BetterPHP

hi im new to this forums and im not quite good at php so i have some question it would be great if someone could help me..(and yeah i hate spoonfeeding since its bad and it would not help people so if you could point me to some site or even lectures i would be more than gratefull *:)*)
i'll numerate some questions.. hehe:

1.) i've been creating a small work in my class and i made the structure like homepage>logintest(check wether admin or no)>throw to the according user level. but im having problems with my sessions...(im quite confused in sessions.. )
but here's my code :

in my homepage part

<FORM action='logintest1.php' method='POST'>

this is correct right? i think this is the only impt. part in the 1st page


in my logintest part

<?php
session_start();

ini_set('display_errors', 1 );
error_reporting(E_ALL & ~ E_NOTICE);


$username = $_POST['username'];
$password = $_POST['password'];



if ($username&&$password)
{
	$connect = mysql_connect("localhost","root","") or die("could not connect");
	mysql_select_db("3vfarmthesis") or die ("could not find db");
	
	$query = mysql_query("SELECT * FROM users WHERE username ='$username'");
	$numrows = mysql_num_rows($query);
	
	if($numrows!=0)
	{
		while($row = mysql_fetch_assoc($query))
		{
			$dbusername = $row['username'];
			$dbpassword = $row['password'];
			$activated = $row['activated'];
			$admin = $row['admin'];
			
			if ($activated == '0' )
			{
				echo "you're account is not yet active check your email";
				//exit();
			}
		}
		//to see if they match
		
		if ($username == $dbusername && md5($password) == $dbpassword )//hash 
		{			
			if($admin == '0')
			{			
				header('location:revisedglen/ClientView/viewprofile.php'); //client				
			}
			else
			{				
				header('location:revisedglen/AdminView/index.php');	 //admin
			}
		}
		else
			
			//wrong password
			header('location:HomeCent.php');
			firstE();
			

			
	}
	else
	{
		die ("that user does not exist");
	}
}
else
{
die("please enter a username and a password ");
}
?>

$username = $_POST['username']; it came from the earlier page .


then the prblem part.. i think

view profile page.

<?php
	
	$con = mysql_connect("localhost","root","");  
	mysql_select_db("3vfarmthesis", $con); 
	$username = $_POST['username'];
	$sql = mysql_query("SELECT * FROM login,clientprofile WHERE Email = '$username' ");
	
		
?>

i'm having trouble in the sql statement how can i call any information that i used in the homepage part.(for example the username in my homepage) so that i could view the profile of the client.. this is all about session right?

im very sorry if this is too long... but i would greatly appreciate any help i could get

Your form tag is right, I would write it as

<form action="logintest1.php" method="post">

though, just because it's the more standard way.

I'm not entirely sure what your question is ? but a few comments on your code,

error_reporting(E_ALL & ~ E_NOTICE);

If you hide the notice level errors you will have a much harder time debugging problems caused by mistyped variable names. Plus it has to be better to fix the problem rather than just hide it right ?

$query = mysql_query("SELECT * FROM users WHERE username ='$username'");

You should only really select the columns you need form the table, it makes the code neater too. This should also be done by a function if possible.

while($row = mysql_fetch_assoc($query))

The usernames have to be unique, so you are only fetching one row. This means that there is no need for a loop here.

die ("that user does not exist");

die("please enter a username and a password ");

You should not really be using die() to send messages like this, it cuts off the bottom of your page, often breaking the layout.

What are you actually asking about :s ?

i was trying to ask how do i call a variable from logintest1.php?

it seems that i could do something like


since its like homepage>logintest1.php> client/or admin

they say it all about session (i've been studying ur vids at youtube for reference) but still im quite confused on how the "session thing" works.. all i know is that it stores data. and stuffs but im pretty much dazed on how to use it properly i think..

You can think of the session as a variable that is saved across different pages.

so if you had

page_one.php

session_start();

$_SESSION['something'] = 42;

and

page_two.php

session_start();

echo $_SESSION['something'];

If you browse to page_one it will set the session variable, then if you browser to page_two (even in another tab) the data you stored in the session will still be available.