0

I have been using the following code for beginning sessions, but I can't show the username after 'welcome'. How can I do that? I am using email and id for logging in. The email, id and username are stored in MySQL. Also when logged in, the login button should disappear, and the logout button should appear.

<div class="hello"> 

<?php  
  session_start();  
  require_once("config.php");  
  if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) 
  {  
    header ("Location: login.html");  
    exit;  
  }  
  else  
  {  
    echo "Welcome </b>,  <a href=logout.php>Logout</a> <br><br>";  
  }  
?>

</div>
Expedito
  • 7,771
  • 5
  • 30
  • 43
user2267055
  • 43
  • 1
  • 9
  • 1
    At login, when you're storing `login` in the session, just store `username` too, then just get it from the session where needed...? – Joachim Isaksson May 11 '13 at 13:10
  • 1
    There's something fishy about `!(isset($_SESSION['login']) && $_SESSION['login'] != '')`. I believe it will always resolve to false.. Cause you are basically saying: IF some part does not exists AND this part is not equal to "". If the first condition is met, the second can never be true. – Jules Colle May 11 '13 at 13:12

5 Answers5

1

header() and session_start() must both come before any HTML. You can set $_SESSION['username'] and $_SESSION['email'] where you process the login info.

Mooseman
  • 18,763
  • 14
  • 70
  • 93
1

As per the php doc :

To use cookie-based sessions, session_start() must be called before outputing anything to the browser.

So remove any HTML or output in your page before session_start() call.

In your case remove from your html.

Or you can use ob_start() in the very first line so that it consumes even any accidental outputs. Even a new line can not be outputted before session_start(). If you are using this method , use ob_clean() method after doing all session (header) related work.

MD. Sahib Bin Mahboob
  • 20,246
  • 2
  • 23
  • 45
1

Don't do it like this:

<div class="hello"> 

<?php  
    session_start(); 
    require_once("config.php");

Do it like this:

<?php session_start(); ?>

<div class="hello"> 

<?php  
    require_once("config.php");

session_start() must be called before any output (including whitespace and UTF-8 BOM) are sent to the browser. So the call must be made before anything in any included file gets output. This usually is no problem because a script should not care when the session is started.

Sven
  • 69,403
  • 10
  • 107
  • 109
0

You should consider creating a function called get_username_from_email() like so,

<?php

function get_username_from_email($email) {
   $username = mysql_real_escape_string($email);
   return mysql_result(mysql_query("SELECT `username` FROM `YOUR_TABLE` WHERE `email` = '$email'"), 0, 'user_id');
}

?>

In the above code YOUR_TABLE refers to your table name which consists of the essential data.

Then you can perform the following in your existing code:

<?php  
   session_start();  
   require_once("config.php");  
   if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) 
   {  
      header ("Location: login.html");  
      exit;  
   }  
   else  
   {  
      echo "Welcome". get_username_from_email($_SESSION['login']) ." </b>,  <a href=logout.php>Logout</a> <br><br>";  
   }

?>

However, I'm not quite sure about this.

akash4eva
  • 815
  • 1
  • 6
  • 11
0

Let's say you have a username and password field, not when user submits the details, and if it is OK. then, after login, you have to keep his name in the session (I'm not recommending it) but, you could do like this 

// if use is verified
$_SESSION['logged'] = $username;

Now, in your sessions file, you can show 

echo 'Welcome '.$username.' You, are logged in';