Member Avatar for rjusman90

this is my SESSION code i want to make function of it
is this posible?
i am new in php i want your help
please guide me

<?php

include "connection.php";
$result = mysql_query("SELECT * FROM new WHERE Email='" . $_POST['email'] . "' and Password = '". $_POST['pass']."'");
$row  = mysql_fetch_array($result);
if(is_array($row)){
$_SESSION["ID"] = $row['ID'];
$_SESSION["Email"] = $row['Email'];
$_SESSION["Title"] = $row['Title'];
    }
     else {
            echo "Invalid details!";
            }
if(isset($_SESSION["ID"])){
echo"welcome</br>".  $_SESSION["Title"];
echo"</br><a href='logout.php'>Log out</a>";
}

?>
  • 3 Contributors
  • 2 Replies
  • 174 Views
  • 9 Hours Discussion Span
  • Latest Post Latest Post by diafol

Recommended Answers

All 2 Replies

Member Avatar for katarey

Hi,

you can create function like this.

    <?php
    ob_start();
    session_start();
    include "connection.php";
    function loginFunc($username, $password){
        $result = mysql_query("SELECT * FROM new WHERE Email='" . $username . "' and Password = '" . $password . "'");
        $row  = mysql_fetch_array($result);
        if(is_array($row)){
            $_SESSION["ID"] = $row['ID'];
            $_SESSION["Email"] = $row['Email'];
            $_SESSION["Title"] = $row['Title'];
        } else {
            echo "Invalid details!";
        }

        if(isset($_SESSION["ID"])){
            return "welcome</br>".  $_SESSION["Title"] . "<br /><a href='logout.php'>Log out</a>";
        } else {
            return "";
        }
    }
    echo loginFunc($_POST['email'], $_POST['pass'])
    ?>
Edited by katarey
Member Avatar for diafol

This is a pretty broad question as we don't know whether you want to lump in the login routine to the session storing routine. In addition you'd probably do better to make an authentication class. In addition PLEASE DO NOT USE mysql_* functions, they've been deprecated. Use PDO or mysqli instead.

Without going all OOP on you, we can create a halfway house solution with functions.

session_start();

//FROM HERE ----
function PDO_connect($host, $database, $username, $password='')
{
   try {
        $pdo = new PDO("mysql:host=$host;dbname=$database",$username,$password);
        return $pdo;
    } catch (PDOException $e) {
        echo 'Exception: ' . $e->getMessage();
    }
}

function login($pdo, $username, $pw)
{
   $stmt = $pdo->prepare("SELECT `ID`, `Title`, `Password` FROM `new` WHERE `Email` = ? LIMIT 1");
   $stmt->execute($username);
   if($stmt->rowCount())
   {
       $userData = $stmt->fetch(PDO::FETCH_ASSOC); 
       if(password_verify($pw, $userData['Password']))
       {
           if(store_session($userData))
           {
               unset($userData['Password']);
               return $userData;
           }    
       }
   }
   return false;
}

function store_session($data)
{
    $_SESSION['ID'] = $data['ID'];
    $_SESSION['Title'] = $data['Title'];
    return true;
}
// ---- TO HERE can be placed in an include file

Usage:

include('functions.php');
if (isset($_POST['Email']) && isset($_POST['Password']) && $Email = filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL)) 
{
    $pw = password_hash($_POST['Password'], PASSWORD_BCRYPT, array('cost'=>11) );
    //pw field needs to be 60 chars long for BCRYPT algorithm)
    $pdo = PDO_connect('localhost','mydb','root');
    if($ret = login($pdo, $email, $pw)
    {
        "Welcome</br>".  $ret["Title"] . "<br /><a href='logout.php'>Log out</a>";
    }else{
        echo "Invalid details!";
    }
}

Just an idea, not really production code.

Edited by diafol
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.