Sessions Sign in problem

amar3d

Ok, i have a basic log-in form in which the user enters their e-mail address and password, then if valid are redirected to their account page, this works fine. when they log in i want it to say 'Welcome Joe Bloggs' yet all that seems to print out is 'Welcome 9 9'(9 is the persons customer_id)...below is my code, can anyone see what is wrong with it?...i think it may be a prob with the query but i am not 100% sure, thanks in advance,
-AD

<?php
session_start();
?>
<?php
$email = $POST['email'];
$password1 = $POST['password1'];
$db="test";
$link = mysql_connect("localhost");
if (! $link)
die("Couldn't connect to MySQL");
mysql_select_db($db , $link)
or die("Couldn't open $db: ".mysql_error());
$query = "SELECT * FROM members WHERE email='$email' AND password1='$password1'";
$result = mysql_query($query) or die('error making query');
$num = mysql_num_rows($result);
$first_name=mysql_result($result,"first_name");
$second_name=mysql_result($result,"second_name");
if($num == 1) {
$SESSION['email'] = $email;
$SESSION['customer_id'] = $customer_id;
print 'Welcome';
}else {
print 'Sorry Details not valid';
print 'Please try <a href="customerlogin.php>logging in again</a> ';
}?>
<html><body>
<? echo $SESSION['first_name']; ?><? echo $SESSION['second_name']; ?><br /></body></html>

paulnaj

Hi amar3d,

You're trying to echo $SESSION['first_name'] and $SESSION['second_name'], but you haven't assigned them values in this script.

Change $_SESSION['first_name'] to $first_name etc

Paul 🙂

amar3d

Hi Paul, thank u for the reply, i did what u said yet it still comes up as 'welcome 9 9', instead of 'welcome joe bloggs'...do u think its something wrong with my query?

paulnaj

Hi again,

Have a look at this 'tidied up' script and see if it makes sense. There were several 'issues' in your script and it's probably easier to show you this than try to explain everything.

If you don't understand anything, come back. Also, it might not do exactly what you want, but from your original it's hard to tell what your exact goal actually is.

Anyway ...

<?php 
session_start(); 

// Test everything ...
if(!isset($_POST['email']) || !isset($_POST['password1']){
	echo 'Must provide both email and password.<br>Please try <a href="customerlogin.php>logging in again</a>';
	exit;
}
// PUT IN YOUR CORRECT DETAILS HERE
$link = mysql_connect("localhost", "XXX", "XXX") 
	or die("Couldn't connect to MySQL"); 

$db = "test"; 
mysql_select_db($db) 
	or die("Couldn't open ".$db.": ".mysql_error()); 

$query = "
	SELECT * 
	FROM members 
	WHERE email='".$_POST['email']."' 
	AND password1='".$_POST['password1']."'
"; 
$result = mysql_query($query) or die('error making query'); 

// Check for exactly 1 result
if(mysql_num_rows($result) != 1){ 
	echo 'Sorry Details not valid.<br>Please try <a href="customerlogin.php>logging in again</a>';
	exit;
}

// If we've made it here, all's well
$_SESSION['email'] = $_POST['email']; 

// Get data ... don't use mysql_result()
// ASSUMING customer_id, first_name and second_name are db fields
$row = mysql_fetch_array($result);
$_SESSION['customer_id'] = $row['customer_id']; 
$_SESSION['first_name'] = $row['first_name'];
$_SESSION['second_name'] = $row['second_name'];
?> 
<html>
<body> 
<? 
echo $_SESSION['first_name'].' '.$_SESSION['second_name']; 
?>
</body>
</html>

Remember ... I can't easily debug typo's.

Hope that helps.

Paul 🙂

amar3d

Cheers paul thats great, fully understood, thank you,