PHP Login using Session

Question

I'm learning on how to make a login page where I learned more details about how sessions work. I searched around different sites until I found one that brought success. However after successful login, I want to set up where the user could click on their profile, edit profile, account setting and logout after login. Logging out had no problem but the link to profile didn't show.

Here is the test login check:

ob_start();  
// To protect MySQL injection (more detail about MySQL injection)
$email = stripslashes($email);
$password = stripslashes($password);
$email = mysql_real_escape_string($email);
$password = mysql_real_escape_string($password);

$sql="SELECT * FROM users WHERE email='$email' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $username and $password, table row must be 1 row
if($count==1){

// Register $username, $password and redirect to file "login_success.php"
session_register('email');
session_register('password');
session_register('userID'); // Tried and didn't work
session_register('lastlogin'); // Tried and didn't work

ob_end_flush();

This is on the main page

session_start(); 

// See if they are a logged in member by checking Session data
$userlinks = "";

if (isset($_SESSION['email'])) {
    // Put stored session variables into local php variable
    $userID = $_SESSION['userID'];
    $username = $_SESSION['username'];
    $lastlogin = $_SESSION['lastlogin'];

    //If session is successful, the following is available: profile, last login,    account and logout.
    $userlinks = '
    <a href="testuser.php?userID=' . $_SESSION['userID'] . '">' . $_SESSION['email'] . '</a> &bull; (' . $_SESSION['lastlogin'] . ') 
    <a href="testuser_account.php">Account</a> &bull; 
    <a href="testlogout.php">Log Out</a>';
} else {
    // If session failed, see if the user has a Damju account.
    $userlinks = 'Have an account? <a href="testlogin.php">Click Here</a> <br/> Not registered? <a href="testreg.php">Click Here</a>';
}

This what I want: (a href="testuser.php?userID=#")username(/a)

As you can see, I was trying to figure out myself so I wouldn't seem like I am not trying.

References

• http://www.phpeasystep.com/phptu/6.html

PS: I viewed other links but they were of almost made in different ways. Confusing...

Thanks to anyone who understand and sorry if you don't.

Answer 1

Set a user id using

$_SESSION['userid'] = $userid;

You will then be able to access the session variable from anywhere as long as your session is started on every page

session_start();

using

$_SESSION['userid'];

eg

$userid= $_SESSION['userid'];
echo $_SESSION['userid'];

if you even want to see what is in the session just do

print_r($_SESSION);

when your user logs out ensure you unset the variable then destroy the session

unset($_SESSION['userid']);
session_destroy();