if and while statements includes all

**rdkd1970** · May 15, 2011 12:21

This is the form I have it has been okay with adding info to db but maybe there is something I missed as to why the next page is having so much fun.

PHP Code:




session_start();



error_reporting(E_ALL);

ini_set("display_errors", 1);

include_once ("Connections/connect_to_mysql.php"); 



  $err='';

  $username='';

  $firstname='';

  $lastname='';

  $password='';

  $country='';

  $email='';

  $_SESSION['id']='id';



  if(isset($_POST["submit"])){



  

    // Validate form data



    if($_POST["firstname"]=='') $err.='Please enter First Name<br>';

    if($_POST["email"]=='') $err.='Please enter Email<br>';







    if($err==''){ 



      // Check if there are duplicate entries in the 'contacts' table



      $sql_check = mysql_query("SELECT id FROM `Members` WHERE username='".addslashes($_POST["username"])."' and firstname='".addslashes($_POST["firstname"])."' and Email='".addslashes($_POST["email"])."'");

      if($row = mysql_fetch_array($sql_check)){

        $err.='Can not add duplicate entry<br>';

      }

      else{



        // adding new record to 'contacts' table



       $results = mysql_query("INSERT INTO Members (username,firstname,lastname,password,country,Email) 

                    values ('".mysql_real_escape_string($_POST["username"])."','".mysql_real_escape_string($_POST["firstname"])."','".mysql_real_escape_string($_POST["lastname"])."','".md5($_POST["password"])."','".mysql_real_escape_string($_POST["country"])."','".mysql_real_escape_string($_POST["email"])."')")

                    or die (mysql_error());

 $id = mysql_insert_id();

 $userid = mysql_insert_id(); 



       // redirecting to success screen

       if($results){

         header("Location: login.php");

}else

die(mysql_error());



      }

    }

  }

**Cups** · May 15, 2011 12:55

That line:

PHP Code:


  $_SESSION['id']='id';

Should contain:

PHP Code:


  $_SESSION['id']= $userid;

And should be removed and added straight after

PHP Code:


$userid = mysql_insert_id();

**rdkd1970** · May 15, 2011 13:09

I got this on my try but I still have the var_dump in place on the welcome page.

array(1) { ["id"]=> int(12) }

Welcome,

and my code in the welcome page is id='id';

**rdkd1970** · May 15, 2011 13:10

I tried the NOW() but that is for a date. I was thinking insert now would be the time each user logs in. It just came up with an error message. Unless we can think of inserting the id with a datetime. that may single out the user. Not sure will try.

**rdkd1970** · May 15, 2011 14:55

This is using the following

PHP Code:


$query = "SELECT * FROM Members WHERE id='id AND DATE(NOW())'";

array(1) { ["id"]=> int(13) }

Welcome,

Your new Member accounts lets you enter the members

**Cups** · May 16, 2011 03:35

When testing sessions in order to prove whether your actions have made any difference - you must either delete the sessions on your server, set a very short session time, or register and login again at every fresh attempt.

Your welcome page is going to show the incorrect value in session id until you do.

... and my code in the welcome page is id='id';

**rdkd1970** · May 16, 2011 13:05

There must be something wrong with my coding in Dreamweaver as I get no results from my login either. I tried to see if I would get similiar problems with login which I thought was a simple one but it is not doing anything. I am trying to stick to the same coding throughout each pages. No luck!!! I still am not able to get the id on my welcome to single out the one logging in. I tried a few different ways no luck. Just how is it codes can be used in one app and not others...

Here is my login codes

PHP Code:


<?php

session_start();



ini_set ("display_errors", "1");

error_reporting(E_ALL);



    if (isset($_POST['id'])) {

    

    

$connect = mysql_connect("$localhost","$ebermy6"," ","$ebermy6_bermy") 

            or die ("could not connect to db");



    $username=mysql_real_escape_string($_POST['username']);

    $password=md5(mysql_real_escape_string($_POST['password']));

    

    $query = mysql_query("

        SELECT username

        FROM   Members

        WHERE  username='$username'

        AND    password='$password'

    ") or die (mysql_error());

    

    $total = mysql_num_rows($query);

    if($total >0){

        

        $_SESSION['username']='username';

        header("Location: profile.php");

    } else{

    }

}

?>

**rdkd1970** · May 16, 2011 13:33

Hey I tried the SELECT * FROM Members WHERE id|'id() AND DATETIME(NOW())' and was able to get the first name in my table.

**rdkd1970** · May 18, 2011 12:24

I got it. After the registration page, I created a page that had welcome for the member to click on a login button which takes them to the login page. After they login in it goes to the first private page which echos their name. At the top of the welcome, and member is the session_start with the $_SESSION[username] coding. Which goes on all pages that are private.

1. Form.php to
2. Register_success to
3. Login_form to
4. Login_users to
5. Access_denied (if $_SESSION) does not recognize the login member
6. Member (if the login worked as the member registered)
7. Login_failed if no username or password.

If anyone wants these scripts let me know.... Thanks to everyone that helped me in getting it done.

**StarLion** · May 18, 2011 12:52

This is why I never use the curly-braces syntax :P

User Tag List

Thread: if and while statements includes all

Thread Tools

Display

Bookmarks

Bookmarks

Posting Permissions