Hi all,
I am trying to use sessions to authenticate users for my site. I have bits of code below these are the functions for logging in. The login completes successfully and if i echo the $session variables straight after logging in they are set. I am having a problem however as when trying to confirm if someone is logged in on another page constantly see that they are not. when i try and echo the $session variables on this page i get an Undefined index error for each of them. Can anyone understand why this might be happening?
function member_login($username, $password)
{
// Try and get the salt from the database using the username
$query = "SELECT salt FROM members WHERE username='$username' limit 1"; //changed user to member removed limit 1
$result = mysql_query($query);
$member = mysql_fetch_array($result); //changed user to member
// Using the salt, encrypt the given password to see if it
// matches the one in the database
$encrypted_pass = md5(md5($password).$member['salt']);
// Try and get the user using the username & encrypted pass
$query = "select memid, username from members where username='$username' and pass='$encrypted_pass'";
$result = mysql_query($query);
$member = mysql_fetch_array($result);
$numrows = mysql_num_rows($result);
// Now encrypt the data to be stored in the session
$encrypted_id = md5($member['memid']);
$encrypted_name = md5($member['username']);
// Store the data in the session
$_SESSION['userid'] = $member['memid'];
$_SESSION['username'] = $username;
$_SESSION['encrypted_id'] = $encrypted_id;
$_SESSION['encrypted_name'] = $encrypted_name;
if ($numrows == 1)
{
return 'Correct';
}
else
{
return false;
}
}
function is_authed()
{
// Check if the encrypted username is the same
// as the unencrypted one, if it is, it hasn't been changed
if (isset($_SESSION['username']) && (md5($_SESSION['username']) == $_SESSION['encrypted_name']))
{
return true;
}
else
{
return false;
}
}
