Click here to Skip to main content
15,920,896 members
Please Sign up or sign in to vote.
1.00/5 (2 votes)
See more:
I am trying to pass SESSION Variable between pages as below

my Login.php

<?php
session_start();
$_SESSION['mobi'] = $mobi;

$servername = "localhost";
$database = "my database";
$username = "my user";
$password = "my pwd";

// Create connection

$conn = mysqli_connect($servername, $username, $password, $database);
  
    
    $sql = mysqli_query($conn,
    "SELECT * FROM myuser WHERE mobi='"
    . $_POST["mobi"] . "' AND
    pwd='" . $_POST["pwd"] . "'    ");

    $mobi=$_POST['mobi'];   

   
    $num = mysqli_num_rows($sql);
   
    if($num > 0) {
    header("Location:https://brandstuckers.com/index.php");


    exit();
    
       }
    else
    echo "Invalid Credential";
    
    
    

?>


and trying to call SESSION Variable to my main page index.php as under

<?php

session_start();
echo $_SESSION['mobi'];


?>


but in index.php does not showing SESSION Variable.

Please Suggest any solution

What I have tried:

Trying from two days from Google but no luck
Posted
Updated 6-Feb-23 22:31pm
Comments
Richard Deeming 7-Feb-23 4:22am    
Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation/interpolation to build a SQL query. ALWAYS use a parameterized query.
PHP: SQL Injection - Manual[^]
Richard Deeming 7-Feb-23 4:23am    
You are also storing your users' passwords in plain text. Don't do that!
Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]

PHP even has built-in functions to help you do the right thing:
PHP: password_hash[^]
PHP: password_verify[^]

session_start returns a boolean value to indicate if the session was started correctly or not: PHP: session_start - Manual[^] - I'd start by checking that return value each time and making sure it returns true

If it doesn't, then you need to look to your hosting service.
 
Share this answer
 
In addition to the other comments on here, what's this $mobi variable you're trying to assign to the session?
// At the start of the file
$_SESSION['mobi'] = $mobi;

// Further down in the file
$mobi=$_POST['mobi'];

The variable isn't actually set until later in the file, it seems to me like you're trying to do some sort of user login process and set the session variable once the login has been successful. If this is the case, you need to move that assignment down into the if block:
if($num > 0) {
  $_SESSION['mobi'] = $mobi;
  header("Location:https://brandstuckers.com/index.php");
  exit();
}

Variables must be assigned values before you can reference them. In the change I've suggested the $mobi variable is updated with the value of $_POST['mobi'] before we try and assign it to the session.
 
Share this answer
 
Comments
MAHESH WAGHELA 7-Feb-23 5:14am    
You are 100% right and your answer is accepted

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900