-1

So I'm trying to show an users username after he or she has logged in but I just can't get it to work... Here are the codes I am using:

First off, an user has to log in.

  <div>
     <form  method="POST" action="login.php">
        <h2>LOGIN</h2>
        <input type="text"  placeholder="Username" name="username" />
        <input type="password" placeholder="Password" name="password" />

        <br />

        <input class="btn btn-large btn-primary" type="submit" name="login" value="Log In" />
     </form>
  </div>

After using the form, this sript will load, this is 'login.php':

<?php

session_start();
if(!$_SERVER['REQUEST_METHOD'] == 'POST') {
    echo "Go away.<br /><br />";
    exit(); 
}


        if(mysql_connect('localhost', 'root', '')) {
    if(mysql_select_db('users')) {
        $username = $_POST['username'];
        $password = $_POST['password'];

        $query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
        $zoekresultaat = mysql_query($query);

        if($zoekresultaat = mysql_affected_rows() > 0) {
            $record = mysql_fetch_assoc($zoekresultaat);

            $_SESSION['login'] = true;
            $_SESSION['username'] = $record['username'];

            header('location: dashboard.php');
            } else {
                header('location: loginerror.php');
            }
            exit();
    } exit(); {
        echo "Can't find database.";
    }
} else {
    echo "Can't connect to database.";
}

?>

When this is done, the user gets redirected to 'dashboard.php' which is the following:

<?php include "includes/menu.php";?>


<div id='content'>
<h1><strong>Welkom <?php echo $_SESSION['username']; ?></strong></h1>
<p></p>
</div>


<?php include "includes/foot.php";?>

Problem is when I try to login I get the following error:

Notice: Undefined variable: _SESSION in D:\xampp\htdocs\NGP\dashboard.php on line 5

I'm really lost and hoping to get some answers here! Thanks in advance!

Jordy Dragt
  • 1
  • 1
  • 1
  • 2
  • You have to do session_start() before you can use $_SESSION. – Christian Stewart Jul 09 '13 at 00:12
  • 1
    You are storing passwords in clear text! Never do that! Please store only a salted hash of the passwords. – juergen d Jul 09 '13 at 00:14
  • storing passwords in plain text is the least of your worries if your database connection is running on the root user. – skrilled Jul 09 '13 at 00:21
  • 1
    Christian, must session_start() be on the dashboard.php as well as the login.php or only the dashboard? – Jordy Dragt Jul 09 '13 at 00:22
  • but yeah you need to use session_start(); in every script that uses a session.. this includes your views. – skrilled Jul 09 '13 at 00:22
  • Thanks! Can I put '' in just the menu.php file which is included on every page via '' ? – Jordy Dragt Jul 09 '13 at 00:25
  • Please, don't use mysql_* functions for new code. They are [deprecated](http://php.net/manual/en/intro.mysql.php). Use [prepared statements](http://goo.gl/vn8zQ) with either [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli). Here is good [PDO tutorial](http://goo.gl/vFWnC). – peterm Jul 09 '13 at 00:45

1 Answers1

3

Just include session_start(); line in the common include file.

Amernath
  • 360
  • 1
  • 5