Not reading userid from sesh

DJJama

03-20-2010, 04:34 PM

Hi guys, my project is moving along.

This code is supposed to allow a user (userid should be taken from the session) to select a race from another table via a drop down box and submit it to update the record.

I have got it to display and show the races, and when i submit it does go to the add section but does not actually do anything.
I think it is to do with it not receiving a user from the sesh.

<?php
require("includes/sesh.inc");
require("includes/header.inc");
require("includes/db.inc");
require("includes/menu.inc");

$currentuser = $_SESSION['uid'];

echo "<h1>Run Selection</h1>";
echo $currentuser;
echo "</br>";
echo "</br>";

if(isset($_GET['add']))
{
$i = $_POST['rid'];
$r = $_POST['rname'];

$query= "UPDATE userdetails
SET racetrainingfor = '($r)'
//WHERE userdetails.userid = $currentuser";
mysql_query($query);
echo "<p>Race Selected</p>";
}

echo "<form action='selectrun.php?add=yes' method='post'>";
echo "<select name='rname'>";

$query1 = "SELECT * FROM rundetails";
$result = mysql_query($query1);

while ($row = mysql_fetch_array($result))
{
extract($row);

echo"<option value='".$runid."'> ".$runname." </option>";

}
echo "</select>";
echo "<input type='submit' value='Select Race'></p>";
echo "</form>";

require("includes/footer.inc");
?>

met

03-20-2010, 05:38 PM

so would it not have been more useful to provide sesh.inc code as well?

check session_start() at the very top and post further code

$query= "UPDATE userdetails
SET racetrainingfor = '($r)'
WHERE userdetails.userid = $currentuser"; //you had a comment in the query, was that intended?
mysql_query($query);
echo "<p>Race Selected</p>";
}

DJJama

03-20-2010, 06:07 PM

Hi thanks.

That comment was there as I was trying to get it to work regardless, so I would like that where clause to be included.

Also me sesh is;

<?php
session_start();
if (!isset($_SESSION['auth'] ) OR $_SESSION['auth']!= "yes")
{
header("Location: login.php");
exit();
}
?>

Jama

DJJama

03-20-2010, 06:23 PM

Also this is where uid is defined in my login script.
I know this method works as i have used lev elsewhere;

<?php
session_start();
session_register('auth');
session_register('lev');
session_register('uname');
session_register('uid');

require("includes/header.inc");
//if they have chosen to login
if(isset($_GET['do'])) {
include("includes/db.inc");
$fuser = $_POST['fusername'];
$fpass = $_POST['fpassword'];
$query = "SELECT * FROM userdetails WHERE username=LOWER('$fuser') AND password=LOWER('$fpass')";
$result = mysql_query($query);
$num = mysql_num_rows($result);
if ($num==1) {
$row = mysql_fetch_array($result);
extract($row);
$_SESSION['auth'] = "yes";
$_SESSION['uname'] = $fuser;
$_SESSION['lev'] = $accesslevel;
$_SESSION['uid'] = $userid;
include("includes/menu.inc");
}
//details not found in database as entered
else {
echo "<p>Login details are incorrect.</p>";
include("includes/login_form.inc");
}
}
//not tried to login
else {
include("includes/login_form.inc");
}

require("includes/footer.inc");

?>