0

I've been trying to set a value from my mysql server table field equal too the $_SESSION["mypermissions"] session variable. Whatever I try it comes up blank though or with a value 0. I feel like this is probably a stupid question and there's a simple solution but nothing seems to be working. Here is my code so far, look near the bottom for the sql query in question.

<?php
$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password=""; // Mysql password 
$db_name="comproject"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

session_start();
$_SESSION["myusername"] = $myusername;

$sql = "SELECT permissions FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$_SESSION["mypermissions"] = mysql_query($sql);

header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
Improve this question
2
  • 1
    The problem is $_SESSION["mypermissions"] = mysql_query($sql);, you are assigning a resource to the session variable. Instead, you want to get a result from the query first. Commented Jan 14, 2014 at 16:52
  • Why are you selecting the same thing twice? First you do SELECT * and then SELECT permissions, but the WHERE condition is the same. You could extract the permissions from the result of the first query. Commented Jan 14, 2014 at 17:28

2 Answers 2

Reset to default
1

It seems that you did not fetch query result . you have to fetch result then based on result set session variable like this:

    <?php
    $host="localhost"; // Host name 
    $username="root"; // Mysql username 
    $password=""; // Mysql password 
    $db_name="comproject"; // Database name 
    $tbl_name="members"; // Table name 

    // Connect to server and select databse.
    mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
    mysql_select_db("$db_name")or die("cannot select DB");

    // username and password sent from form 
    $myusername=$_POST['myusername']; 
    $mypassword=$_POST['mypassword']; 

    // To protect MySQL injection
    $myusername = stripslashes($myusername);
    $mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
    $mypassword = mysql_real_escape_string($mypassword);
    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' limit 1";
    $result=mysql_query($sql);

    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);

    // If result matched $myusername and $mypassword, table row must be 1 row
    if($count==1){  
    session_start();
    $_SESSION["myusername"] = $myusername;
    $row = mysql_fetch_object( $result);//fetch object
    $_SESSION["mypermissions"] = $row->permissions; // set permission to session   
    header("location:login_success.php");
    }

else {
echo "Wrong Username or Password";
}
?>
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

@Shard : did you try this?
0 
$res = mysql_query($sql);
$row = mysql_fetch_object($res);
$_SESSION["mypermissions"] = $row->permissions;
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.