...

View Full Version : help with $_SESSION



Bob42
01-06-2008, 06:37 AM
I need some helping getting my session to work. Basically, I have a login script where a user types in a username and password and logs into the site. In my database, I have a field called "status" and it shows whether the user who logged in is an Administrator or Moderator.
What I want is when the person logs in, on the next page that is displayed, I want certain data to be displayed only if a person is an Administrator, and not a moderator. I figured I can do this best with using $_SESSION, but I haven't had much success with it. Here's what I have so far:



<?php
session_start();
if(isset($_SESSION['status']) == Administrator)
{
echo "Hi!";
}
else {
echo "Bye!";
}
?>


So if the user who logged in is an admin, then "Hi!" should appear, if not then "Bye!" should appear.

Here's my authentication script for the login system:



$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);

$sql = "SELECT * FROM admins WHERE username='$username' and password='$password'";
$result = mysql_query($sql);
$status = "SELECT status FROM admins WHERE username='$username'";

$count = mysql_num_rows($result);

if($count == 1){
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$_SESSION['status'] = $status;
$_SESSION['db_logged_in'] = true;
header("location:login_success.php");
}
else {
echo "blah blah blah";
}


I need help getting this sorted out. My code works but it displays "Hi!" no matter what the status of the user is.

bhakti_thakkar
01-06-2008, 07:28 AM
just try doing this :

<?php
session_start();
if(isset($_SESSION['status']) && ($_SESSION['status'] == "Administrator"))
{
echo "Hi!";
}
else {
echo "Bye!";
}
?>

hope this works

Bob42
01-06-2008, 07:54 AM
Unfortunately, that is not working. I'm now receiving the "Bye!" message on a user that has a status of Administrator.

Inigoesdr
01-06-2008, 08:34 AM
var_dump($_SESSION['status']); on the page you're getting the Bye message.

Bob42
01-06-2008, 09:04 AM
May I ask where exactly I place the var_dump($_SESSION['status']); code in the Bye page?

Inigoesdr
01-06-2008, 09:15 AM
Anywhere after session_start() and before the if/else code above.

Bob42
01-06-2008, 09:26 AM
So something like this?



<?php
session_start();
var_dump($_SESSION['status']);
if(isset($_SESSION['status']) && ($_SESSION['status'] == "Administrator"))
{
echo "Hi!";
}
else {
echo "Bye!";
}

?>


Because all that is doing is displaying

string(50) "SELECT status FROM admins WHERE username='Fox'" Bye!

on the page, which I clearly don't want.

shaileshpatil
01-06-2008, 10:50 AM
Hey try this code.

$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);

$sql = "SELECT * FROM admins WHERE username='$username' and password='$password'";
$result = mysql_query($sql);
$rs = mysql_fetch_assoc($result);

$_SESSION['status'] = $rs['status'];




I need some helping getting my session to work. Basically, I have a login script where a user types in a username and password and logs into the site. In my database, I have a field called "status" and it shows whether the user who logged in is an Administrator or Moderator.
What I want is when the person logs in, on the next page that is displayed, I want certain data to be displayed only if a person is an Administrator, and not a moderator. I figured I can do this best with using $_SESSION, but I haven't had much success with it. Here's what I have so far:



<?php
session_start();
if(isset($_SESSION['status']) == Administrator)
{
echo "Hi!";
}
else {
echo "Bye!";
}
?>
So if the user who logged in is an admin, then "Hi!" should appear, if not then "Bye!" should appear.

Here's my authentication script for the login system:



$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);

$sql = "SELECT * FROM admins WHERE username='$username' and password='$password'";
$result = mysql_query($sql);
$status = "SELECT status FROM admins WHERE username='$username'";

$count = mysql_num_rows($result);

if($count == 1){
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$_SESSION['status'] = $status;
$_SESSION['db_logged_in'] = true;
header("location:login_success.php");
}
else {
echo "blah blah blah";
}
I need help getting this sorted out. My code works but it displays "Hi!" no matter what the status of the user is.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum