Still not working ... Here is some output that shows the session is being registered and the ID is the same between pages ... but the var $user gets lost.
LOGIN PAGE ----------- userid h: session_name(): PHPSESSID Session ID: f227e539d7b9b8db2c2a2b63dc79c6e2 Session name: PHPSESSID after succesful LOGIN ------------ userid h: jc session_name(): PHPSESSID Session ID: f227e539d7b9b8db2c2a2b63dc79c6e2 Session name: PHPSESSID You are logged in as: jc click on HREF linking to same page: ------------ userid h: jc session_name(): PHPSESSID Session ID: f227e539d7b9b8db2c2a2b63dc79c6e2 Session name: PHPSESSID You are logged in as: jc click on FORM SUBMIT with action loading another page ------------ userid h: session_name(): PHPSESSID Session ID: f227e539d7b9b8db2c2a2b63dc79c6e2 Session name: PHPSESSID You are logged in as: CONCLUSION ------------ So as you can see the session ID is registered and the same throughout the two pages. BUT the var $userid loses it value ... Any suggestions? Here is some of my code in case it helps. Sorry for the length. AUTH.php ------------ (all functions are include files) if (isset($PHPSESSID)) session_start($PHPSESSID); else session_start(); $PHPSESSID = session_id(); $SID = "PHPSESSID=$PHPSESSID"; html_header(); if(!isset($userid)) { login_form(); exit; } else { session_register('userid', 'userpassword'); $username = auth_user($userid, $userpassword); if(!$username) { session_unregister("userid"); session_unregister("userpassword"); echo "Authorization failed. " . "Click on the following link to try again.<BR>\n"; echo "<A HREF=\"$PHP_SELF\">Login</A><BR>"; echo "If you're not a member yet " . "ask JC to add you to the user database.<BR>\n"; exit; } else { menubar(); switch ($option) { case("create"): create_project(); break; case("show_all"): show_all_projects(); break; case("show_mine"): show_projects($userid); break; case("edit"): edit_project($projectid); break; default: break; } } } function auth_user($userid, $userpassword) { global $default_dbname, $user_tablename; $link_id = db_connect($default_dbname); $query = "SELECT username FROM $user_tablename WHERE userid = '$userid' AND userpassword = password('$userpassword')"; $result = mysql_query($query); if(!mysql_num_rows($result)) return 0; else { $query_data = mysql_fetch_row($result); return $query_data[0]; } } function login_form() { global $PHP_SELF, $option, $userid; ?> <HTML> <HEAD> <TITLE>Login</TITLE> </HEAD> <BODY> <FORM METHOD="POST" ACTION="<?php echo $PHP_SELF ?>"> <DIV ALIGN="CENTER"><CENTER> <H3>Please log in to access the page you requested.</H3> <TABLE BORDER="1" WIDTH="200" CELLPADDING="2"> <TR> <TH WIDTH="18%" ALIGN="RIGHT" NOWRAP>ID</TH> <TD WIDTH="82%" NOWRAP> <INPUT TYPE="TEXT" NAME="userid" SIZE="8"> </TD> </TR> <TR> <TH WIDTH="18%" ALIGN="RIGHT" NOWRAP>Password</TH> <TD WIDTH="82%" NOWRAP> <INPUT TYPE="PASSWORD" NAME="userpassword" SIZE="8"> </TD> </TR> <TR> <TD WIDTH="100%" COLSPAN="2" ALIGN="CENTER" NOWRAP> <INPUT TYPE="SUBMIT" VALUE="LOGIN" NAME="Submit"> </TD> </TR> </TABLE> </CENTER></DIV> </FORM> </BODY> </HTML> <? } ---------------- clicking on a project link (HREF) brings up auth.php but with this: ---------------- function edit_project($projectid) { $link_id = db_connect(); $query = "SELECT * from main_project WHERE projectid='$projectid'"; $result = mysql_query($query, $link_id); while($data = mysql_fetch_object($result)) { $title = $data->title; $desc = $data->description; $est = $data->est; $act = $data->act; $man = $data->manager; $comp = $data->completion; $type = $data->type; } ?> <CENTER> <FORM METHOD="POST" ACTION="create_sub_project.php"> <INPUT TYPE="HIDDEN" NAME="projectid" VALUE="<?php echo $projectid ?>"> <INPUT TYPE="SUBMIT" VALUE="Create a Sub-Project"> </CENTER> <CENTER> <FORM METHOD="POST" ACTION="create_project.php"> <INPUT TYPE="HIDDEN" NAME="action" VALUE="edit_main_project"> <INPUT TYPE="HIDDEN" NAME="projectid" VALUE="<?php echo $projectid ?>"> <FORM METHOD="POST" ACTION="create_project.php"> <INPUT TYPE="HIDDEN" NAME="action" VALUE="edit_main_project"> <INPUT TYPE="HIDDEN" NAME="projectid" VALUE="<?php echo $projectid ?>"> <TABLE BORDER="1"> <CAPTION><B>Edit Project</B></CAPTION> <TR> <TD>Title</TD> <TD NOWRAP><INPUT TYPE="TEXT" VALUE="<?php echo $title ?>" NAME="title" SIZE="30"></TD> </TR> <TR> <TD>Estimated Hours</TD> <TD NOWRAP><INPUT TYPE="TEXT" VALUE="<?php echo $est ?>" NAME="est" SIZE="8"></TD> </TR> <TR> <TD>Responsible</TD> <TD><SELECT NAME="manager"> <?php $link_id = db_connect(); $query = "SELECT username from user"; $result = mysql_query($query, $link_id); $query = "SELECT username from user WHERE usernumber='$man'"; $res2 = mysql_query($query, $link_id); $data2 = mysql_fetch_object($res2); $select = $data2->username; while($data = mysql_fetch_object($result)) { if ($data->username == $select) { echo " <OPTION SELECTED>" . $data->username . "</OPTION>\n"; } else {echo " <OPTION>" . $data->username . "</OPTION>\n";} } ?> </TD> <TR> <TD>Project Type</TD> <TD><SELECT NAME="type" SELECTED="<?php echo $man ?>"> <?php $array = enum_options('type', 'main_project', $link_id); foreach($array as $var) { if ($var == $type) { echo " <OPTION SELECTED>" . $type . "</OPTION>\n"; } else {echo " <OPTION>" . $type . "</OPTION>\n";} } ?> </SELECT> </TR> <TR> <TD>Description</TD> <TD NOWRAP><TEXTAREA ROWS="10" COLS="30" NAME="desc"><?php echo $desc ?> </TEXTAREA></TD> </TR> <TR> <TH COLSPAN="2" NOWRAP> <INPUT TYPE="SUBMIT" VALUE="Submit"> <INPUT TYPE="RESET" VALUE="Reset"> </TR> </TABLE> </CENTER> </FORM> <?php show_sub_projects($projectid); html_footer(); } ----------------- Clicking on the "Create Sub-porject" button loads up a *different* page (create_sub_project.php) and that page cannot access the $userid var even though the session ID is the same. <?php include "common.php"; include "common_db.inc"; global $userid; html_header(); menubar(); ?> _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]