Session and id does not continue HELP!

so I will need to have the login page done I actually had the form to go to the welcome members first then to the main private pages. I just updated a few things now I get it welcoming all my tested members in my db. Here is the updated login/welcome page. I cant wait to get to the stage in the programming you are at then I can have that knowledge being new is fresh…

It is welcoming them all at the same time image that one point I get no welcome now it is welcoming them at the same time…


<?php
session_start();
ini_set ("display_errors", "1");
error_reporting(E_ALL);
?>		
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Welcome</title>
</head>

<body>
<?php
/* Program: login.php
 * Desc:	Displays the new member welcome page. Greets
 *			member by name and gives a choice to enter
 *			restricted section or go back to main page.
 */ 
if (isset($_SESSION['id'])) {    
include('Connections/connect_to_mysql.php');        
// Set the users session ID
    $id=$_SESSION['id'];

// Now let's initialize vars to be printed to page in the HTML section so our script does not return errors 
// they must be initialized in some server environments

$firstname = '';
$lastname = '';
$country = '';
$email = '';

//Formulate Query
//This is the best way to perform an SQL query
$query = "SELECT id, firstname FROM `Members` WHERE id={$_SESSION['id']}";
$result = mysql_query($query);

//Check result
//This shows the actual query sent to MySQL and the error. Useful for debugging.

if(!$result){
	$message = 'Invalid query:' . mysql_error() . "\
";
	$message .= 'Whole query:' . $query;
	die($message);
}
//Use result
//Attempting to print $result won't allow access to information in the resource
//One of the mysql result functions must be used
//See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
while($row=mysql_fetch_assoc($result)){
	  echo "Welcome, {$row['firstname']}";
}
}
		   mysql_free_result($result);
?>
<p>Your new Member accounts lets you enter the members only section
of our web site. You'll find special discounts, a profile of matches,
live advise from experts, and much more.</p>
<p>Your new Member ID and password were emailed to you. Store them
carefully for future use.</p>
<div style="text-align: center">
<p style="margin-top: .5in; font-weight: bold">
Glad you could join us!</p>
<form action="profile.php" method="post">
	<input type="submit"
		value="Enter the Members Only Section">
		</form>
<form action="index.php" method="post">
	<input type="submit" value="Go to Main Page">
	</form>		
		</div>
</body>
</html>


Well think about it this way. How does your system know what user is showing up? Session data gets purged after 15 minutes of inactivity.

So user X shows up an hour after they last used your site. The system has no idea who this person is. What should they do? Sign up again?

So yes. A login page is a good thing.Username and password, email and password, whatever.
Your login page checks the table to see if someone with that email and password exists; if so, it sets the session variable to hold their ID. THEN when they get to the welcome page, your Welcome Page now knows which user this is, and can get their information correctly.

Alright I do have a login username form so what I am going to try is add it to the welcome page oh my goodness if this works I am going to dance for three days. give me a minute to confuse myself while I add it to the welcome page. :slight_smile:

This is the code I had borrowed and the error message I now get. I think I am on the right track.

Notice: Undefined index: email in /home/ebermy5/public_html/login.php on line 20

Warning: mysql_query() [function.mysql-query]: Access denied for user ‘ebermy5’@‘localhost’ (using password: NO) in /home/ebermy5/public_html/login.php on line 101

Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/ebermy5/public_html/login.php on line 101
Invalid query:Access denied for user ‘ebermy5’@‘localhost’ (using password: NO) Whole query:SELECT id, firstname FROM Members WHERE id=id


<?php
session_start();
ini_set ("display_errors", "1");
error_reporting(E_ALL);
?>		
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Welcome</title>
<style type="text/css">
.background {color: #B56AFF;
}
</style>
</head>

<body>
<p>
<?php
if ($_POST['email'] != "") {

include('Connections/connect_to_mysql.php');

$email = $_POST['email'];
$pass = $_POST['pass'];
$remember = $_POST['remember']; // Added for the remember me feature

$email = strip_tags($email);
$pass = strip_tags($pass);
$email = mysql_real_escape_string($email);
$pass = mysql_real_escape_string($pass);
$email = eregi_replace("`", "", $email);
$pass = eregi_replace("`", "", $pass);

$pass = md5($pass);

//make query
$sql = mysql_query("SELECT * FROM Members WHERE email='$email' AND password='$pass' AND email_activated='1'"); 
$login_check = mysql_num_rows($sql);

if($login_check > 0){ 

    while($row = mysql_fetch_array($sql)){ 

        $id = $row["id"];   
        session_register('id'); 
        $_SESSION['id'] = $id;
       
	    $firstname = $row["firstname"];   
        session_register('firstname'); 
        $_SESSION['firstname'] = $firstname;
       
	    $email = $row["email"];   
        session_register('email'); 
        $_SESSION['email'] = $email;
         
        mysql_query("UPDATE Members SET last_log_date=now() WHERE id='$id'"); 
          
    } // close while
	
    // Remember Me Section Addition... if member has chosen to be remembered in the system
    if($remember == "yes"){
      setcookie("idCookie", $id, time()+60*24*60*60, "/"); // 60 days; 24 hours; 60 mins; 60secs
      setcookie("firstnameCookie", $firstname, time()+60*24*60*60, "/"); // 60 days; 24 hours; 60 mins; 60secs
      setcookie("emailCookie", $email, time()+60*24*60*60, "/"); // 60 days; 24 hours; 60 mins; 60secs
      setcookie("passCookie", $pass, time()+60*24*60*60, "/"); // 60 days; 24 hours; 60 mins; 60secs
    }	
	$my_msg = "all_good";
    print "return_msg=$my_msg&id=$id&firstname=$firstname";
	
} else {
$my_msg = "no_good";
    print "return_msg=$my_msg"; 
  exit();
}


}// close if post
?>
<?php
/* Program: login.php
 * Desc:	Displays the new member welcome page. Greets
 *			member by name and gives a choice to enter
 *			restricted section or go back to main page.
 */ 
if (isset($_SESSION['id'])) {            
// Set the users session ID
    $id=$_SESSION['id'];

// Now let's initialize vars to be printed to page in the HTML section so our script does not return errors 
// they must be initialized in some server environments

$firstname = '';
$lastname = '';
$country = '';
$email = '';

//Formulate Query
//This is the best way to perform an SQL query
$query = "SELECT id, firstname FROM `Members` WHERE id={$_SESSION['id']}";
$result = mysql_query($query);

//Check result
//This shows the actual query sent to MySQL and the error. Useful for debugging.

if(!$result){
	$message = 'Invalid query:' . mysql_error() . "\
";
	$message .= 'Whole query:' . $query;
	die($message);
}
//Use result
//Attempting to print $result won't allow access to information in the resource
//One of the mysql result functions must be used
//See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
while($row=mysql_fetch_assoc($result)){
	  echo "Welcome, {$row['firstname']}";
}
}
		   mysql_free_result($result);
?>