Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 11 of 11
  1. #1
    Regular Coder
    Join Date
    Jul 2011
    Posts
    141
    Thanks
    8
    Thanked 0 Times in 0 Posts

    using mysql row as session

    ok well instead i am writing a login, and when I log out and go back to account.php, where the user data is, it is still there, so I'm thinking instead to doing this

    PHP Code:
    while($row mysql_fetch_array($result))  
      {
      echo 
    "<i>Dashboard</i>";
      echo 
    "<BR />"
     
    //echo $row['firstname'] . " " . $row['lastname'];
     
    echo "<BR />";
     echo 
    "<h5>Account Type:</h5> ";
     if(
    $row['account']=='')

    echo 
    "<h4><a  href=\"setaccount.php\"> Select an account type </a></h4>";
     else {
     
     echo 
    $row['account'];
     }
      echo 
    "<BR />";
     echo 
    "<h5>Billing Address: </h5>";
     echo 
    $row['address']; 
     
      
      } 

    I can do this


    PHP Code:
     while($row mysql_fetch_array($sql)){

            
    $_SESSION['id'] = $row['id'];
            
    $_SESSION['password'] = $row['password'];
            
    $_SESSION['firstname'] = $row['firstname'];
            
    $_SESSION['lastname'] = $row['lastname'];
            
    $_SESSION['address'] = $row['address'];


        } 
    Any help with this would be awesome. Thanks

  • #2
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,449
    Thanks
    76
    Thanked 4,373 Times in 4,338 Posts
    Why would you use a while loop???

    If you *do* get more than one record, then you will be setting the session values to only the *LAST* one of the multiple records.

    I would think that the worst of all worlds would be to get more than one record from a login attempt.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #3
    Regular Coder
    Join Date
    Jul 2011
    Posts
    141
    Thanks
    8
    Thanked 0 Times in 0 Posts
    What would I use instead? Btw thank you for all your help on this and previous threads

  • #4
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,449
    Thanks
    76
    Thanked 4,373 Times in 4,338 Posts
    I would think just if.
    Code:
    if($row = mysql_fetch_array($sql)){
    Unless you have a really good reason, I wouldn't store the password in a session value. No point in having that vulnerability there. Yes, it's a remote vulnerability, but...
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #5
    Regular Coder
    Join Date
    Jul 2011
    Posts
    141
    Thanks
    8
    Thanked 0 Times in 0 Posts
    well this is what I changed and I got an error:

    PHP Code:

    if($row mysql_fetch_array($sql)){

            
    $_SESSION['id'] = $row['id']; 
            
    $_SESSION['firstname'] = $row['firstname']; 
            
    $_SESSION['lastname'] = $row['lastname']; 
            
    $_SESSION['address'] = $row['address'];
    //to be sure session variable are set, I echo them        
    echo $_SESSION['id'];
    echo 
    $_SESSION['firstname'];
    echo 
    $_SESSION['lastname'];
    echo 
    $_SESSION['address'];


        } 
    Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /path/account.php on line 29

  • #6
    Regular Coder
    Join Date
    Jul 2011
    Posts
    141
    Thanks
    8
    Thanked 0 Times in 0 Posts
    Okay we'll I found the error
    instead of
    PHP Code:
    <?php
    if($row mysql_fetch_array($sql)){

            
    $_SESSION['id'] = $row['id']; 
            
    $_SESSION['firstname'] = $row['firstname']; 
            
    $_SESSION['lastname'] = $row['lastname']; 
            
    $_SESSION['address'] = $row['address'];
            
    echo 
    $_SESSION['id'];
    echo 
    $_SESSION['firstname'];
    echo 
    $_SESSION['lastname'];
    echo 
    $_SESSION['address'];


        }  
     
      

      
    ?>

    I did

    PHP Code:
    <?php
    if($row mysql_fetch_array($result)){

            
    $_SESSION['id'] = $row['id']; 
            
    $_SESSION['firstname'] = $row['firstname']; 
            
    $_SESSION['lastname'] = $row['lastname']; 
            
    $_SESSION['address'] = $row['address'];
            
    echo 
    $_SESSION['id'];
    echo 
    $_SESSION['firstname'];
    echo 
    $_SESSION['lastname'];
    echo 
    $_SESSION['address'];


        }  
     
      

      
    ?>

  • #7
    Regular Coder
    Join Date
    Jul 2011
    Posts
    141
    Thanks
    8
    Thanked 0 Times in 0 Posts
    In order to empty these variables (logout), what code do i need to write

  • #8
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,449
    Thanks
    76
    Thanked 4,373 Times in 4,338 Posts
    http://php.net/manual/en/function.session-destroy.php

    Again, I don't use PHP, but it was easy enough to find that page in the docs.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • Users who have thanked Old Pedant for this post:

    amcf1992 (09-22-2011)

  • #9
    Regular Coder
    Join Date
    Jul 2011
    Posts
    141
    Thanks
    8
    Thanked 0 Times in 0 Posts
    I tried that already, this is my code

    PHP Code:
    <?php

    // Initialize the session.
    // If you are using session_name("something"), don't forget it now!
    session_start();

    // Unset all of the session variables.
    $_SESSION = array();

    // If it's desired to kill the session, also delete the session cookie.
    // Note: This will destroy the session, and not just the session data!
    if (ini_get("session.use_cookies")) {
        
    $params session_get_cookie_params();
        
    setcookie(session_name(), ''time() - 42000,
            
    $params["path"], $params["domain"],
            
    $params["secure"], $params["httponly"]
        );
    }

    // Finally, destroy the session.
    session_destroy();



    echo 
    '<META HTTP-EQUIV="Refresh" Content="0; URL=login.php">';   
    ?>

  • #10
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,449
    Thanks
    76
    Thanked 4,373 Times in 4,338 Posts
    Well, this is PHP question now, not MySQL. Out of my area. Sorry.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #11
    Regular Coder
    Join Date
    Jul 2011
    Posts
    141
    Thanks
    8
    Thanked 0 Times in 0 Posts
    thanks for your help! Ill post this in the php forum, take care


  •  

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •