Hello - I have a problem getting my sessions to work. I have a user login page - well two, log in option on home page and a generic login page (probably not relevant). My script itself probably isn't very good so any criticism is welcomed. Anyway, I can't seem to transfer my login info over to the login only pages which kind of screws up my whole application. All I want to do is allow a user to login and then display data on the next page relating to them only via a query. Said query is based on the username. Very generic and no different from many other sites. Here is my login script.


// *** Validate request to login to this site.
session_start();

$loginForm = $_SERVER['PHP_SELF'];
if (isset($accesscheck))
{
$GLOBALS['PrevUrl'] = $accesscheck;
session_register('PrevUrl');
}

if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$userAuthorization = "";
$loginSuccess = "portal/customerhome.php";
$loginFailed = "loginerror.htm";
$redirecttoReferrer = false;
mysql_select_db($database_Prodigy, $Prodigy);

$LoginRS__query=sprintf("SELECT userid, password FROM users WHERE username='%s' AND password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

$LoginRS = mysql_query($LoginRS__query, $Prodigy) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";

//declare two session variables and assign them
$GLOBALS['Username'] = $loginUsername;
$GLOBALS['UserGroup'] = $loginStrGroup;

//register the session variables
session_register("Username");
session_register("UserGroup");

if (isset($_SESSION['PrevUrl']) && false) {
$loginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $loginSuccess );
}
else {
header("Location: ". $loginFailed );
}
}


I have added "session_start()" to every page needed and tried to reference all possible variables BUT I cant even get the next page to say "welcome 'username'"....I will say that the login actually works and takes you to the page - but thats it. You can easily just type in the url and that will get you there too, which makes this incredibly useless right now.

I should mention this script originated from dreamweaver 8 and i modified it from the little i know about php...i've been told that this script is the long/wrong way round. Any tips?

my advise is to juggle less with the variables. your passing them around a lot.
Just keep the superglobals as they are and don't put them in other variables. It's also easier, because they are already (super) global :-)
also, session_register() is no longer to be used (see http://www.php.net/session-register). The proper way to put a variable into sessions when using superglobals is simply by assigning them to a $_SESSION variable. For instance
$_SESSION['var'] = "value";

ah and this:
if (isset($accesscheck))

will never be true. unless you're expecting it to be a variable in the post or get request or one in the session. But again, it would be better to use the superglobal notation. if register_globals is switched off, then this variable won't exist

Thanks alot, I appreciate your response.

you're welcome

if you keep having problems, just post the new code and i'll have another look