Hi I'm trying to write an account page that shows the information for the logged in user. This is what I have so far:
<?php
include 'housestyle.php';
include 'connection.php';
global $mysqli;
?>
<style>
h1
{
font-size: 27px;
}
</style>
<h1>Your Account</h1>
<?php
$profile=$_SESSION['userlogged'];
$query="SELECT * FROM Users WHERE Username=" . $profile . "";
$result = $mysqli->query($query) or die($mysqli->error.__LINE__);
$row = mysql_fetch_array($result);
while($row = mysql_fetch_array($result)) {
print_r($row);
}
?>
The $_SESSION['userlogged']; is from loginsubmit.php:
<?php
session_start();
?>
<font face="ClearSans-Thin">
<font color="lightgray">
<?php
include 'connection.php';
include 'loginform.php';
?>
<center>
<?php
if (isset($_POST['submit']))
{
$user = $_POST['username'];
$pass = $_POST['password'];
$query = "SELECT COUNT(*) AS cnt FROM Users WHERE Username='" . mysqli_real_escape_string($connection, $user) . "' && Password='" . mysqli_real_escape_string($connection, $pass). "'";
$result = mysqli_query($connection, $query);
$row = mysqli_fetch_assoc($result);
$queryadmin = "SELECT COUNT(*) AS cnt FROM Admin WHERE Username='" . mysqli_real_escape_string($connection, $user) . "' && Password='" . mysqli_real_escape_string($connection, $pass). "'";
$resultadmin = mysqli_query($connection, $queryadmin);
$rowadmin = mysqli_fetch_assoc($resultadmin);
if ($row["cnt"] > 0)
{
$_SESSION["userlogged"] = $user;
header("Location: homepage.php");
}
else if ($rowadmin["cnt"] > 0 )
{
$_SESSION["adminlogged"] = $user;
header("Location: homepage.php");
}
else
{
echo 'Not a valid login';
}
}
?>
</center>
So I'm trying to get it to identify the username that was entered on login and session start, then use it to return everything from that row. Where am i going wrong?
In upper script you don't do session_start(), so $_SESSION is empty.