|
|
Posted by Jerry Stuckle on 03/19/07 18:03
Nosferatum wrote:
> please be patient, I am a newbie..
>
> I have three categories of members ($memkat).
> Each member got their own unike username and password from mysql db
> and all belong to one of the three categories of members.
> My mission is to get each member to login and be redirected to a
> specific page in a specific folder. It should not be possible for
> members from memkat10 to access (index-file) in folder memkat20 and
> so on.
>
>
> My faboulus login and redirect page: (which doesn't work..)
>
> <?php
> $host="my_host";
> $username="";
> $password="";
> $db_name="member_db";
> $tbl_name="members";
>
> // Connection
> mysql_connect("$host", "$username", "$password")or die("cannot
> connect");
> mysql_select_db("$db_name")or die("cannot select DB");
>
> // Post data
> $myusername=$_POST['theusername'];
> $mypassword=$_POST['thepassword'];
>
> // query and get the memkat
> $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and
> password='$mypassword'" and memkat="$memkat";
> $result=mysql_query($sql);
>
> //set session
> session_register("myusername");
> session_register("mypassword");
> session_register("memkat");
>
> if($memkat=="10"){
> require("/path/to/folder/here1/index.php");
> } elseif($memkat=="20"){
> require("/path/to/folder/folder2/index.php");
> } elseif($memkat=="30"){
> require("/path/to/folder/folder3/index.php");
> }
> ?>
>
> In each of the index files in the member folders I thought about
> requesting the session data from the login page at top,
>
> Each index file:
>
> <?php session_start(); ?>
> if (($myusername["musername"])) ;
> if (($mypassword["mypassword"]));
> if (($memkat["memkat"]));
>
>
>
> include file(therealindex.php)
>
> ?>
>
First of all, you need to call session_start() at the beginning of every
page using sessions (before ANY output - even whitespace). You're not
calling it in your logon page.
Secondly, $_myusername["myusername"] isn't defined in your second page.
If you have display_errors enabled, you will get a warning message
about an uninitialized variable.
Additionally, instead of using session_register, you should use the
$_SESSION array, i.e.
$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;
etc. (Note: it's not a good idea to store passwords in the session
unless you really need them there).
Then when you want to use them, use
if (isset($_SESSION['myusername']))
$myusername=$_SESSION['myusername']);
else
$myusername = null;
(which can be shortened to:
$myusername=isset($_SESSION('myusername') ? $_SESSION['myusername'] : null;
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|