How Can I get a Session Id or username in php?

Question

I have a website where users can log in. I have tried:

and When users login I set their session as

Answer 1

Put session_start(); before the echo

Answer 2

Without showing more code we cant comment much, but are you sure you are calling session_start in each page you use your session variable too? Also ensure you are using the same capitalisation (userlogin != UserLogin).

Answer 3

Did you start the session before using it?

So to set it:

<?php
   //Fetch the username from the database
   //The $login and $password I use here are examples. You should substitute this
   //query with one that matches your needs and variables.
   //On top of that I ASSUMED you are storing your passwords MD5 encrypted. If not,
   //simply remove the md5() function from below.
   $query = "SELECT name FROM users WHERE login='" . mysql_real_escape_string($login) . "' AND password='" . md5($password)  . "'";
   $result = mysql_query($query);

   //Check if any row was returned. If so, fetch the name from that row
   if (mysql_num_rows($result) == 1) {
      $row = mysql_fetch_assoc_assoc($result);
      $name = $row['name'];

      //Start your session
      session_start();
      //Store the name in the session
      $_SESSION['userlogin'] = $name;
   }
   else {
      echo "The combination of the login and password do not match".
   }
?>

And to retrieve it on another page do:

<?php
   //Start your session
   session_start();
   //Read your session (if it is set)
   if (isset($_SESSION['userlogin']))
      echo $_SESSION['userlogin'];
?>

EDIT

Some more information about how to create a loginform.. You say you tried setting $_SESSION['user'] but that this didn't work.

So just make sure that you actually did a session_start(); before that. If you did, everything should work. Unless you assign an empty variable to the session. So doublecheck that the variable you assign actually contains a value. Like:

<?php
   session_start();
   echo "Assigning session value to: " . $user;
   $_SESSION['user'] = $user;
?>

In the tutorial you linked me to they are doing:

$_SESSION[user]=$_GET[userlogin];

This means they are assigning a value they got from their loginform that they create here:

function loginform() {
   print "please enter your login information to proceed with our site";
   print ("<table border='2'><tr><td>username</td><td><input type='text' name='userlogin' size'20'></td></tr><tr><td>password</td><td><input type='password' name='password' size'20'></td></tr></table>");
   print "<input type='submit' >";    
   print "<h3><a href='registerform.php'>register now!</a></h3>";    
} 

There you see <input type='text' name='userlogin' size'20'>. But there is no <form></form> tag around this form.. So this won't properly post. So what you should do is the following:

<form method="POST" action="index.php">
   <label for="userlogin">Username:</label> <input type="text" id="userlogin" name="userlogin" size="20" />
   <label for="password">Password:</label> <input type="password" id="password" name="password" size="20" />
   <input type="submit" value="login" />   
</form>

This form will post the form back to index.php with userlogin and password as $_POST variables.

In your index.php you can then do:

<?php
   //Get variables:
   $login = mysql_real_escape_string($_POST['userlogin']);
   $pass = mysql_real_escape_string($_POST['password']);

   //Check your table:
   $query = "SELECT userlogin FROM users WHERE userlogin = '" . $login . "' AND password='" . $pass . "'";
   $result = mysql_query($query);

   //Check if this user exists:
   if (mysql_num_rows($result) == 1) {
      echo "User exists!";

      //Store the login in the session:
      session_start();
      $_SESSION['userlogin'] = $login;
   }
   else {
      echo "Unknown user";
   }
?>

I can't make it much clearer without writing the entire code for you. So I hope this helps you.