<?php
session_start();
include("connect.php");

$match = "select id from $table where username = '".$_POST['username']."'
and password = '".$_POST['password']."';";

$qry = mysql_query($match)
or die ("Could not match data because ".mysql_error());
$num_rows = mysql_num_rows($qry);

if ($num_rows <= 0) {
echo "Sorry, $username might not be register or password entered incorrect.<br>";
echo "<a href=login.html>Try again</a>";
exit;

} else
{
session_register('username');
$site_name = $session_register;
echo "Login Successful<br>";
echo "Continue to the <a href=member.php>members</a> section.";
}
?>

I've tried to use session with this simple code when pass to the member page i try to echo it out like this

<?php
session_start();
echo hello $site_name ;
?>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>

<p>Members Area Welcome! </p>
</body>

</html>

I get an error on the second line of echo hello $site_name ;

is there anything wrong it?Thanks~

For your 1st script:



For your 2nd script:

thanks for the reply but i still cant get it to work echoing out the username~

paste ur current code here...

login.php
======
session_start();
include("connect.php");

$match = "select id from $table where username = '".$_POST['username']."'
and password = '".$_POST['password']."';";

$qry = mysql_query($match)
or die ("Could not match data because ".mysql_error());
$num_rows = mysql_num_rows($qry);

if ($num_rows <= 0) {
echo "Sorry, $username might not be register or password entered incorrect.<br>";
echo "<a href=login.html>Try again</a>";
exit;

} else
{
session_register('username');
$_SESSION["username"] = $username;
echo "Login Successful<br>";
echo "Continue to the <a href=member.php>members</a> section.";
}
==========
after login page
==========
<?php
session_start();
echo "hello ".$_SESSION["username"];

?>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>

<p>Members Area Welcome! </p>
</body>

</html>

?>

This is the code suggested by snow~i am thinking maybe there is a need to store username in an array?but my knowledge is limited at the time~any help is much appreciated thank~

This post has been edited by lucashii: Feb 2 2006, 11:40 PM

i figure out that i need

$username = $_POST['username'];

which to pass the username from the database~

need to ma fan pro here again...i wanna retrieve and display id from my $table...i've been trying out for hours @_@ can any pro help?thanks~

try this

$result = mysql_query($query);

$rs = mysql_fetch_array($result);

then use response.write $rs["id"]

or if u know the post of id. field in the table, u can use it directly.

for example, if id is the 3rd field in the table just use

response.write $result[3];

if not, use the 1st method..

good luck

thanks seventh7 for the help its working now...but now i need help with mysql~

$_SESSION['sid'] = $id // my session id

$insert = mysql_query("insert into movie values ('NULL', '$id','".$_POST['title']."', '".$_POST['year']."')")
or die("Could not insert data because ".mysql_error());

i want to insert the $id into my movie table but i guess there is something wrong with my statement...any advice would be helpful =) thanks~

what is the error message?

try use like this

$insert = "insert into movie values ('NULL', '$id','".$_POST['title']."', '".$_POST['year']."');

mysql_query($insert);

good luck!

shouldn't it be

here is a tip for u

$id = $_SESSION['sid'] // my session id

$tsql=insert into movie values ('NULL', '$id','".$_POST['title']."', '".$_POST['year']."')";


echo $tsql;

//put a break here if necessary, so dat u can check if the SQL statement is right

$insert = mysql_query($tsql)or die("Could not insert data because ".mysql_error());


Sometimes ur SQL statement is incorrect, by printing it cout, u can see the SQL statement.

I would suggest that you check your variables before putting them into the SQL query. This way you can ensure that the data being put in the sql is correct and within range. Not to mention you would be safer from SQL injection attacks.

It may be a simple task, but get into the habit of good practice

Here's a rough example


This post has been edited by silverhawk: Feb 7 2006, 12:51 PM