Hi there,
This is prob a simple question but...
I have a login script:
<?php
ob_start();
$host="localhost";
$username="user";
$password="password";
$db_name="training";
$tbl_name="trainee_details";
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$myusername=$POST['myusername'];
$mypassword=$POST['mypassword'];
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
// Register $myusername, $mypassword and redirect to file "trainee_login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:eval.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
<?php
if(mysql_num_rows($result)>0) {
//Login Successful
//Regenerate session ID to
//prevent session fixation attacks
session_regenerate_id();
$username=mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID']=$username['username'];
//Write session to disc
session_write_close();
header("location: eval.php");
exit();
}
?>
</body>
</html>
At the bottom I have attempted to store the username which is entered in a session but when I log in the details in the following query do not work:
<?php
$con = mysql_connect("localhost","root","joanne");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("training", $con);
$query= "select * from trainee_details where username= '$username'";
$result=mysql_query($query);
echo mysql_error();
while($row=mysql_fetch_array($result)){
echo "<tr>";
echo "<td>".$row['forename']."</td>";
echo "<td>".$row['surname']."</td>";
echo "</tr>";
}
?>
Please help me 🙂
