miamati
asked on
Maintain session state with php
I am using mysql db with php 4 server side scripting (on apache) and have implemented a login form. I need to maintain session state after a user logs in successfully so he can view, update or upload image by selecting option from html page.
At the moment a user can logon and he will be requested to enter email so he can access his record. How can I skip this useless part where email is requested and just give the user option to select from view, update and upload image once he is successfully authenticated i.e by maintaining state? I have the following sample php code to maintain state and have updated it to display variables when update_cv.php is loaded (i.e at the moment when a user selects udpate record) but I was not able to make it work. I am not sure whether $_SESSION['email']; is placed correctly or is in fact needed!! I have initially assigned 250 points but will assign double if I get quick solution ;-)
detect.php file:
<?
require("detect.php");
$_SESSION['email'];
print "var = $var<br>";
?>
update_cv.php file:
<?
session_start();
if (!session_is_registered("v
print "You are not registered<br>";
session_register("var");
$var = "email";
}
else {
print "You are already logged in!<br>";
}
?>
thanks
m
At the moment a user can logon and he will be requested to enter email so he can access his record. How can I skip this useless part where email is requested and just give the user option to select from view, update and upload image once he is successfully authenticated i.e by maintaining state? I have the following sample php code to maintain state and have updated it to display variables when update_cv.php is loaded (i.e at the moment when a user selects udpate record) but I was not able to make it work. I am not sure whether $_SESSION['email']; is placed correctly or is in fact needed!! I have initially assigned 250 points but will assign double if I get quick solution ;-)
detect.php file:
<?
require("detect.php");
$_SESSION['email'];
print "var = $var<br>";
?>
update_cv.php file:
<?
session_start();
if (!session_is_registered("v
print "You are not registered<br>";
session_register("var");
$var = "email";
}
else {
print "You are already logged in!<br>";
}
?>
thanks
m
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
First of all tks for your feedback and sorry for getting back so late but due to unforseen circumstances I could not get back on the project. Anyway points increased as promised to 500! Now back to session state issue and I understood that what I have to do is to set session_start(); on each and every page + &_SESSION['email']=&_POST[
<?php
extract($_POST);
$email=$_POST['email];
$query = SELECT * from table where email='$email'";
Can I use the $_session variable to match the user's email with correct record eg. where email=". $_session ["email"]""; and should I leave extract($_POST); and $email=$_POST['email]; and just add session_start(); ? I need to keep the user's email in memory (i.e thro' session vairiable) to use it for my sql queries. Can you please put sample code of how login page and index_user.php should start as to be honest I got confused never having used session state!?
thanks a lot mates!
m
<?php
extract($_POST);
$email=$_POST['email];
$query = SELECT * from table where email='$email'";
Can I use the $_session variable to match the user's email with correct record eg. where email=". $_session ["email"]""; and should I leave extract($_POST); and $email=$_POST['email]; and just add session_start(); ? I need to keep the user's email in memory (i.e thro' session vairiable) to use it for my sql queries. Can you please put sample code of how login page and index_user.php should start as to be honest I got confused never having used session state!?
thanks a lot mates!
m
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Slight *mistake* there, if the session value has already been set when you run the query you only need
<?php
session_start();
$query = "SELECT * from table where email='".$_SESSION['email'
$query = mysql_query($query) or die(mysql_error());
?>
<?php
session_start();
$query = "SELECT * from table where email='".$_SESSION['email'
$query = mysql_query($query) or die(mysql_error());
?>
Heres another method that you would use when they first log in
<?php
session_start();
$query = "SELECT * from table where email='".$_POST['email']."
$query = mysql_query($query) or die(mysql_error());
$_SESSION['username'] = mysql_result($query,0,"FIE
?>
The post value of email is immediately run in the query and then the session value is set using the results from that query. In the last line of code FIELD_NAME would be the name of the field that you are getting the result from, so if you have a username field and you need to put that value in the session variable you would replace it with username.
you can then use $_SESSION['username'] elsewhere on your site (as long as session_start(); is at the top).
This may come in hand, if you need to check if they are logged in you could check if the session is set. In the below example if the session is not set the user will be redirected to the index page (you could also, for example, redirect them to the login page so then can login).
<?php
if (!isset($_SESSION['usernam
header("location: index.html");
exit;
}
?>
good luck!
<?php
session_start();
$query = "SELECT * from table where email='".$_POST['email']."
$query = mysql_query($query) or die(mysql_error());
$_SESSION['username'] = mysql_result($query,0,"FIE
?>
The post value of email is immediately run in the query and then the session value is set using the results from that query. In the last line of code FIELD_NAME would be the name of the field that you are getting the result from, so if you have a username field and you need to put that value in the session variable you would replace it with username.
you can then use $_SESSION['username'] elsewhere on your site (as long as session_start(); is at the top).
This may come in hand, if you need to check if they are logged in you could check if the session is set. In the below example if the session is not set the user will be redirected to the index page (you could also, for example, redirect them to the login page so then can login).
<?php
if (!isset($_SESSION['usernam
header("location: index.html");
exit;
}
?>
good luck!
ASKER
Thanks to both as I have managed to enable sessions throughout the whole site! I have used diablo84's first method which worked just great. Points splitted accodingly:
diablo84: 400
aratani: 100
Thanks again.
regards
m
diablo84: 400
aratani: 100
Thanks again.
regards
m
session_start();
$_SESSION['email'] = "address@domain.com";
//or if its coming from post data for example $_SESSION['email'] = $_POST['email'];
Then to check if they are logged in to prevent them having to enter their details again you can do this
<?php
session_start();
if (!isset($_SESSION['email']
print "You are not registered<br>";
//prehaps redirect to login page
}
else {
print "You are already logged in!<br>";
}
?>