Thanks in advance for your help.
R
