When I run the site, this dissapears on it:
<?php
echo $_SESSION["UserID"];
?>
I don't know why, it seems obvious it should work, it did in a video I watched? It kind of works when I make it:
<?php
echo '$_SESSION["UserID"]';
?>
But then it just echo's:
$_SESSION["UserID"]
And not the actual session id
Here is the whole script:
<?php require 'Connections/Connections.php'; ?>
<?php
session_start();
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Titled Document</title>
<link href="C:/Users/Mikkel/Desktop/HTML & CSS/bootstrap.css" rel="stylesheet" />
<link href="CSS/Layout.css" rel="stylesheet" type="text/css" />
<link href="CSS/Menu.css" rel="stylesheet" type="text/css" />
</head>
<body>
<br><?php echo $_SESSION["UserID"]; ?>
<div id="Holder">
<div id="Header"></div>
<div id="NavBar">
<nav>
<ul>
<li><a href="#">Login</a></li>
<li><a href="#">Register</a></li>
<li><a href="#">Forgot Password</a></li>
</ul>
</nav>
</div>
<div id="Content">
<div id="PageHeading">
<h1>Page Heading</h1>
</div>
<div id="ContentLeft">
</div>
<div id="ContentRight"></div>
</div>
<div id="Footer"></div>
</div>
</body>
</html>
And here is the script that makes it:
<?php require 'Connections/Connections.php'; ?>
<?php
if(isset($_POST['submit'])){
$UN = $_POST['username'];
$PW = $_POST['password'];
$result = $con->query("select * from user where Username='$UN' AND Password='$PW'");
$row = $result->fetch_array(MYSQLI_BOTH);
session_start();
$_SESSION["UserID"] = $row['UserID'];
header('Location: account.php');
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
<link href="C:\Users\Mikkel\Desktop\HTML & CSS" rel="stylesheet" />
<link href="CSS/Layout.css" rel="stylesheet" type="text/css" />
<link href="CSS/Menu.css" rel="stylesheet" type="text/css" />
<link href="CSS/Bootstrap.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="Holder">
<div id="Header"></div>
<div id="NavBar">
<nav>
<ul>
<li><a href="#">Login</a></li>
<li><a href="#">Register</a></li>
<li><a href="#">Forgot Password</a></li>
</ul>
</nav>
</div>
<div id="Content">
<div id="PageHeading">
<h1>Page Heading</h1>
</div>
<div id="ContentLeft">
<h2>Your Message Here </h2><br />
<h6>Your Message</h6>
</div>
<div id="ContentRight">
<form id="form1" name="form1" method="post">
<div class="FormElement">
<p>
<input name="text" type="text" required="required" id="username" placeholder="Username">
</p>
<p> </p>
</div>
<div class="FormElement">
<p>
<input name="password" type="password" required="required" id="password" placeholder="Password">
</p>
<p> </p>
</div>
<div class="FormElement">
<p>
<input name="submit" type="submit" class="btn-primary" id="submit" value="Submit">
</p>
<p> </p>
</div>
</form>
</div>
</div>
<div id="Footer"></div>
</div>
</body>
</html>
It is usually best practices to start the session in the beginining of the document and not in the middle. However, your issue is that when you make the query, it does not bring in the variables $UN and $PW. Since you started it off with a "
then, PHP will not parse the inside of it. You can "pause" it with: "select * from user where Username='" . $UN . "' AND Password='" . $PW . "'"
So, the session is never being properly set. However, since the above method is unconventional, and since you are doing authentication, you should be using prepared statements. http://www.w3schools.com/php/php_mysql_prepared_statements.asp
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.