0

I am trying to define and pass through (I think that's the term) a variable from my login page to other parts of my site. Right now, the user logs in providing their username/password combination and those variables are able to be used. What I want is if a login is successful, to store other variables for the user, specifically FName and LName which are columns in the User table.

What would I need to change here? :confused:

<?php
session_start(); // Start a new session
require('dbconnection.php'); // Holds all of our database connection information

// Get the data passed from the form
$username = $_POST['user'];
$password = $_POST['pass'];
$_SESSION['username'] = $_POST['user'];

// Do some basic sanitizing
$username = stripslashes($username);
$password = stripslashes($password);

$password = md5($password);

$sql = "select * from User where Username = '$username' and Password = '$password'";
$result = mysql_query($sql) or die ( mysql_error() );

$count = 0;

$count = mysql_num_rows($result);

if ($count == 1) {
	 $_SESSION['loggedIn'] = "true";
	 header("Location: index.php"); // This is wherever you want to redirect the user to
} else {
	 $_SESSION['loggedIn'] = "false";
	 header("Location: http://www.msn.com"); // Wherever you want the user to go when they fail the login
}

?>
2
Contributors
4
Replies
5
Views
6 Years
Discussion Span
Last Post by pixelsoul
0

I've tried adding the following to the above page, but when I pull the variable from another page it's showing a "0" instead of the name "Joel"

$getname = "select FName from User where Username = '$username' and Password = '$password'";
$result2 = mysql_query($getname) or die (mysql_error());
$_SESSION['FName'] = $result2;

Edited by jrotunda85: clean up code

2

I don't see the reason for the whole other query for the FName when you have one you just made that should have grabbed all of the row data from the User table for the user. Unfortunately I am not really able to play around and test it at this time but...

Try something like this:

<?php
session_start(); // Start a new session
require('dbconnection.php'); // Holds all of our database connection information

// Get the data passed from the form
$username = $_POST['user'];
$password = $_POST['pass'];
$_SESSION['username'] = $_POST['user'];

// Do some basic sanitizing
$username = stripslashes($username);
$password = stripslashes($password);

$password = md5($password);

$sql = "select * from User where Username = '$username' and Password = '$password'";
$result = mysql_query($sql) or die ( mysql_error() );

$online = mysql_fetch_array(mysql_query($sql)); // array of all the data for the user
$result2 = $online['FName']; // set the variable for FName
$_SESSION['FName'] = $result2; // set FName in the session

$count = 0;

$count = mysql_num_rows($result);

if ($count == 1) {
	 $_SESSION['loggedIn'] = "true";
	 header("Location: index.php"); // This is wherever you want to redirect the user to
} else {
	 $_SESSION['loggedIn'] = "false";
	 header("Location: http://www.msn.com"); // Wherever you want the user to go when they fail the login
}


$online = mysql_fetch_array(mysql_query($sql));
$result2 = $online['FName'];
$_SESSION['FName'] = $result2;

?>
Votes + Comments
Worked perfectly!
0

I don't see the reason for the whole other query for the FName when you have one you just made that should have grabbed all of the row data from the User table for the user. Unfortunately I am not really able to play around and test it at this time but...

Worked perfectly! Thank you so much for the help! :)

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.