Login Session

SoulAssassin · Nov 3, 2006

Ok, this thing is killing me. Somehow I have trouble understanding how to hold the Username in a session through out all pages. Please tell me what I'm doing wrong.

login.php :
<?
session_start();
include("config.php");
$msg = "";
if (isset($_POST['Submit']))
{

$broker_name = $POST['broker_name'];
$password = md5($POST[password]);

$result = mysql_query("Select * From login_table where broker_name='$broker_name'",$con);
if(mysql_num_rows($result)>0)
{
$row = mysql_fetch_array($result, MYSQL_BOTH);
f($password == $row["password"])
{
$SESSION['broker_name'] = "broker_name";
$SESSION['password'] = "password";

header("Location: index.php");

}
else
{
$msg = "Password incorrect";
}
}
else
{
$msg = "Username incorrect";
}
}
?>

index.php :

<?php
session_start();
if(!isset($_SESSION['broker_name'])){

echo "$broker_name";
}
?>

pete_bisby · Nov 3, 2006

So you're storing broker_name within $SESSION['broker_name'] in login.php, and then checking in index.php $SESSION['broker_name'] has been set.

You've got session_start() at the top of each page, which is correct. In index.php, though, you're echoing $broker_name .... shouldn't you be echoing $_SESSION['broker_name']?

If register_globals is off (which it should be anyway), PHP will not know the variable $broker_name, only $_SESSION['broker_name'].

Login Session

SSoulAssassin

Ppete_bisby