I am having a problem on retrieving the users firstname after logging in. Here's my code

    include ("connectDB.php");

    $stud_test_ID = $_POST["testIDtxt"];
    $password_Field = $_POST["Passtxt"];

    $insertSql = "SELECT firstName FROM testdb WHERE stud_Id = '$stud_test_ID' And Password = '$password_Field'";
    $result = $mysqli->query($insertSql); 

    $numrows = $result->num_rows;

        echo "record found successfully." . "username: " . $stud_test_ID;
        echo " Are you ready for the exam? " . "<a href='math(1).php' > Click here</a>"; 
        $_SESSION['studName'] = $_POST['firstName'];
        echo "Invalid Student ID# or Password.";

And this is where i display my user's first name.

<html xmlns="http://www.w3.org/1999/xhtml">

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<header id="head" >



  Examiner's Name: 


<form name="frmMath" action="mathQuestionnaire.php" method="post">
<table align="center" cellpadding="2" cellspacing="2" border="2" style="width:autopx;">

Any help would be appreciated.

4 Years
Discussion Span
Last Post by DJBirdi

So you are seeing the 'invalid student id' error? That would suggest your query string is returning zero. Confirm the format of the string by echoing it and make sure the variables match your user id and password in the database.
I'm guessing the query string is incorrect.


Sorry i wasn't able to explain it up clearer.

I have a login page and an authentication page. After the user login it will direct him to the authentication page. (The authentication page has a link that will direct you to the exams). After the user clicks the link it will direct him to the Math.php page along with his Firstname. But what happen to me is; its not retrieving the users firstname. there's no error


Waoooza that code's got SQL injection written all over it. Anyway, try this for a sec:

echo " Are you ready for the exam " . $_POST['firstName'] . "?" . "<a href='math(1).php' > Click here</a>";

and see if you're getting the firstname correctly on that page before saving it to a session variable. Also, session_start() should always be the first thing on any page you need to use it on ... before any HTML, outputs or variable declarations.

And lastly, if you're not seeing any visible errors, check your error_log. I can almost guaratee you'll have some sessional errors in there.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.