I have a MySQl database which have
DB_User DB_Email DB_Password DB_Name
User1 [email protected] 222222 User2
lets say User 1 log in form my index.php and verify correct password and correct username .The next page which he/she see is a secure page which only members can view … so on that particular page it will show him/her profiles example :User name,Email,Name: all in a table …
Below is my Login check page
[php]
<?PHP //check that the user is calling the page from the login form and not accessing it directly //and redirect back to the login form if necessary if (!isset($username) || !isset($password)) { header( "Location: http://findmoviedate.com/index.php" ); } //check that the form fields are not empty, and redirect back to the login page if they are elseif (empty($username) || empty($password)) { header( "Location: http://findmoviedate.com/index.php" ); } else{ //convert the field values to simple variables //add slashes to the username and md5() the password $user = ($_POST['username']); $pass = ($_POST['password']); //set the database connection variables $dbHost = "host"; $dbUser = "user"; $dbPass = "pass"; $dbDatabase = "database"; //connet to the database $db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die ("Error connecting to database."); mysql_select_db("$dbDatabase", $db) or die ("Couldn't select the database."); $result=mysql_query("select DB_USER,DB_Password from members where DB_USER='$user' AND DB_Password='$pass'", $db); //check that at least one row was returned $rowCheck = mysql_num_rows($result); if($rowCheck > 0){ while($row = mysql_fetch_array($result)){ //start the session and register a variable session_start(); session_register('username'); //successful login code will go here... //echo 'You Have logged in .we will redirect the user to another page in a moment'; //we will redirect the user to another page where we will make sure they're logged in header( "Location: MemberStart.php" ); } } else { //if nothing is returned by the query, unsuccessful login code goes here... echo 'Incorrect login name or password. Please try again.'; } } ?>[/php]
Inside MY session.php
[php]
<?php //start the session session_start(); //check to make sure the session variable is registered if(session_is_registered('username')){ //the session variable is registered, the user is allowed to see anything that follows echo 'Welcome, you are still logged in.'; } else{ //the session variable isn't registered, send them back to the login page header( "Location: http://www.mypage.com/index.php" ); } ?>[/php]
so currently in my members only page is
[php]
<?php include("session.php"); ?> <?php echo"HI,{$_SESSION['username']}" ?> <?php require_once('mysql_connect.php'); $query = "SELECT DB_USER,DB_Email,DB_Name FROM members WHERE DB_USER={$_SESSION['username']}"; $result = mysql_query($query); while ($row = mysql_fetch_array($result,MYSQL_ASSOC)){ echo'| '.$row['DB_First_name'].' | '; } [/php] But what it is returing me is a blank page But if i take out these codes [php] <?php require_once('mysql_connect.php'); $query = "SELECT DB_USER,DB_Email,DB_Name FROM members WHERE DB_USER={$_SESSION['username']}"; $result = mysql_query($query); while ($row = mysql_fetch_array($result,MYSQL_ASSOC)){ echo'
| '.$row['DB_First_name'].' | '; } [/php] It will show me HI,user1 meaning that the session did pass through Please someone point me to a right direction ... Really desperate for it