PDA

View Full Version : Query using session name ??

wap3
04-18-2003, 02:38 PM
Hi

How can I make a query which searces using the name of the session currently open.

i.e

$query = "SELECT * FROM users WHERE username = '$_SESSION[name]'";


thats the idea but it doesn't work ??

:thumbsup:
raf
04-18-2003, 02:43 PM
more like a php question. Did you try

$query = "SELECT * FROM users WHERE username = '" . $_SESSION[name] . "'";

Where session("name") contains the username
wap3
04-18-2003, 02:54 PM
thanks raf,

but no that doesnt work.

:confused:
raf
04-18-2003, 03:08 PM
Did you open the session? (with session_start(); )
Is there a value for that sessionvariable? I now also see you have no quotes around the sessionvariablename.

Did you look at the statement that was executed ? with

echo $query ;
wap3
04-18-2003, 03:28 PM
Hi Raf,

Yer I have the session start bit.

I will explain again, just to clarify. I have a log in page where the user enters username and password. This is checked out in the database. If it exists in there then a session is registered using the username entered.

Then the user gets forward to a page. Where I have this query.
Now because the name of the session could be a few different ones. I need to read what the session is called and use that in the query.

So for example if the session was registered as "admin", then the query would use the word "admin" and look something like this.


$query = "SELECT * FROM users WHERE username = 'admin' ";


You get what I mean raf ??
raf
04-18-2003, 04:09 PM
Absolutely not :confused:
Then the user gets forward to a page. Where I have this query.
Is this redirect necessary? Can't you use a multipurpose page? (and save yourseldf a query etc)
Is you redirect, can't you append the value to the querystring?

if the session was registered as "admin",
What do you mean? I'm confused. You can have

session_start();
session_register("session_variable");
$session_variable = "value";

so, like its in your code, you'd have

session_start();
session_register("name");
$name= "admin";


or do you wan't to use the session_name() function?

Can't you just store the users ID in a sessionvariable? Like

session_start ();
session_register("sesuserID");
$sesuserID=$user_row['ID'];

and then just have

session_start ();
$query = "SELECT * FROM users WHERE ID = '" . $_SESSION["sesuserID"] . "'";