Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5

Thread: sessions

  1. #1
    New to the CF scene
    Join Date
    Dec 2011
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    sessions

    Hey everyone,

    I have a login script that when you log in..it redirects you to a page called the members.php which has a statement the says your logged in..please click here to continue..and then when that link is clicked, it sends you to a page that displays what is supposed to be a "Welcome, 'what ever the user logged in as'" but instead of displaying the username..it displays an integer..I have nothing in my code that I am aware of that would display an integer...here is the logincheck.php for the log in process
    PHP Code:
    <?php

    session_start
    ();

    $username = isset($_POST['username']);
    $password = isset($_POST['password']);

    if(
    $username&&$password)

    {

    $connect mysql_connect("*******""*****""*******") or die("Could not connect!");
    mysql_select_db("*******") or die("couldn't find db!");

    $query mysql_query("SELECT * FROM users WHERE username='$_POST[username]'") or die(mysql_error());

    $numrows mysql_num_rows($query);

    if(
    $numrows!=0)
    {
        while (
    $row mysql_fetch_assoc($query))
        {
            
    $dbusername $row['username'];
            
    $dbpassword $row['password'];
        }
        
        if (
    $username==$dbusername&&$password==$dbpassword)
        {
            echo 
    "You're in! Click <a href='member.php'>here</a> to enter the member page!";
            
    $_SESSION['username'] = $username;
        }
        else
            echo 
    "Incorrect Password!";
    }
    else
        die(
    "That user doesn't exist!");


    }
    else
        die(
    "Please enter a username and password!");

    ?>
    and here is the member.php
    PHP Code:
    <?php

    session_start
    ();

    if (
    $_SESSION['username']){
        echo 
    "Welcome, ".$_SESSION['username']."!<br><a href='logout.php'>";
    }else die (
    "You must be logged in!");
    ?>
    why does it display an inter such as "Welcome, 1!"

  • #2
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,280
    Thanks
    4
    Thanked 83 Times in 82 Posts
    I would suspect your problem is here:

    PHP Code:
        while ($row mysql_fetch_assoc($query)) 
        { 
            
    $dbusername $row['username']; 
            
    $dbpassword $row['password']; 
        } 
     
        if (
    $username==$dbusername&&$password==$dbpassword
        { 
            echo 
    "You're in! Click <a href='member.php'>here</a> to enter the member page!"
            
    $_SESSION['username'] = $username
        } 
    You grab the username from the db as $dbusername and then assign it to the session as $username
    Last edited by Spookster; 01-12-2012 at 01:05 AM.
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster

  • #3
    New to the CF scene
    Join Date
    Dec 2011
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    @Spookster, how would I go about fixing this? sorry for the lack of knowledge..

  • #4
    New to the CF scene
    Join Date
    Dec 2011
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    never mind, I solved it! thanks for the help anyway!

  • #5
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    If your login script is in a production environment you have a lot more to worry about that a nice welcome message to the user. I suggest you look into preventing mysql injection. Tizag.com has a decent turorial. Also what did you end up using as a solution?
    ||||If you are getting paid to do a job, don't ask for help on it!||||


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •