php - Setting a Session Variable -
wonder if me. trying set session variable database table. need when logs in, takes value 'user_group' column of user table user has logged in , assign session variable. @ moment passing in username manually typed in user upon login.
this current code login.php. have tried various things , looked on here tips haven't had luck.
<?php session_start(); $host = "localhost"; $user = "root"; $pass = ""; $db = "california"; mysql_connect($host, $user, $pass); mysql_select_db($db); $username = $_post['name']; $password = md5 ($_post['password']); // check make sure both fields entered if ($username == '' || $password == '') { header("location:login-fail.htm"); } else $sql = "select * users name='".$username."' , password='".$password. "' limit 1"; $res = mysql_query($sql); if (mysql_num_rows($res) == 1) { $_session['logged_in']= $username; header("location:login-success.htm"); exit(); } else { header("location:login-fail.htm"); exit(); } ?>
what happens if add a
$row = mysql_fetch_assoc($res);
after mysql_query , assign group session
$_session['logged_in'] = $row['user_group']
edit: want inform mysql_* functions deprecated. mysql query isn't protected against sql injections
Comments
Post a Comment