can't get username

Ali_baba

Hello,

This script is for login procedure, and it is working till the varification. However, I am unable to get the username that I can pass to the other script. Where I am doing wrong?

require ('application.php');
$result = mysql_query("SELECT COUNT(*) FROM users WHERE username='$username' AND password='$result_password'"); 
// COUNT because you don't need the actual data in the row, just whether there 
// is a row there or not. 
$result_count = mysql_result($result,0,0); 
if($result_count>0) // A successful match against a database record. 
{ 
$SESSION["user"] = $username;
$SESSION["ip"] = $REMOTE_ADDR;
$SESSION["time"] = time();
?>
    <br> 
    <table border=\"0\" align =\"center\"> 
    <tbody> 
    <tr> 
    <td>You are authorized.</td> 
    </tr> 
    <tr> 
    <td> 

<form action="users/" method="post" name="form" />
<input type="hidden" value='<?$username?>' >  
<script language="JavaScript"></script> 
</td></tr></tbody></table>   
<?
} 
else 
.....

thorpe

where do you call [man]session_start/man?, also, where is $username defined?

and the session array looks like $_SESSION, not $SESSION

Ali_baba

Thanks for your reply

Here is the login script

.....
<table border="0" cellspacing="0" cellpadding="0" align="center">
<tbody>
<tr>
<td align="right" valign="top" bgcolor="#FFFFFF">
  <table align="center">
  <tbody>
    <tr><td>&nbsp;&nbsp;</td></tr>
    <tr>
    <td><img src="images/medical.jpg" alt="" width="104" height="110" /></td>
    </tr>
  </tbody>
  </table>
</td>
<td>
<fieldset>
<form name="entryform" method="post" action="authorize.php">
<div class="fond">
  <table align="center">
  <tbody>
    <tr><td>&nbsp;&nbsp;</td></tr>
    <tr>
    <td>Username:</td>
    <td><input type="text" name="username" maxlength="10" /></td>
    </tr>
    <tr>
    <td>Password:</td>
    <td><input type="password" name="password" maxlength="10" /></td>
    </tr>
    <tr><td>&nbsp;&nbsp;</td></tr>
    <tr>
    <td><input type="hidden" name="verify_authorize" value="ok" /></td><td align="right"><input type="submit" value="Login" /></td>
    </tr>
    <tr><td>&nbsp;&nbsp;</td></tr>  

  </tbody>
  </table>
...

And here is the authorization script.

<?php
if ($_POST['verify_authorize']=="ok") {
session_start();
session_register("SESSION");
?>
<!DOCTYPE html 
     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>DE-PLAN</title>
<style type="text/css">
.fond { font-family: Arial}
.fondsmall { font-family: Arial; font-size: 8pt; font-weight: bold; }
.warning { font-family: Arial, sans-serif; font-size: 12pt; font-weight: bold; color: #ff0000; }
</style>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
</head>
<body>
<br /><br />
<br /><br />
<br /><br />
<br /><br />
<br /><br />
<?
require ('application.php');
$result = mysql_query("SELECT COUNT(*) FROM users WHERE username='$username' AND password='$result_password'"); 
// COUNT because you don't need the actual data in the row, just whether there 
// is a row there or not. 
$result_count = mysql_result($result,0,0); 
if($result_count>0) // A successful match against a database record. 
{ 
$SESSION["user"] = $username;
$SESSION["ip"] = $REMOTE_ADDR;
$SESSION["time"] = time();
?>
    <br> 
    <table border=\"0\" align =\"center\"> 
    <tbody> 
    <tr> 
    <td>You are authorized.</td> 
    </tr> 
    <tr> 
    <td> 

<form action="users/" method="post" name="form" />
<input type="hidden" value='<?$username?>' >  
<script language="JavaScript"></script> 
</td></tr></tbody></table>   
<?
} 
else 

....

I am trying to make session based on username, IP and the current time.

msk_1980

why are you closing the form?

Ali_baba

msk_1980 wrote:
why are you closing the form?

<form action="users/" method="post" name="form" />

To send the username to users/index.php so that I will do insert, delete, update and so on procedures in the database according to the logged in user.

msk_1980

you are using session_register("SESSION");

where does the session variable come from and as thorpe pointed out isnt $SESSION be $_SESSION.

you are closing the form and using an input tag under that, is it allowed?

sorry if i am wrong. i am new to php and still learning by helping.

Ali_baba

yes I am using $SESSION variable instead of normal $SESSION. I have checked the output of $SESSION on another script and it is working like $SESSION. I don't know what is the difference between two. Perhaps $_SESSION is already a decleared session variable?

Yes, I made a mistake in the form. It should be like <form>.....</form> not <form />
The problem is solved. I did

<? echo "<input type=\"hidden\" value=\"$username\">"; ?>