Display a field associated with user logged in?

Question

Basically i have a simple table (mbs_users) containing:

    Field   Type    Collation   Attributes  Null    Default Extra   Action
id  int(5)          No  None    AUTO_INCREMENT                          
username    varchar(7)  utf8_general_ci     No  None                                 
password    varchar(7)  utf8_general_ci     No  None                                 
status  varchar(65) utf8_general_ci     No  None

The user logs in from the page main_login .php

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>                            

Check login file

<?php
$host="mysql.mywebsite.co.uk"; // Host name 
$username="myusernamexx/ Mysql username 
$password="password"; // Mysql password 
$db_name="mbs_orderstatus"; // Database name 
$tbl_name="mbs_users"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

and then redirects to login_success.php

// Check if session is not registered , redirect back to main page. 
// Put this code in first line of web page. 
<? 
session_start();
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>

<html>
<body>
Login Successful
</body>

How do i get the field 'status' associated with the user that just logged in to show on this page?

Answer 1

You already have that information at the login page. At the login page you also set data into the session. Why not set the data you need in the session? That way you can use it at the other pages.

So in login file:

$sql = "SELECT * FROM $tbl_name WHERE username = '$myusername' and password = '$mypassword'";
$result = mysql_query($sql);
$data = mysql_fetch_assoc($result);
$_SESSION['username'] = $data['username']
$_SESSION['status'] = $data['status']

And in login_success:

echo $_SESSION['status'];