I have two PHP
files, in which i'd like to store a session
variable id
like this
if(authentification($login,$mdp) == 0)
{?>
<script>alert('logging failed');</script>
<?php
header('Location: Contacts.php');
}
else{
session_start();
$_SESSION['login'] = $login;
$_SESSION['mdp'] = $mdp;
$a = authentification($login,$mdp);;
$_SESSION['id'] = $a;
header('Location: space.php');
}
And in the file space.php
session_start();
$list = Get_companies_by_user($_SESSION['id']);
in the function.php
function authentification($login,$mdp){
parametrs();
$Log_query=mysql_query(
"
SELECT user_id
FROM reg_users
WHERE username ='$login'
AND password ='$mdp'
") or die(mysql_error());
if ($Log_query == true && mysql_num_rows($Log_query) >0) {
while ($Res_user = mysql_fetch_array($Log_query) ) {
return $Res_user;
}
}
else return 0;
}
The problem is in the value of the variable $_SESSION['id']
: why it is null in space.php
? How can i fix this error?
Try something like:
function authentification($login,$mdp){
$Log_query = mysql_query("SELECT user_id FROM reg_users WHERE username ='$login' AND password ='$mdp'") or die(mysql_error());
//The user should be unique, not more than 0
if($Log_query && mysql_num_rows($Log_query) === 1){
while ($Res_user = mysql_fetch_array($Log_query) ) {
$user = $Res_user['user_id'];
}
return $user;
}else{
return 0;
}
}
You should also escape $login
and $mdp
with:
mysql_real_escape_string($var);