I need to select customer column my database and then insert this into a session so i can use it in the other pages of my site but nothing im doing seems to work, any ideas

<?php
session_start(); 
include("Connections/database.php");
?>
<?php

/**
 * Checks whether or not the given username is in the
 * database, if so it checks if the given password is
 * the same password in the database for that user.
 * If the user doesn't exist or if the passwords don't
 * match up, it returns an error code (1 or 2). 
 * On success it returns 0.
 */
 
// Make a MySQL Connection

function confirmUser($username, $password){
   global $conn;
   /* Add slashes if necessary (for query) */
   if(!get_magic_quotes_gpc()) {
	$username = addslashes($username);
   }

   /* Verify that user is in database */
   $q = "select password from customer where username = '$username'";
   $result = mysql_query($q,$conn);
   if(!$result || (mysql_numrows($result) < 1)){
      return 1; //Indicates username failure
   }

   /* Retrieve password from result, strip slashes */
   $dbarray = mysql_fetch_array($result);
   $dbarray['password']  = stripslashes($dbarray['password']);
   $password = stripslashes($password);

   /* Validate that password is correct */
   if($password == $dbarray['password']){
      return 0; //Success! Username and password confirmed
   }
   else{
      return 2; //Indicates password failure
   }
}

/**
 * checkLogin - Checks if the user has already previously
 * logged in, and a session with the user has already been
 * established. Also checks to see if user has been remembered.
 * If so, the database is queried to make sure of the user's 
 * authenticity. Returns true if the user has logged in.
 */
function checkLogin(){
   /* Check if user has been remembered */
   if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
      $_SESSION['username'] = $_COOKIE['cookname'];
      $_SESSION['password'] = $_COOKIE['cookpass'];
   }

   /* Username and password have been set */
   if(isset($_SESSION['username']) && isset($_SESSION['password'])){
      /* Confirm that username and password are valid */
      if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
         /* Variables are incorrect, user not logged in */
         unset($_SESSION['username']);
         unset($_SESSION['password']);
         return false;
      }
      return true;
   }
   /* User not logged in */
   else{
      return false;
   }
}

/**
 * Determines whether or not to display the login
 * form or to show the user that he is logged in
 * based on if the session variables are set.
 */
function displayLogin(){
   global $logged_in;
   if($logged_in){
      echo "<table class='logged_in'><tr><td>Welcome <strong>$_SESSION[username]</strong>, you are now logged in</td></tr><tr><td>Click here to <a href=\"logout.php\">Logout</a></td></tr></table>";
   }
   else{
?>
<form action="" method="post">
<table class="login">
<tr><td colspan="5"><label><a href="register.php">Register </a>or log in:</label></td></tr>
<tr><td><label>Username</label></td><td><input type="text" name="user" maxlength="30"></td><td><label>Password</label></td><td><input type="password" name="pass" maxlength="32"></td><td><button name="sublogin" type="submit"></button></td></tr>
<tr><td colspan="5"><label>Keep me logged on&nbsp;</label><input type="checkbox" class="checkbox" name="remember"></td></tr>
</table>
</form>
<?php
/**
 * Checks to see if the user has submitted his
 * username and password through the login form,
 * if so, checks authenticity in database and
 * creates session.
 */
if(isset($_POST['sublogin'])){
   
   $_POST['user'] = trim($_POST['user']);
   
   /* Checks that username is in database and password is correct */
   $md5pass = md5($_POST['pass']);
   $result = confirmUser($_POST['user'], $md5pass);
	
   /* Check that all fields were typed in */
   if(!$_POST['user'] || !$_POST['pass']){
      echo "<p class='error'>Ooops! You missed a field</p>";
   }
   
   elseif(strlen($_POST['user']) > 30){
      echo "<p class='error'>Username or Password is too long!</p>";
   }  
   
   /* Check error codes */
   elseif($result == 1){
      echo "<p class='error'>Username doesn't exist!</p>";
   }
   elseif($result == 2){
      echo "<p class='error'>Password doesn't exist!</p>";
   }

	else{
   /* Username and password correct, register session variables */
   $_POST['user'] = stripslashes($_POST['user']);
   $_SESSION['username'] = $_POST['user'];
   $_SESSION['password'] = $md5pass;
   $_SESSION['customer'] = "test";
   
   /**
    * This is the cool part: the user has requested that we remember that
    * he's logged in, so we set two cookies. One to hold his username,
    * and one to hold his md5 encrypted password. We set them both to
    * expire in 100 days. Now, next time he comes to our site, we will
    * log him in automatically.
    */
   if(isset($_POST['remember'])){
      setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
      setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
	  setcookie("cookcust", $_SESSION['customer'], time()+60*60*24*100, "/");
   }
	

   /* Quick self-redirect to avoid resending data on refresh */
   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
   return;
}
}
/* Sets the value of the logged_in variable, which can be used in your code */
   }
}
$logged_in = checkLogin();
?>

Recommended Answers

All 3 Replies

do you get any errors? what are they?

try adding this code right below session_start();

ob_start();
error_reporting(E_ALL);
ini_set('display_errors', '1');

im not getting an error, but just cant understand why the password and username are being passed along in the session but the customer variable wont

anyone got any ideas

Are you sure your $_SESSION get gast to the next page and is not recreated by your loginscript?
to test change

#
/* Quick self-redirect to avoid resending data on refresh */
#
echo "<meta http-equiv=\"Refresh\" content=\"0;url=".$HTTP_SERVER_VARS[PHP_SELF]."?".htmlspecialchars(SID).">";
#
return;
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.