--- shaun <[EMAIL PROTECTED]> wrote:
> Using the following code I am able to authenticate which type of user is
> visiting my page, however if I try to log in again with a different type of
> user the session variables still assume that the original user was logged
> in, is there a way to reset the session variables, I have tried
> session_destroy() and session_unset() but without success...
>
> <?php
> require("dbconnect.php");
>
> // Assume user is not authenticated
> $auth = false;
>
> // Formulate the query
> $query = "SELECT * FROM WMS_User WHERE
> User_Username = '$_POST[username]' AND
> User_Password = '$_POST[password]'";
>
> // Execute the query and put results in $result
> $result = mysql_query( $query )
> or die ( 'Unable to execute query.' );
>
> // Get number of rows in $result.
> $num = mysql_numrows( $result );
>
> if ( $num != 0 ) {
>
> // A matching row was found - the user is authenticated.
> $auth = true;
>
> //get the data for the session variables
> $suser_name = mysql_result($result, 0, "User_Name");
> $suser_password = mysql_result($result, 0, "User_Password");
> $stype_level = mysql_result($result, 0, "User_Type");
>
> $ses_name = $suser_name;
> $ses_pass = $suser_password;
> $ses_level = $stype_level;
>
> session_register("ses_name");
> session_register("ses_pass");
> session_register("ses_level");
This is the moment where you lose your new session data. You need to register
your session variables before you use them. At this point, PHP retrieves the
session data that is saved for you, and you lose all of the stuff you did
above.
Chris
=====
Become a better Web developer with the HTTP Developer's Handbook
http://httphandbook.org/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
