Hi i have here a login logout function in PHP wherein a user could login. If he is a moderator he will be redirected to moderator.php and if he is an agent he’ll go to agent.php page.
In index.php wherein they should login.. here’s the code:
<form name="form1" method="post" action="check_login.php">
<center><div id='login_header'><b><font face='Arial Black' color='black' size='4px'>Sign in to Minquep!</font></b></div></cen
<br/><br/>
<center><label>Username:</label><input type='text' name='myusername' size='20'><br/><label>Password:</label>
<input type='password' name='mypassword' size='20'><br/>
<input type='text' name='myfirstname' style='display:none;'>
</center>
<br/><input type='submit' value='Submit' name='submit' class='submit'>
</form>
The check_login.php is this:
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="minquep_test"; // Database name
$tbl_name="users"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or
die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE login='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$count=mysql_fetch_array($result);
if($count['user_type']== "agent"){
echo '<script type="text/javascript">alert("You have logged in successfully!\n"); return false;</script>';
echo "<meta http-equiv=\"refresh\" content=\"0;URL=pages/agent.php\">";
session_register("myusername");
session_register("mypassword");
//header("location:pages/agent.php");
}
else if ($count['user_type']== "moderator"){
echo '<script type="text/javascript">alert("You have logged in successfully!\n"); return false;</script>';
echo "<meta http-equiv=\"refresh\" content=\"0;URL=pages/moderator.php\">";
session_register("myusername");
session_register("mypassword");
//header("location:pages/moderator.php");
}
else {
echo "<script type='text/javascript'>alert('Invalid Login! Please Try Again!');</script>";
echo "<meta http-equiv=\"refresh\" content=\"0;URL=index.php\">";
}
?>
In both moderator.php and agent.php I output the username of the logged in user as:
<?php
session_start();
print("<b><h2>Hi! $_SESSION[myusername] (You are logged in as moderator / agent) </h2>");
?>
In my logout.php, I just destroy the session and redirect it back to index.php
<?php
session_start();
session_destroy();
echo "<meta http-equiv=\"refresh\" content=\"0;URL=../index.php\">";
exit;
?>
So the issue is that, during my first ever test login using either moderator or agent account… the username is not displayed after logging in.It just says “Hi! You are logged in as moderator” or “Hi! You are logged in as agent”. But after logging out and logging in again, the username is displayed already… like the way it should be : “Hi name! You are logged in as moderator”. or “Hi name! You are logged in as agent”.
So what could be the problem why my **$_SESSION("myusername")** doesn’t work during first check_login.
Thanks.
You need to call the
session_start();function in your first page (where it isn’t displaying).If you want to start a session with the user, and refer to the variables that you store in it, start the session at the beginning of the page, even if you don’t plan to use it until the bottom of your script.
Once you have sent that command, you are able to set and reference variables from the
$_SESSIONobject.