Jump to content

Session Problems..


zscott
 Share

Recommended Posts

Hello,I wrote a simple script to take care of a bunch of processes, in order to register a member for this website.I'm having a problem however parsing the $_SESSION['username'] from who is logged into the website.For some reason, i'm getting the username for the database that I connect with; I am using variables to connect, but not the same ones.Would there be any confusion as to who is logged into the page, and what is going on with the post variables? I wouldn't think so..Maybe I'm doing something wrong.. here is the code:

<?php// connect.php is just:/*<?php// set up the connection information$host="localhost"; // Host name$mysqluser="domain_user"; // Mysql username$mysqlpass="password"; // Mysql password$db_name="domain_db"; // Database name// connect yo!$con = mysql_connect("$host","$mysqluser","$mysqlpass");if (!$con)  {  die('Could not connect: ' . mysql_error());  }mysql_select_db("$db_name", $con);?>*/include('connect.php'); // Define $myusername and $mypassword $username=$_POST['username']; $password=$_POST['password']; $email=$_POST['email'];  $encrypted_password=md5($password);$sql="INSERT INTO members (username, password, email)VALUES('$username','$encrypted_password','$email')";if (!mysql_query($sql,$con))  {  die('Error: ' . mysql_error());  }mysql_close($con);// CREATE FOLDERmkdir("../../files/".$username); // Create History Footprintinclude('connect.php');// set date$addate = date('Y-m-d H-i-s');// Make Description$description = "Added a new member to the client login";// set usersession_start();$user = $_SESSION['username'];$sql='INSERT INTO history (date, madeby, description) VALUES ("'.$addate.'", "'.$user.'", "'.$description.'")';if (!mysql_query($sql,$con))   {	die('Error: ' . mysql_error());	}	mysql_close($con);// SEND EMAIL NOTIFY$message = "Dear client,\n\nThe following is your login information for the website, please do not give this information to anyone you do not trust. We will never ask you for your login information.\nUsername: $username\nPassword: $password\n\nThank you";$from = "From: $email\r\n";$from2= "From: Info@WebSite.com";// send that shiz!mail($from, "Subject", $message, $from2);?><html><head><meta http-equiv="REFRESH" content="1;URL=../index.php"></head><body><p>User Added</p></body></html>

Link to comment
Share on other sites

There's no reason that variables from $_POST or $_SESSION would overwrite what you have unless the autoregister_globals config option is set. That options takes a variable like $_POST['username'] and creates a variable called $username automatically. But it's always best to disable that (for reasons like this). But, if the variable names are different, then that should not be the reason.But I do notice that you never set the session variable. Where are you setting that, and how? If you are using a predefined variable from $_SERVER, that username variable corresponds to the user account on the server that PHP is running on, which would probably be the same account that you use to log into mysql.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...