Salve, sono riuscito a risolvere il problema della query ma ora ne ho uno maggiore.
La mia script prende i dati dalla tabella dello user che si logga e inserisce i valori nelle variabili di sessione. Il problema sta nel fatto che quando effettuo il login, i dati vengono inseriti ma i valori delle variabili di sessione non vengono passati alla pagina protetta! Vi posto il codice della pagina di login e della pagina riservata.
Pagina Login
Codice PHP:
<?
session_start ();
if ((!isset($_POST['myfirstname'])) && (!isset($_POST['mypassword']))&& (!isset($_POST['mylastname'])))
{
echo "
<body bgcolor=\"#5e6469\" link=\"#ff0000\" alink=\"#ff0000\" vlink=\"#ff0000\">
<a href=\"manual.html\"><img src=\"images/manual2.png\" allign=\center\"></a>
<form name=\"form1\" method=\"post\" action=\"".$_SERVER['PHP_SELF']."\">
<table border=\"0\" bordercolor=\"#0000ff\" bgcolor=\"#5e6469\" allign=\"center\">
<tr>
<td>[b]Lower Sixth Login[/b]</td><td></td>
</tr>
<tr>
<td>First Name</td>
<td>:</td>
<td><input name=\"myfirstname\" type=\"text\" id=\"myfirstname\"></td>
</tr>
<tr>
<td>Full Last Name</td>
<td>:</td>
<td><input name=\"mylastname\" type=\"text\" id=\"mylastname\"></td>
</tr>
<tr>
<td>Given Password</td>
<td>:</td>
<td><input name=\"mypassword\" type=\"password\" id=\"mypassword\"></td>
</tr>
<tr>
<td></td>
<td></td>
<td><input type=\"submit\" name=\"Submit\" value=\"Login\"></td>
</tr>
</table>
</td>
</form>
<a href=\"http://www.hippocampuspalinuri.com\">Click Here for Free Sushi :P</a>";
}
else
{
ob_start();
include ("config.php");
$tbl_name="members"; // Table name
$myfirstname= $_POST['myfirstname'];
$mylastname= $_POST['mylastname'];
$mypassword= $_POST['mypassword'];
$sql= mysql_query("SELECT * FROM $tbl_name WHERE firstname='$myfirstname' && lastname='$mylastname' && password='$mypassword'");
$count=mysql_num_rows($sql);
if($count == 1){
$sqlfirst = mysql_query("SELECT * FROM $tbl_name WHERE firstname='$myfirstname' && lastname='$mylastname' && password='$mypassword'");
$result = mysql_fetch_array($sqlfirst);
$firstname = $result['firstname'];
$lastname = $result['lastname'];
$password = $result['password'];
$done = $result['done'];
$_SESSION['firstname'] = "$firstname";
$_SESSION['lastname'] = "$lastname";
$_SESSION['password'] = "$password";
$_SESSION['done'] = "$done";
header("location:index.php");
}
else {echo "Wrong First Name, Last Name and Password";}
}
ob_end_flush();
?>
Pagina Riservata
Codice PHP:
<?
ob_start();
session_start();
if(session_is_registered(user))
{
echo "Welcome " . $_SESSION['firstname']." ".$_SESSION['lastname']."
";
if ($_SESSION['done'] == 0)
{
include("submit.html");
}
elseif ($_SESSION['done'] == 1)
{
echo "Dear ".$_SESSION['user'].", you have already submitted your profile, if you wish to change anything you will have to email minc01, bord01 or lamb01.
";
echo "<form action=\"logout.php\" method='POST'>
<input type='submit' name='logout' value='Logout'>
</form>";
}
elseif ($_SESSION['done'] == 2)
{
echo "<body bgcolor=\"#5e6469\" vlink=\"#000000\" alink=\"#000000\" link=\"#000000\">";
include("config.php");
$table_scrappy = "members";
$result = mysql_query("SELECT * FROM {$table_scrappy}");
if (!$result) {
die("Query to show fields from table failed");
}
$fields_num = mysql_num_fields($result);
echo "<h1>Table: {$table_scrappy}</h1>";
echo "<table border=\"1\" bordercolor=\"#ff0000\" bgcolor=\"#5e6469\"><tr>";
// printing table headers
for($i=0; $i<$fields_num; $i++){
$field = mysql_fetch_field($result);
echo "<td>{$field->name}</td>";
}echo "</tr>\n";
// printing table rows
while($row = mysql_fetch_row($result)){
echo "<tr>";
// $row is array... foreach( .. ) puts every element
// of $row to $cell variable
foreach($row as $cell)
echo "<td>$cell</td>";
echo "</tr>\n";
}
mysql_free_result($result);
echo "<form action=\"logout.php\" method='POST'>
<input type='submit' name='logout' value='Logout'>
</form>";
}
else {
echo "you are not logged in";
header("location: login.php");
}
}
else
{
header("location: login.php");
}
?>
Grazie del vostro aiuto!
Beavey
Permessi di invio
Rispondi quotando