session variables-help

juice

well i have login.php file and success.php file. I am registering a number of session variables in the login.php file, however they dont show in the success.php file. well actually the username does show up alrite but cannot get the members first name to show. the following is code i have for login.php and success.php

//login.php
?
session_start();
header("Cache-control: private"); //IE 6 fix*/

$username=$HTTP_POST_VARS["username"];
$password=$HTTP_POST_VARS["password"];
include "db_connection.php";
$connect = db_connect();
if ($connect)
{
$query = "select * from member where username='$username' and password = password('$password')";

//$result sets up theconnection query
$result = mysql_query($query,$connect);

$temp = mysql_fetch_array($result);


if(mysql_num_rows($result))
{
session_register("username");
$_SESSION['username'] = $username;
session_register("fname");
$_SESSION['fname'] = $fname;
session_register("lname");
$_SESSION['lname'] = $lname;

include "success.php"; 
}

//success.php

success.php

<?php
session_start();
?>
<html>
<head>
<td height="32"> </td>
<td valign="top"><div align="center"><span class="style4">Welcome <? print $_SESSION['username'] ?></span></div></td>

It works for the username but it doesnt if i put in say first name-(print $_SESSION['fname']
I cannot go any further till figure out this because i want to be able to pass in the variables so a member can edit his/her details
help would be greatly appreciated

devinemke

you don't want/need session_register(), use of that fucntion is depreciated.

if(mysql_num_rows($result))
{
	$_SESSION['username'] = $_POST['username'];
	$_SESSION['fname'] = $_POST['fname'];
	$_SESSION['lname'] = $_POST['lname'];

include('success.php'); 
}

juice

it still didnt show the members firstname. it still is just taking in the username. nothing appears when i do the print $_SESSION['fname']

devinemke

after re-reading your first post i take it that fname and lname are coming from the db rather than the form.

if(mysql_num_rows($result)) 
{ 
    $row = mysql_fetch_assoc($result);

$_SESSION['username'] = $row['username']; 
$_SESSION['fname'] = $row['fname']; 
$_SESSION['lname'] = $row['lname']; 

include('success.php');  
}

juice

yes taking fname and lname from database and username from form. they were taken in in the register.php file from a form.

It still didnt work. When i changed round the code to have the following:

if(mysql_num_rows($result))
{
$row = mysql_fetch_assoc($result);

$_SESSION['username'] = $row['username'];
$_SESSION['fname'] = $row['fname'];

I got the following fault, while still not puting out either value of username or fname:

Warning: Unknown(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

But if i left username with the following line, it worked but still didint take in the firstname:

if(mysql_num_rows($result))
{
$row = mysql_fetch_assoc($result);
$SESSION['username'] = $username;
$SESSION['fname'] = $row['fname'];

juice

i got the name to show by seeting the session variable on the register page, but if i logout or close down system and start it doesnt remmber the fname. it only remembers the username. any ideas?

rehfeld

sessions are really meant to exist only for a short period of time.

you could modify the sessions behavior to make the data persist even if the browser is closed, but unless you just want it to last maybe a day or so, its not a good idea to use sessions for that.

the default session cookie has a value of 0 for the expiration, which the browser interprets as"hold onto this cookie until the browser is closed"

if you want to change that value, you can use ini_set() to change various session related settings before you call session_start()


ini_set('session.cookie_lifetime', 86400); // 1 day
ini_set('session.gc_maxlifetime', 86400);

you also need to increase the gc_maxlifetime as well otherwise the session file may be cleaned up as garbage too soon

if you start making sessions last weeks or months/years, you will end up with a ton of session files, which to say it shortly, is bad for a few reasons. use a database if you want thier data to exist for long periods of time.

for simple login purposes, you could just set a seperate username and password cookie with a long expiration and forgo using sessions for that.

juice

anyhow thanks for the reply i got it to work eventually last nite. now i have the ever so hard problem of trying to get ssl working. dont know where to start