I am trying to define and pass through (I think that's the term) a variable from my login page to other parts of my site. Right now, the user logs in providing their username/password combination and those variables are able to be used. What I want is if a login is successful, to store other variables for the user, specifically FName and LName which are columns in the User table.

What would I need to change here? :confused:

<?php
session_start(); // Start a new session
require('dbconnection.php'); // Holds all of our database connection information

// Get the data passed from the form
$username = $_POST['user'];
$password = $_POST['pass'];
$_SESSION['username'] = $_POST['user'];

// Do some basic sanitizing
$username = stripslashes($username);
$password = stripslashes($password);

$password = md5($password);

$sql = "select * from User where Username = '$username' and Password = '$password'";
$result = mysql_query($sql) or die ( mysql_error() );

$count = 0;

$count = mysql_num_rows($result);

if ($count == 1) {
	 $_SESSION['loggedIn'] = "true";
	 header("Location: index.php"); // This is wherever you want to redirect the user to
} else {
	 $_SESSION['loggedIn'] = "false";
	 header("Location: http://www.msn.com"); // Wherever you want the user to go when they fail the login
}

?>

I've tried adding the following to the above page, but when I pull the variable from another page it's showing a "0" instead of the name "Joel"

$getname = "select FName from User where Username = '$username' and Password = '$password'";
$result2 = mysql_query($getname) or die (mysql_error());
$_SESSION['FName'] = $result2;

I don't see the reason for the whole other query for the FName when you have one you just made that should have grabbed all of the row data from the User table for the user. Unfortunately I am not really able to play around and test it at this time but...

Try something like this:

<?php
session_start(); // Start a new session
require('dbconnection.php'); // Holds all of our database connection information

// Get the data passed from the form
$username = $_POST['user'];
$password = $_POST['pass'];
$_SESSION['username'] = $_POST['user'];

// Do some basic sanitizing
$username = stripslashes($username);
$password = stripslashes($password);

$password = md5($password);

$sql = "select * from User where Username = '$username' and Password = '$password'";
$result = mysql_query($sql) or die ( mysql_error() );

$online = mysql_fetch_array(mysql_query($sql)); // array of all the data for the user
$result2 = $online['FName']; // set the variable for FName
$_SESSION['FName'] = $result2; // set FName in the session

$count = 0;

$count = mysql_num_rows($result);

if ($count == 1) {
	 $_SESSION['loggedIn'] = "true";
	 header("Location: index.php"); // This is wherever you want to redirect the user to
} else {
	 $_SESSION['loggedIn'] = "false";
	 header("Location: http://www.msn.com"); // Wherever you want the user to go when they fail the login
}


$online = mysql_fetch_array(mysql_query($sql));
$result2 = $online['FName'];
$_SESSION['FName'] = $result2;

?>
commented: Worked perfectly! +0

I don't see the reason for the whole other query for the FName when you have one you just made that should have grabbed all of the row data from the User table for the user. Unfortunately I am not really able to play around and test it at this time but...

Worked perfectly! Thank you so much for the help! :)

Glad to hear that, cheers!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.