Posted by satya.prakash.karan on 03/21/07 05:39

On Mar 19, 2:03 pm, Jerry Stuckle <jstuck...@attglobal.net> wrote:
> Nosferatum wrote:
> > please be patient, I am a newbie..
>
> > I have three categories of members ($memkat).
> > Each member got their own unike username and password from mysql db
> > and all belong to one of the three categories of members.
> > My mission is to get each member to login and be redirected to a
> > specific page in a specific folder. It should not be possible for
> > members from memkat10 to access (index-file) in folder memkat20 and
> > so on.
>
> > My faboulus login and redirect page: (which doesn't work..)
>
> > <?php
> > $host="my_host";
> > $username="";
> > $password="";
> > $db_name="member_db";
> > $tbl_name="members";
>
> > // Connection
> > mysql_connect("$host", "$username", "$password")or die("cannot
> > connect");
> > mysql_select_db("$db_name")or die("cannot select DB");
>
> > // Post data
> > $myusername=$_POST['theusername'];
> > $mypassword=$_POST['thepassword'];
>
> > // query and get the memkat
> > $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and
> > password='$mypassword'" and memkat="$memkat";
> > $result=mysql_query($sql);
>
> > //set session
> > session_register("myusername");
> > session_register("mypassword");
> > session_register("memkat");
>
> > if($memkat=="10"){
> > require("/path/to/folder/here1/index.php");
> > } elseif($memkat=="20"){
> > require("/path/to/folder/folder2/index.php");
> > } elseif($memkat=="30"){
> > require("/path/to/folder/folder3/index.php");
> > }
> > ?>
>
> > In each of the index files in the member folders I thought about
> > requesting the session data from the login page at top,
>
> > Each index file:
>
> > <?php session_start(); ?>
> > if (($myusername["musername"])) ;
> > if (($mypassword["mypassword"]));
> > if (($memkat["memkat"]));
>
> > include file(therealindex.php)
>
> > ?>
>
> First of all, you need to call session_start() at the beginning of every
> page using sessions (before ANY output - even whitespace). You're not
> calling it in your logon page.
>
> Secondly, $_myusername["myusername"] isn't defined in your second page.
> If you have display_errors enabled, you will get a warning message
> about an uninitialized variable.
>
> Additionally, instead of using session_register, you should use the
> $_SESSION array, i.e.
>
> $_SESSION['myusername'] = $myusername;
> $_SESSION['mypassword'] = $mypassword;
>
> etc. (Note: it's not a good idea to store passwords in the session
> unless you really need them there).
>
> Then when you want to use them, use
>
> if (isset($_SESSION['myusername']))
> $myusername=$_SESSION['myusername']);
> else
> $myusername = null;
>
> (which can be shortened to:
>
> $myusername=isset($_SESSION('myusername') ? $_SESSION['myusername'] : null;
>
> --
> ==================
> Remove the "x" from my email address
> Jerry Stuckle
> JDS Computer Training Corp.
> jstuck...@attglobal.net
> ==================

Jerry is right!

Within index page you have written:


[code]
<?php session_start(); ?>
if (($myusername["musername"])) ;
if (($mypassword["mypassword"]));
if (($memkat["memkat"]));

include file(therealindex.php)
[/code]

You want to write:

<?php
session_start();
if ( !empty($_SESSION["musername"]) and !
empty($_SESSION["mypassword"]) and !empty($_SESSION["memkat"])) {
include file(therealindex.php)
}
?>
after implementing Jerry suggestions.

[Back to original message]