sessions

alex57

Hey,

I am trying to create a simple login system using sessions but the sessions are not working for me. I have a login form where the session is intialised and then another page saying "congratulations on the login" and the SID number of the session displayed; however this number does not appear and there are no error messages. Thanks

LOGIN PAGE

<?php

mysql_connect("localhost", "root", "dinosaur") or die(mysql_error());

mysql_select_db("info") or die(mysql_error());

$username = $POST['username'];
$password = $POST['password'];

$result = mysql_query("SELECT * FROM users WHERE username = '$username' && password='$password'");

$row = mysql_fetch_array($result);//the result

if(($row['username'] == $username) && ($row['password'] == $password) && (mysql_numrows($result) == 1))//check username and password
{
session_start();
$_SESSION['username'] = $username;
?>
<script language="JavaScript" type="text/javascript">
window.location.replace("home.php");
</script>
<?php
}
elseif (mysql_numrows($result) == 0) {
echo "incorrect login, please retry in 2 seconds ...";
?>
<meta http-equiv="refresh" content="2; URL=login.php">
<?php
}

THE FOLLOWING PAGE

<?php

echo "hey, you are logged in " . $_SESSION['username'] ." !!!";

echo "your session ID is : " . session_id();

thepeccavi

don't forget that you have to initialise sessions on every page that uses them:

THE FOLLOWING PAGE

session_start();
echo "Hey! You are logged in as $_SESSION['username']!!!<br />";

echo "Your session ID is session_id()";

That should work (although I rarely use session_id())

Hope that helps