Help…I almost had this but I included the password field in my form now it is not working. What was happening before I had all the tested members added to the Welcome page at once. When I put in the password field it is not welcoming anyone so sessions is not operating.
// Get the user session id variable into a local php variable for easier use in scripting
$id = $_SESSION['id'];
// Now let's initialize vars to be printed to page in the HTML section so our script does not return errors
// they must be initialized in some server environments
$firstname = '';
$lastname = '';
$country = '';
$email = '';
//Formulate Query
//This is the best way to perform an SQL query
$query = "SELECT id, firstname FROM `Members` WHERE id='$id'";
$result = mysql_query($query);
//Check result
//This shows the actual query sent to MySQL and the error. Useful for debugging.
if(!$result){
$message = 'Invalid query:' . mysql_error() . "\
";
$message .= 'Whole query:' . $query;
die($message);
}
//Use result
//Attempting to print $result won't allow access to information in the resource
//One of the mysql result functions must be used
//See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
while($row=mysql_fetch_assoc($result)){
echo "Welcome, {$row[firstname]}";
}
//Free the resources associated with the result set
mysql_free_result($result);
At one point it when it was including everyone all at once it was able to view the private pages but the new update password takes me back to square one. It was showing a error message with SQL " after the WHERE clause where I had the id={$_SESSION[‘id’]} so I just tested to see how the codes id=‘$id’ would work and it does not have the echo Welcome, firstname.
<?php
session_start();
?>
<?php
ini_set ("display_errors", "1");
error_reporting(E_ALL);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Welcome</title>
</head>
<body>
<?php
/* Program: login.php
* Desc: Displays the new member welcome page. Greets
* member by name and gives a choice to enter
* restricted section or go back to main page.
*/
include('Connections/connect_to_mysql.php');
// Get the user session id variable into a local php variable for easier use in scripting
$id = $_SESSION['id'];
// Now let's initialize vars to be printed to page in the HTML section so our script does not return errors
// they must be initialized in some server environments
$firstname = '';
$lastname = '';
$country = '';
$email = '';
//Formulate Query
//This is the best way to perform an SQL query
$query = "SELECT id, firstname FROM `Members` WHERE id='$id'";
$result = mysql_query($query);
//Check result
//This shows the actual query sent to MySQL and the error. Useful for debugging.
if(!$result){
$message = 'Invalid query:' . mysql_error() . "\
";
$message .= 'Whole query:' . $query;
die($message);
}
//Use result
//Attempting to print $result won't allow access to information in the resource
//One of the mysql result functions must be used
//See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
while($row=mysql_fetch_assoc($result)){
echo "Welcome, {$row[firstname]}";
}
//Free the resources associated with the result set
mysql_free_result($result);
?>
<p>Your new Member accounts lets you enter the members only section
of our web site. You'll find special discounts, a profile of matches,
live advise from experts, and much more.</p>
<p>Your new Member ID and password were emailed to you. Store them
carefully for future use.</p>
<div style="text-align: center">
<p style="margin-top: .5in; font-weight: bold">
Glad you could join us!</p>
<form action="profile.php" method="post">
<input type="submit"
value="Enter the Members Only Section">
</form>
<form action="index.php" method="post">
<input type="submit" value="Go to Main Page">
</form>
</div>
</body>
</html>
Hopefully there isnt actually a blank line before your <?php at the top, or session_start will fail…
In your query, Unless your id field is a string type (VARCHAR), you shouldnt have quotes around it. Numerical field types (INT, etc) dont have quotes around them.
I… still dont see anything about a password in there, or anywhere where you’re writing to the session variable…
I agree with StarLion, im a little lost as to the problem your trying to solve with the code you supplied. With that said i went and cleaned up your code as i saw room for improvement.
<?php
session_start();
ini_set('display_errors', '1');
error_reporting(E_ALL);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Welcome</title>
</head>
<body>
<?php
/**
* Program : login.php
* Desc : Displays the new member welcome page. Greets
* member by name and gives a choice to enter
* restricted section or go back to main page.
*/
// Check if the user has a current session, if they don't show the
// login form required to gain access
if (isset($_SESSION['id'])) {
include('Connections/connect_to_mysql.php');
// Set the users session ID
$id = $_SESSION['id'];
// Now let's initialize vars to be printed to page in the HTML
// section so our script does not return errors they must be
// initialized in some server environments
$firstname = '';
$lastname = ''; // <<<<<<<<<<<<<<<<
$country = ''; // Are these really needed??
$email = ''; // >>>>>>>>>>>>>>>>
// Build the MySQL query
$query = "SELECT id, firstname FROM `Members` WHERE id = $id";
// Run the query and kill the page upon any MySQL errors
if (!$result = mysql_query($query)) {
$message = 'Invalid query: ' . mysql_error() . "\
";
$message .= 'MySQL query: ' . $query;
die($message);
}
// Check to make sure that a user was found otherwise remove the
// the session and reload the page
if (mysql_num_rows($result)) {
$row = mysql_fetch_row($result);
mysql_free_result($result);
echo 'Welcome, ' . $row['firstname'];
} else {
unset($_SESSION['id']);
header('Location: ' . $_SERVER['PHP_SELF']);
}
} else {
?>
<p>
Your new Member accounts lets you enter the members only section of our web site. You'll find special discounts, a profile of matches, live advise from experts, and much more.
</p>
<p>
Your new Member ID and password were emailed to you. Store them carefully for future use.
</p>
<div style="text-align: center">
<p style="margin-top: .5in; font-weight: bold">Glad you could join us!</p>
<form action="profile.php" method="post">
<input type="submit" value="Enter the Members Only Section" />
</form>
<input type="button" value="Go to Main Page" />
</div>
<?php
}
?>
</body>
</html>
so… you’re setting $_SESSION[‘’] to “id” … o…kay…I do not understand this logic at all. Please elaborate.
Anyway, so now you’ve got $_SESSION[‘’] set to “id”. When you get back to your page,
$id = $_SESSION[‘id’];
$_SESSION[‘id’] doesnt exist. Because you didnt set that. You set $_SESSION[‘’].
Think maybe in your form code you meant to do $_SESSION[‘id’] = $id; ?
I have the id, pw, firstname,lastname, country. Just the basic till I get the form right. that SQL is just there when I click on the SQL button in my members table. Does that code that is there hinder my own coding with PHP for the form and welcome page.
You’re missing the third arm of the triangle - you’ve got the page set up to read session data, you’ve got the form to insert data into the table… but where’s the login to read the table and fill in the session?
