I am trying to use an authentication script to verify username and password, and then store other fields from the record set in a session variable. If the authentication is successful, the page redirects to main.php.
The page is redirecting, but the session variable doesn't seem to be passing.
Here is the code.
<?php
header('Location: main.php');
session_start();
//Connect to DB
$username = "xxxxxxx";
$password = "xxxxxxxx";
$hostname = "xxxxxxxxxxx";
$dbh = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
if (!$dbh)
{
die('Could not connect: ' . mysql_error());
}
// Verify username and ppassword are entered, then convert them to variables
if (isset($_POST['username']) && isset($_POST['password']))
$userId = $_POST['username'];
$password = $_POST['password'];
// check if the user id and password combination exist in database
mysql_query("USE Tpowell04");
$sql = "SELECT *
FROM `6944`
WHERE username = '$userId'
AND password = '$password'";
mysql_query($sql)
or die('Query failed. ' . mysql_error());
//Return Results, place array in session variable
$result = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_assoc($result) or die(mysql_error());
$_SESSION['user'] = $row;
header('Location: main.php');
// Redirect to main page
header('Location: main.php');
exit;
?>
Then, I'm trying to use this simple script to verify that the variable has been transfered to the redirect page.
<?php
$userid = $_SESSION['user']['user_id'];
echo Welcome, "$userid"; ?>
