I'm beginner on PHP. I coded a basic number guess script. Now I want to implement user register and login features. I'm following this tutorial.
I have base.php
make database connection:
<?php
session_start();
$dbhost = "localhost"; // this will ususally be 'localhost', but can sometimes differ
$dbname = "users"; // the name of the database that you are going to use for this project
$dbuser = "xxx"; // the username that you created, or were given, to access your database
$dbpass = "xxx"; // the password that you created, or were given, to access your database
mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());
mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());
?>
I call this file in login.php
user can login in here or go to register form. After he logged in, play game button appers.
<?php include "base.php"; ?>
<?php
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Username']))
{
?>
<h1>Member Area</h1>
<p>Thanks for logging in! You are <code><?=$_SESSION['Username']?></code> and your email address is <code><?=$_SESSION['EmailAddress']?></code>.</p>
<form name = "mysecondform" action = "level1.php" method = "POST">
<input type="hidden" name="seconddata" value="1">
<br> <input type= "submit" value = "Start calculator game"><br>
<p> Click <a href="logout.php">here</a> to logout</p>
<?php
}
elseif(!empty($_POST['username']) && !empty($_POST['password']))
{
$username = mysql_real_escape_string($_POST['username']);
$password = md5(mysql_real_escape_string($_POST['password']));
$checklogin = mysql_query("SELECT * FROM users WHERE Username = '".$username."' AND Password = '".$password."'");
if(mysql_num_rows($checklogin) == 1)
{
$row = mysql_fetch_array($checklogin);
$email = $row['EmailAddress'];
$_SESSION['Username'] = $username;
$_SESSION['EmailAddress'] = $email;
$_SESSION['LoggedIn'] = 1;
echo "<h1>Success</h1>";
echo "<form name = \"mysecondform\" action = \"level1.php\" method = \"POST\">";
echo " <input type=\"hidden\" name=\"seconddata\" value=\"1\">";
echo "<br> <input type= \"submit\" value = \"Start calculator game\">";
}
else
{
echo "<h1>Error</h1>";
echo "<p>Sorry, your account could not be found. Please <a href=\"login.php\">click here to try again</a>.</p>";
}
}
else
{
//some codes about registration
}
?>
</div>
</body>
</html>
So, level1.php
checks if the value is correct (well I should do this with user login session but i can't do it yet)
<?php
if ($_POST["seconddata"] == "1"){
echo "<html><head><title>Calculator Game From 1998</title></head><body>";
echo "<h1>Please Guess The Answer-Level1</h1>";
echo "<form name = \"myfirstform\" action = \"formprocess.php\" method = \"POST\">";
echo "Enter Integer Between 1-3<br>";
echo "<input type = \"text\" name = \"firstdata\">";
echo "<br> <input type= \"submit\" value = \"submit\">";
echo "</form>";
echo "</body></html>";
}
else
echo "Please <a href='login.php'>login</a>"
?>
It sends user input to formprocess.php
file in order to check if the answer is correct. If it's correct, player can go to second level.
<?php include "base.php"; ?>
<?php
/*
session_start();
if (!isset($_SESSION['wins']) || !isset($_SESSION['losses'])) {
$_SESSION['wins'] = 0;
$_SESSION['losses'] = 0;
}
*/
$random = rand(1, 3);
echo "<html><head><title>Answer-Level1</title></head><body>";
if ($_POST["firstdata"] == $random){
$_SESSION['wins']++;
mysql_query("UPDATE users SET win= win + 1 WHERE Username = '".$username."'");
echo "<h1><font color=\"green\">Congrulations!</h1></font><br>";
echo "<img src='http://icons.iconarchive.com/icons/custom-icon-design/flatastic-2/512/success-icon.png' width='100' height='100'></img>";
echo "<h2>Answer was: </h2>";
echo $random;
echo "<br>";
//echo "<p>You've won {$_SESSION['wins']} games and lost {$_SESSION['losses']}.</p>";
echo "<br>";
echo "<form name = \"mysecondform\" action = \"level2.php\" method = \"POST\">";
echo " <input type=\"hidden\" name=\"seconddata\" value=\"1\">";
echo "<br> <input type= \"submit\" value = \"Go to Level2\">";
$win++;
}
else{
$_SESSION['losses']++;
mysql_query("UPDATE users SET lost= lost + 1 WHERE Username = '".$username."'");
echo "<h1><font color=\"red\">Nope wrong answer</h1></font><br>";
echo "<img src='http://www.clker.com/cliparts/D/Y/s/v/C/m/wrong-hi.png' width='100' height='100'></img>";
echo "<h2>Answer was: </h2>";
echo $random;
echo "<br>";
//echo "<p>You've won {$_SESSION['wins']} games and lost {$_SESSION['losses']}.</p>";
echo "<br>";
echo "<a href=\"level1.php\">try again</a>";
}
echo "</body></html>";
?>
(I commented out session codes. It's old version, I have to keep win,lost track on database) Well the problem is
mysql_query("UPDATE users SET win= win + 1 WHERE Username = '".$username."'");
this query doesn't change the value. I changed .$username.
with specific username it works. So how can I keep login session on this page (on every pages)
Sorry for long post.