Hey everyone.
I’m setting up my authentication for my website. I am trying to have it so that users can register, login and then go on to their members page where they will be able to post news, upload school notes, etc. but for some reasons I can’t transfer the variables to continue the session. My PHP is up to date so I’m thinking I just have a stupid, simple problem floating in my code. 😮
[B][I]This is the login code (login.php):
<?php
//Retrieve data from login form.
$Email = $_REQUEST[‘Email’]; //get Email for login
$Password = $
//Strip away harmful tags
$Email=strip_tags($Email);
$Password = strip_tags($Password);
//Replace spaces in variables
$Email=str_replace(” “,””,$Email); //remove spaces from email login
$Password=str_replace(” “,””,$Password); //remove spaces from password login
$Email=str_replace(“%20″,””,$Email); //remove escaped spaces from email login
$Password=str_replace(“%20″,””,$Password); //remove escaped spaces from password login
//Escape other things (ie quotes and apostrophes)
$Email=addslashes($Email);
$Password=addslashes($Password);
//Connect
$conn = mysql_connect(“localhost”, “na032339”, “na032339”);
if (!$conn) {
echo “Unable to connect to DB: ” . mysql_error();
exit;
}
if (!mysql_select_db(“na032339”)) {
echo “Unable to select na032339: ” . mysql_error();
exit;
}
//Encrypt Password to compare to database
$Password=md5($Password);
//Select table entry to compare password to
$sql= “SELECT * FROM Register WHERE Password = ‘”.$Password.”‘ AND Email = ‘”.$Email.”‘ LIMIT 1″;
//Pass information to the mySQL connection
$result= mysql_query($sql);
//If mySQL return a value greater than 0, then there is a match.
if(mysql_num_rows($result)) //function returns true if any matches are found
{
session_start();
$_SESSION[‘Email’] = $Email;
$
Header(“Location: members.php”);
echo “User Logged in.”;
}
Else
{
echo “<font face=’Arial’>User Name/Password Not Found!”;
print “Click <a href=’payments.html’>here</a> to try again</font>”;
$_SESSION[‘Auth’] = “False”;
}
?>
[B][I]This is the start of my members page code (members.php):
<?php
session_start();
session_register(“Email”);
if (!isset($_SESSION[‘Email’]))
{
// User not logged in, redirect to login page
Header(“Location: payments.html”);
}
// Display Member-only stuff
// …
// Display Member information
echo “<p>User ID: ” . $_SESSION[“Email”];
// Display logout link
echo “<p><a href=”logout.php”>Click here to logout!</a></p>”;
?>
If you can help me I’d kiss your feet! haha :rolleyes:
Any help would be great!! ?
Chris