PHP, new session variables

[Furr]

evening all

ok i have this slightly altered login in user from dreamweaver

<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "secure/secureindex.php";
$MM_redirectLoginFailed = "fail.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_gemtraveldatabase, $gemtraveldatabase);


$loginUsername = get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername); $password = get_magic_quotes_gpc() ? $password : addslashes($password);
$LoginRS__query="SELECT EMAIL, PASSWORD FROM user_details WHERE EMAIL='$loginUsername' AND PASSWORD='".md5($password)."'";


$LoginRS = mysql_query($LoginRS__query, $gemtraveldatabase) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>


Ok this is what i want to do but have no idea how to do it, from the login page i want to pull the unique ID of the users entry and set it as a session vaiable so that this

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

will look something like this

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserID'] = $UserID;


so that for a session variable i would get

MM_Username = joebloggs@email.com
MM_UserID = 12

how do i do it..... cheers you brainy people

 

[SheepCow]

Well you'd need to get the userid from the database, best place would probably be in your $LoginRS__query query. Then it's easy.

 

[Furr]

SO it would look like this what do i place in the field highlighted? (im not a coder... yet)


<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "secure/secureindex.php";
$MM_redirectLoginFailed = "fail.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_gemtraveldatabase, $gemtraveldatabase);


$loginUsername = get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername); $password = get_magic_quotes_gpc() ? $password : addslashes($password);
$LoginRS__query="SELECT EMAIL, PASSWORD, ID FROM user_details WHERE EMAIL='$loginUsername' AND PASSWORD='".md5($password)."'";


$LoginRS = mysql_query($LoginRS__query, $gemtraveldatabase) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginUserID = " *****What do i stick here?***** ";

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserID'] = $loginUserID;

if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>

 

[SheepCow]

Something like this (using the forums PHP tags to get colouring )

<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "secure/secureindex.php";
$MM_redirectLoginFailed = "fail.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_gemtraveldatabase, $gemtraveldatabase);


$loginUsername = get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername); $password = get_magic_quotes_gpc() ? $password : addslashes($password);
$LoginRS__query="SELECT EMAIL, PASSWORD, ID FROM user_details WHERE EMAIL='$loginUsername' AND PASSWORD='".md5($password)."'";


$LoginRS = mysql_query($LoginRS__query, $gemtraveldatabase) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {

$login_data = mysql_fetch_assoc($LoginRS);
$loginUserID = $login_data['ID'];

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserID'] = $loginUserID;

if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>

 

[Furr]

I love you sheepcow

Right, going to start learning software languages, going to start with JAVA, then do C++ since Java shares some simularity with C++ im guessing that after I've mastered Java everything else will start becoming easier.

After than will then Learn .Net, PHP, ASP, Javascript etc. Which im guessing will also be made much much easier just by first getting though Java

Being a basic designer is all very good, but want to be able to make an entire site from the layout and design through to the application and backend side easily and not having to resort to Macromedia pre installed gunk.

 

[SheepCow]

tbh they're all rooted in C, so learning C first would make sense. However I expect Java is easier to learn as it's a more protected language...

As my first year programming lecturer once said "C gives you a loaded gun and giggles at you. Java gives you a padded fluffy stick and watches what you are doing -- it's just fucking slow."

 

[RandomBastard]

The hardest part of learning languages imo is the paradigms so learning a object orientated language like java will stand you in good stead for c++ (c#?) etc. Especially as java imo is easier to compile thanks to the availbility of tools for windows (javas own ide, eclipse (altho yes that does c++ too))

Good luck learning

 

[Furr]

<?php if(strlen($_SESSION['MM_UserID']) > -0 ) { ?>
		
You are logged in
		
<?php } ?> 
		
<?php if(strlen($_SESSION['MM_UserID']) < 1 ) { ?>

You are not logged in
		
<?php } ?>

Anyway to make this more streamline??? I mean it works and all. But its my bodge.

 

[SheepCow]

<?php if(strlen($_SESSION['MM_UserID']) > -0 ) { ?>
You are logged in
<?php } else { ?> 
You are not logged in		
<?php } ?>

or

<?php if(isset($_SESSION['MM_UserID'])) { ?>
You are logged in
<?php } else { ?> 
You are not logged in		
<?php } ?>

or

<?php 
if isset($_SESSION['MM_UserID'])
    echo "You are logged in";
else
    echo "You are not logged in.";
?>

or

You are <?php echo isset($_SESSION['MM_UserID']) ? '' : ' not ';?> logged in.

 

[Furr]

went for the first one, cheers again!

 

[Furr]

Since this is also a PHP problem thought that i'd use this old thread

essentially i have a login script that if true person gets session variables set and is sent to a protected page. If not they go back to

login.php?fail

Now I need to get some text in so that it looks like this

if (URL="login.php?fail") {
   Login failed, please contact the system administrator
}

Now thats just a representation of what i want, how do i go about scripting the proper code for it?

 

[Furr]

Even better!

If instead if could check to see that is was just "login.php" if anything else like "login.php?etc etc" then it throws up the error message.

 

[Whipped]

For any who doesn't want to use Visual Stuido, I'd suggest checking out #Develop.

It's a fully featured IDE that will give you base frameworks in c# and vb.net.

Very nice and easy to use. Replaced one of our old, horrible, access databases with a vb front end and a MySQL backend in about 6 hours today.

Well impressed.

 

[TheJkWhoSaysNi]

Even better!

If instead if could check to see that is was just "login.php" if anything else like "login.php?etc etc" then it throws up the error message.

You could do something like:

if ($_SERVER['QUERY_STRING'] == 'fail') echo 'Login Failed.';

$_SERVER['QUERY_STRING'] will give you everything after the ? in the URI.

 

[Furr]

Hurrah!

Thanks!