session variables

Prellyan

Hey there,

I have extended the DMX login sql query to include a 4th table field in the hope of being able to return an additional $variable from the LoginRS protocol.

This didnt seem to work in establishing or reading the returned data succesfully into the new session variable.

Anyone know why?

dalecosp

Probably someone does know why. You are the most likely candidate.

If you show some code, somebody else might be able to figure it out too. 😉

It is even possible that, in the act of selecting which code to show us, you'll discover the issue for certain by yourself.... 🙂

Prellyan

dalecosp,

i have sent you a msg with further details and would appreciate your help.

Thanks

Prellyan

mysql_select_db($database_mydatabase, $mydatabase);

$LoginRS__query=sprintf("SELECT username, userpassword, useraccess, userid FROM memberprimarydata WHERE username='%s' AND userpassword='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

$LoginRS = mysql_query($LoginRS__query, $mydatabase) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {

$loginStrGroup  = mysql_result($LoginRS,0,'useraccess');
$chablysid = mysql_result($LoginRS,0,'userid');


$GLOBALS['MM_Username'] = $loginUsername;
$GLOBALS['MM_UserGroup'] = $loginStrGroup;	      
$GLOBALS['MM_Userid'] = $userid;

session_register("MM_Username");
session_register("MM_UserGroup");
session_register("MM_Userid");

if (isset($_SESSION['PrevUrl']) && false) {
  $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
}
header("Location: " . $MM_redirectLoginSuccess );

}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}

there you go any thoughts?

Azala

Take a look at:

$chablysid = mysql_result($LoginRS,0,'userid');

and

$GLOBALS['MM_Userid'] = $userid;

shouldn't it be:

$GLOBALS['MM_Userid'] = $chablysid;

halojoy

halojoy here

here are those
$GET
$POST
$COOKIE
$SERVER
$ENV
$REQUEST
$_SESSION
and so on - very useful variables, indeed!

but notice diffence:
$GLOBALS
has no _

$_GET
for example

toplay

If you have PHP version 4.1.0 or higher then just use $SESSION. You're mixing session_register() and $SESSION and you should not. Use one or the other but not both. Read the caution boxes at this manual page:
http://us3.php.net/manual/en/function.session-register.php

session_register() is designed to allow use of your own variable names so it requires register_globals to be on (which is a security risk). Just use $_SESSION instead.

This condition will never be true:
if (isset($_SESSION['PrevUrl']) && false) {

Please note that the header() with location command does not redirect right there and then when it's executed. It actually redirects when your script ends or an exit is reached. So, to ensure no logic flow problems in your script, you should have an exit right after every header() with location to force redirection to occur immediately.

Azala

$GLOBALS is correctly written.

halojoy

it should really be
$GLOBALS

Yeah, you are right
See PHP Manual on GLOBALS and predefined variables:

http://php.net/manual/en/language.variables.predefined.php

okay, now I know
thanks!

🙂

Prellyan

thanks

so i need to change

session_register("MM_Username");
session_register("MM_UserGroup");
session_register("MM_Userid");

$SESSION("MM_Username");
$SESSION("MM_UserGroup");
$_SESSION("MM_Userid");

Drakla

No, square brackets - $_SESSION is an array, so all array functions and behaviours apply to it

$something = $_SESSION['MM_Userid'];  // takes value from session

$_SESSION['MM_UserGroup'] = 'whatever';   // set a session value