Genius_boy001
New Member
- Messages
- 31
- Reaction score
- 0
- Points
- 0
My session variables don't seem to be transferring for more than 2 pages.
It only travels between my login code and my member page code, but not through my upload code.
Login:
Memberpage:
Upload code:
It only travels between my login code and my member page code, but not through my upload code.
Login:
Code:
<?php
ob_start();
$connect=mysql_connect("localhost","gb_GB","*******")or die(mysql_error());
mysql_select_db("gb_USERInfo",$connect)or die(mysql_error());
$email=$_POST['email'];
$pword= md5($_POST['password']);
$error="0";
$query="SELECT * FROM Ysers WHERE email='$email' AND password = '$pword' ";
$result=mysql_query($query)or die(mysql_error());
if(mysql_num_rows($result)==0){
$error="Sorry, but either the username or password you entered is not valid.";
}else{
$_SESSION['email']="$email";
$_SESSION['password']="$pword";
setcookie("email","$email",time()+360000);
setcookie("password",md5("$pword"),time()+360000);
include "memberspage.php";
}
if(!empty($error)){
include "Man.html";
print $error;
print $pword;
}
?>
Memberpage:
Code:
<?php
@mysql_connect("localhost", "gb_GB", "********") or die(mysql_error());
@mysql_select_db("gb_USERInfo") or die(mysql_error());
session_start();
if($email&&$pword != NULL){
include('Images.php');
$query="SELECT * FROM Ysers WHERE email = '$email' AND password='$pword'";
$result = mysql_query($query)or die (mysql_error());
$row=mysql_fetch_assoc($result);
$Fname=$row['firstname'];
$Lname=$row['lastname'];
$Ame=$row['aboutme'];
$Irests=$row['interests'];
echo "First Name:";
echo " ";
echo $Fname;
echo "<br>";
echo "Last Name:";
echo " ";
echo $Lname;
echo "<br>";
echo "About";
echo ":";
echo " ";
echo $Ame;
echo "<br>";
echo "Interests:";
echo " ";
echo $Irests;
echo "<br>";
}
?>
Upload code:
Code:
<?php
@mysql_connect("localhost", "gb_GB", "**********") or die(mysql_error());
@mysql_select_db("gb_USERInfo") or die(mysql_error());
Session_start();
$path = "/home/gb/public_html/Images/";
$imgName = $HTTP_POST_FILES['userfile']['name'];
$max_size = 250000;
if (!isset($HTTP_POST_FILES['userfile'])) exit;
if (is_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name'])) {
if ($HTTP_POST_FILES['userfile']['size']>$max_size) { echo "The file is too big<br>"; exit; }
if (($HTTP_POST_FILES['userfile']['type']=="image/gif") || ($HTTP_POST_FILES['userfile']['type']=="image/pjpeg") || ($HTTP_POST_FILES['userfile']['type']=="image/jpeg") || ($HTTP_POST_FILES['userfile']['type']=="image/png")) {
$ext = strrchr($imgName, ".");
$Newname = md5(rand() * time()) . $ext;
$res = copy($HTTP_POST_FILES['userfile']['tmp_name'], $path .
$HTTP_POST_FILES['userfile']['name']. $Newname);
$MM = $HTTP_POST_FILES['userfile']['name']. $Newname;
if (!$res) { echo "upload failed!<br>n"; exit; } else { echo "upload sucessful<br>n"; }
echo "File Name: ".$HTTP_POST_FILES['userfile']['name']."<br>n";
echo "File Size: ".$HTTP_POST_FILES['userfile']['size']." bytes<br>n";
echo "File Type: ".$HTTP_POST_FILES['userfile']['type']."<br>n";
} else { echo "Wrong file type<br>n"; exit; }
}
$my_file = $HTTP_POST_FILES['userfile']['name'];
$MN=$_SESSION['email'];
$PN= $_SESSION['password'];
$query = "INSERT INTO Ysers (Picture) where email ='$MN' AND password= '$PN'
VALUES ('$MM')";
mysql_query($query) or die(mysql_error());
mysql_close();
?>