Hi there,
I have a problem with my code, Information that should be hidden when not logged in is showing to all users.
This is my head code:
<?
include "options.php";
// Fixes session ID and validation problems
ini_set("arg_separator.output", "&");
ini_set("url_rewriter.tags", "a=href,area=href,frame=src,input=src");
// End fix for session ID and validation problems
session_start();
$db=mysql_connect($db_host,$db_user,$db_pass);
mysql_select_db($db_name);
$cities = array();
$result=mysql_query("SELECT city FROM jobs;");
$j=0;
$k=0;
while ($row=mysql_fetch_array($result)) {
$flag_city=false;
for ($i=0;$i<sizeof($cities);$i++)
if ($cities[$i]==$row['city'])
$flag_city=true;
if (!$flag_city)
$cities[$j++]=$row['city'];
}
if ((isset ($_POST['city']))&&($_POST['city']!="-- choose city --")) {
$categories = array();
$result = mysql_query("SELECT business_category FROM jobs WHERE city = '$_POST[city]';");
while ($row=mysql_fetch_array($result)) {
$flag_prof=false;
for ($i=0;$i<sizeof($categories);$i++)
if ($categories[$i]==$row['business_category'])
$flag_prof=true;
if (!$flag_prof)
$categories[$k++]=$row['business_category'];
}
$result = mysql_query("SELECT business_sub_cat FROM jobs WHERE city = '$_POST[city]' AND business_category = '$_POST[business_category]';");
$l=0;
while ($row=mysql_fetch_array($result)) {
$flag_proft=false;
for ($i=0;$i<sizeof($cats);$i++)
if ($cats[$i]==$row['business_sub_cat'])
$flag_proft=true;
if (!$flag_proft)
if ($row['business_sub_cat']!="")
$cats[$l++]=$row['business_sub_cat'];
}
}
?>
and this is my body code with the code that should not be seen if not logged in:
<?
if ($_SESSION['loggedIn'])
print "<p>Welcome back $row[user]</p>";
print "<p><a href=\"login.php?reason=logOut\">Log Out</a><br /><a href=\"add.php\">Add a new company</a></p>";
?>
Can anyone spot a glaring mistake I sure I have missed?
Many thanks
