1,105,585 Community Members

Problem assigning a query result to a $_SESSION

Member Avatar
usboy2903
Newbie Poster
1 post since Nov 2011
Reputation Points: 0 [?]
Q&As Helped to Solve: 0 [?]
Skill Endorsements: 0 [?]
 
0
 

Hi, well im working on a project for school but I can't seem to get it to work.

Its an app that is connected to a DB with 3 tables, this is my sql syntax of the db:

Table structure for table `income`

CREATE TABLE `income` (
  `idincome` int(11) NOT NULL AUTO_INCREMENT,
  `DoI` date NOT NULL,
  `Quantity` int(11) NOT NULL,
  `Type` varchar(45) COLLATE latin1_general_ci NOT NULL,
  `Comment` varchar(45) COLLATE latin1_general_ci NOT NULL,
  `iduser` int(11) NOT NULL,
  PRIMARY KEY (`idincome`),
  KEY `iduser` (`iduser`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=1;

Table structure for table `outcome`

CREATE TABLE `outcome` (
  `idoutcome` int(11) NOT NULL AUTO_INCREMENT,
  `DoO` date NOT NULL,
  `Quantity` int(11) NOT NULL,
  `Type` varchar(45) COLLATE latin1_general_ci NOT NULL,
  `Comment` varchar(45) COLLATE latin1_general_ci NOT NULL,
  `iduser` int(11) NOT NULL,
  PRIMARY KEY (`idoutcome`),
  KEY `iduser` (`iduser`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=1 ;

Table structure for table `user`CREATE TABLE `user` (
  `iduser` int(11) NOT NULL AUTO_INCREMENT,
  `FirstName` varchar(45) COLLATE latin1_general_ci NOT NULL,
  `LastName` varchar(45) COLLATE latin1_general_ci NOT NULL,
  `Email` varchar(45) COLLATE latin1_general_ci NOT NULL,
  `DoB` date NOT NULL,
  `Sex` varchar(6) COLLATE latin1_general_ci NOT NULL,
  `Username` varchar(45) COLLATE latin1_general_ci NOT NULL,
  `Password` varchar(45) COLLATE latin1_general_ci NOT NULL,
  PRIMARY KEY (`iduser`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=27 ;

So basically, I use a "iduser" to link the user currently in the session with the income and outcome tables.

What I'm trying to do is that when the client logs in, I select the iduser of that person and saving it in a session variable. This is the code:

<?php

	session_start();

	//Connect to the DB
	$host = 'HOST';
	$user = 'USER';
	$pass = 'PASS';
	$db = 'DB';
	mysql_connect($host, $user, $pass) or die("Could not connect: ".mysql_error());
	mysql_select_db($db) or die(mysql_error());
	
	//Grab username and password that the client typed in.
	$username = $_POST['Username'];
	$password = md5($_POST['Password']);
	
        //Query to grab the iduser of that user.
	$queryid = "SELECT iduser FROM user WHERE Username = '$username'";
	$id =  mysql_query($queryid);
	$_SESSION['id'] = $id;
	
        
        //Query to check if the username and password are in the db.
	$query = "SELECT * FROM user WHERE Username = '$username' AND Password= '$password'";
	$result = mysql_query($query);
	

        //Check if the user is in the db
	if (mysql_num_rows($result) != 1)
		{
        //If he's not, send to loginfail.php
    	header('location:loginfail.php');
		}else 
			{
         //If he is, take him to home.php and save a SESSION variable with his username.
    		$_SESSION['username'] = $username;
			header( 'location: home.php');
		}
?>

So when he/she logs in successfully, they're taken to home.php and I display both of the session variables, BUT when I try to display the $_SESSION variable, I get a 0 instead of the users unique id.

That's my problem and I really don't know how to solve it :/
I could really use some help with this..

Thanks!

Member Avatar
niranga
Junior Poster
197 posts since Apr 2010
Reputation Points: 9 [?]
Q&As Helped to Solve: 27 [?]
Skill Endorsements: 0 [?]
 
0
 

That is because because you are assigning the mysql result object in to the session variable

$_SESSION['id'] = $id;

Try this:

//Query to grab the iduser of that user.
$queryid = "SELECT iduser FROM user WHERE Username = '$username'";
$id = mysql_query($queryid);
if(mysql_row_count($id) > 0)
{
    $row = mysql_fetch_array($id, MYSQL_ASSOC);
    $_SESSION['id'] = $row['iduser'];
}

But writing two queries for the same thing is useless:

$queryid = "SELECT iduser FROM user WHERE Username = '$username'";
AND
$query = "SELECT * FROM user WHERE Username = '$username' AND Password= '$password'";

You can do it using only the second query

//Query to check if the username and password are in the db.
$query = "SELECT * FROM user WHERE Username = '$username' AND Password= '$password'";
$result = mysql_query($query);
  
//Check if the user is in the db
if (mysql_num_rows($result) != 1)
{
	//If he's not, send to loginfail.php
	header('location:loginfail.php');
}
else
{
	//If he is, take him to home.php and save a SESSION variable with his username.
	$row = mysql_fetch_array($result, MYSQL_ASSOC);
	$_SESSION['username'] = $username;
	$_SESSION['id'] = $row['iduser']; 
	header( 'location: home.php');
}
You
This article has been dead for over three months: Start a new discussion instead
Post:
Start New Discussion
View similar articles that have also been tagged: