2

I'm trying to pass session variables using $_SESSION, so I can check if a user that is currently logged in has "admin" privileges, which is stored in my database table "login" as "login_privileges". If they have admin privileges they can access certain pages, if not they are just denied access, but not logged out. When a valid username and password is entered into the form I get a "Can't use function return value in write context" error. It must be an error with the SESSION, what is wrong?

<?php

require("dbconnectprojdev.php");
$con = mysql_connect($host, $username, $password);

$username = $_POST['username']; 
$password = $_POST['password']; 

$username = stripslashes($username); 
$password = stripslashes($password); 
$username = mysql_real_escape_string($username, $con); 
$password = mysql_real_escape_string($password, $con); 

$stmt=$dbh->prepare("SELECT * FROM login WHERE login_username = :username AND login_password = :password");
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $password);
$stmt->execute();
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$count = $count + 1;
}

$privilege = $row['login_privileges'];

if($count==1){  

session_start();
$_SESSION('privilege') = $privilege;
$_SESSION('username') = $username; 
$_SESSION('password') = $password; 
header("location:logincorrect.php"); 

} else { 
echo "Invalid login details"; 
echo "<b></br><a href=default.php>Back to login</a>";
} 

?>

"dbconnectprojdev.php" looks like:

<?php
$host = "*****";
$database = "*****";
$username = "*****";
$password = "*****";

$dbh = new PDO("mysql:host=$host; dbname=$database; charset=utf8", $username , $password );
?>
Improve this question
2
  • 2
    $_SESSION is a superglobal array, and not a function :) Commented Jan 22, 2015 at 14:55
  • Taking a peek at the documentation is always nice. Commented Jan 22, 2015 at 14:59

3 Answers 3

Reset to default
9

$_SESSION is an array, not a function.

Change $_SESSION('privilege') = $privilege; to $_SESSION['privilege'] = $privilege;

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

use $_SESSION['privilege'] instead of $_SESSION('privilege') (note square brackets)

Improve this answer

Comments

0

Hello talfred!!

$_SESSION is an array, not a function!!

Therefore you need to change $_SESSION('privilege') = $privilege; to $_SESSION['privilege'] = $privilege;

Hope this helps!
-Jack

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.