how to use my SESSION values

tamayo

Hi, I coded a php login form, after the user type the correct information I assigned in the SESSION values the name of the user and a value calls: auth, here is the code:

<?php
include("vars.inc");
$xusuario=$POST['txtnomusuario'];
/$xclave=md5($POST['txtpassword']);/
$xclave=$_POST['txtpassword'];
$conn=mysqli_connect($host, $user, $password) or die("No se pudo establecer comunicacion");
$db=mysqli_select_db($conn, $basedatos) or die("Error en la base de datos");

$sql="SELECT nomusuario FROM $tabla WHERE nomusuario='$xusuario' AND password='$xclave'";

$resultado=mysqli_query($conn, $sql) or die(mysqli_error($conn));
$filas=mysqli_num_rows($resultado);
if($filas == 1)
{
session_start();
$SESSION[ 'auth' ]="yes";
$SESSION[ 'logname' ]=$xusuario;

header('Location: main.php');

}

else
{
header('Location: nologin.php');
}
?>

So, MY QUESTIONS ARE:
1. in the next page -called main.php- i can't display the SESSION('logname'), and I don't know why, here is the code:

<html>
<head>
<title>MENU PRINCIPAL</title>
</head>

<body><p align='right'>Ud. esta logeado como: <?php $_SESSION[ 'logname' ] ?> </p>
<p align='center'>MENU PRINCIPAL DEL SISTEMA</p>

I also have a verification routine that if a user want to access to any page without been authenticated the user can't do that, but also doesn't work because I can't access to the SESSION variable, here is the code:

<?php
if ($_SESSION['auth'] !="yes")
{
header("Location: nologin.php");
exit();
}
?>

So, my main problem is that the values of the SESSION seems that doesn't work. So, please I need your advices, thanks a lot

stolzyboy

To use session variables, you need to call session_start(); on every page you wish to use them.

FYI, call your include files .php, not .inc unless your webserver parses your .inc as .php pages. This way, people could get to your .inc file and see your code.

And for future posting, please use the boards PHP BBCode around your code you post for readibility.

Thanks,
stolzyboy