<?php $host = ""; $username = ""; $password = ""; $db_name = ""; $tbl_name = ""; mysql_connect($host, $username, $password) or die("can't connect"); mysql_select_db($db_name) or die(mysql_error()); $username = $_POST['username']; $password = $_POST['password']; $sql = "SELECT * FROM $tbl_name WHERE username='$username' and password='$password'"; $result = mysql_query($sql); $count = mysql_num_rows($result); if($count==1) { session_register("username"); session_register("password"); header("location:login_success.php"); } else{ echo "Неверный Логин или Пароль"; } ?>

How to insert the $_SESSION variable into this code?

    3 answers 3

    So you have already inserted, in my opinion, in this piece of code:

      session_register("username"); session_register("password");

    Try to display the full $ _SESSION, there should already be information, you can do it like this:

     var_dump($_SESSION);

    well, or if the version of php is old, then it is possible in the old manner, at the very top of the script session_start(); and then assign variables by the type of such

     $_SESSION['username'] = $username;

    PS you have there by the way sql injection formed (:

    • )) - rojaster

    Let's rake what you wrote here, even the most basic.

      <?php $host = ""; $username = ""; $password = ""; $db_name = ""; $tbl_name = ""; mysql_connect($host, $username, $password) or die("can't connect"); mysql_select_db($db_name) or die(mysql_error()); //во первых предотвращаем sqlinjection. $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); //так как вы не собираетесь использовать данные полученные из запроса, то нам не кчему лишние телодвижения. /* $sql = "SELECT * FROM $tbl_name WHERE username='$username' and password='$password'"; $result = mysql_query($sql); $count = mysql_num_rows($result); if($count==1) {*/ //заменяем на: if(mysql_query("SELECT * FROM $tbl_name WHERE username='$username' and password='$password'")){ //присваиваем значения $_SESSION, в принципе это делается в следующих строках, но если вам не терпится заюзать суперглобальный массив меняем их на: $_SESSION['username'] = $_POST['username']; $_SESSION['password'] = $_POST['password']; // session_register("username"); // session_register("password"); header("location:login_success.php"); } else{ echo "Неверный Логин или Пароль"; } ?>

    PS Vlad, if you think you have received an answer to your question, click the check mark next to the correct answer to show other users that the question has already been answered. I say this about all your questions.

    • $ _SESSION ['username'] = $ _POST ['username']; $ _SESSION ['password'] = $ _POST ['password']; and filtering session parameters ?, just like that you give to the non-filter session? - rojaster

    sessin_registr() will not work until at the beginning of the file call session_start();

     <?php @session_start(); ............ session_register("username"); session_register("password"); ?>
    • In mana it is written that session_register () itself calls session_start if it is not there - tranceman
    • I don’t know, the couple doesn’t work without session_start () ... - Yoharny Babay