Copy variable across URLs 1

[Sitehelp]

If anyone can help with this I would be SOOO appreciative!

I am creating an online Help System using Dreamweaver MX, and I am creating it using PHP. Up until now all was going fine. The user can log in and it verifies their password in the database and then copies the clientID into the URL so it can be retrieved on the next page, however, once you have logged in I want it to be able to recognise the user on all the pages thus needing the ClientID to pass through all the URLs, or at least I presume this is the best and easiest way. I can get it through to one, when copying from the log in to the next page, as its done through a submit button, but cannot copy it to the other pages at all. I have imported buttons from Fireworks and created a navigation bar with them, which is in JavaScript I believe. Any ideas how I could get these buttons to copy the ClientID from the URL into the next URL when I click a link. I am using Dreamweaver MX by the way, if that makes any difference. Any help will be MUCH appreciated, hope this all made sense!!!!

 

[Sitehelp]

Tried using it in Mozilla but it still doesnt work when the lines are uncommented!

 

[Chacalinc]

???????????????????????????????????

what is your web server? apache? IIS?

pls, copy&paste the content of your control.php and login.php

Cheers.

 

[Sitehelp]

links are returning me back to the login page when I uncomment the lines.

 

[Sitehelp]

Apache

ok control.php is

<?php
function is_logged(){
if ((!isset($_SESSION['logged'])) || ($_SESSION['logged']!=&quot;Si&quot)
return FALSE;
else
return TRUE;
}
?>

AND login.php is

<?php
session_start();
$user=$_POST [&quot;user&quot;];
$pwd=$_POST [&quot;pwd&quot;];

if (($user == &quot;mart&quot && ($pwd == &quot;enter&quot)
{
$_SESSION['nombre']=&quot;Victor Cuevas D.&quot;;
$_SESSION['logged']=&quot;Si&quot;;
header(&quot;Location: index.php&quot;
} else
header(&quot;Location: login.html&quot;
?>

 

[Chacalinc]

Ok, in index.php, firtst lines:

<?php
session_start();

add (as milestone) the line:

echo $_SESSION['logged'] . &quot;<br>&quot;;

then go to login.html, enter user and password, click login... you will see the index.php.. this page will have errors (that's obviuos) but the first line of the page should display:

Si

Is the page displaying it?

 

[Sitehelp]

would the following be a good set up of a session?:

if (!isset($_SESSION['ClientID'])&& isset($_POST['ClientID'])){

$sql = &quot;SELECT ClientID, cpassword FROM clientinfo
WHERE ClientID='$ClientID'
AND cpassword='$fpassword'&quot;;
$result = mysql_query($sql)
or die(&quot;Couldn't execute query.&quot;
$num = mysql_num_rows($result);
if ($num == 1)
header(&quot;location:

http://localhost/project/User

Logged In/WelcomeUserPage.php?ClientID=&quot;.$HTTP_POST_VARS['ClientID'].&quot;&quot;

} else {
print &quot;Details either incorrect or not submitted&quot;;

$_SESSION['ClientID'] = $_POST['ClientID'];
}

Cheers!

 

[Chacalinc]

Let's follow this page:

1. i assum you get this script through a login.html, so user enters userid and passwd.

2.

!isset($_SESSION['ClientID']) > true
isset($_POST['ClientID']) > true (from login.html)

$sql = "SELECT ClientID, cpassword FROM clientinfo                   
             WHERE ClientID='$ClientID'
             AND cpassword='$fpassword'";
     $result = mysql_query($sql)
               or die("Couldn't execute query.");
     $num = mysql_num_rows($result);

is $num = 1 ? yes > go to secured page

NO > what happen if $row is not 1 ?????

3.

!isset($_SESSION['ClientID']) > false ($_SESSION does exists!)
isset($_POST['ClientID']) > true (from login.html)

print "Details either incorrect or not submitted";

  $_SESSION['ClientID'] = $_POST['ClientID'];

and then???

Regarding to my previous post, Is the page displaying &quot;Si&quot; in the firsts line?

 

[Sitehelp]

oh sorry no it didnt!

ok a revised code:

if (!isset($_SESSION['ClientID'])&& isset($_POST['ClientID'])){

$sql = &quot;SELECT ClientID, cpassword FROM clientinfo
WHERE ClientID ='&quot;.$_POST['$ClientID'].&quot;'
AND cpassword = '&quot;.$_POST['$fpassword'].&quot;'&quot;;
$result = mysql_query($sql)
or die(&quot;Error: MySQL said &quot;.mysql_error());
$num = mysql_num_rows($result);
$row = mysql_fetch_assoc($result);

if ($num == 1)
header(&quot;location:

http://localhost/project/User

Logged In/WelcomeUserPage.php?ClientID=&quot;.$HTTP_POST_VARS['ClientID'].&quot;&quot;

} else {
print &quot;Details either incorrect or not submitted&quot;;


# if user ok
$_SESSION['ClientID'] = $_POST['ClientID'];
}

After this come the code to create a form and place 2 text boxes in it one for the clientID (ClientID) and the other for the password (fpassword). It appears to be going through ok but I am not sure if the session in working correctly as it does not time-out the page, how can I test once in by retrieving the clientID they entered!

 

[Chacalinc]

What do you mean with time-out the page?

you can put milestones insedie just to check the vars out, so in some place put:

echo $_SESSION['ClientID']

with that you will know whether the $_SESSION variable has a value or not...