Retrieving first name and last name from mysql database

Question

How can i echo the first and last name of the specific user that logs in? Here is my code for checkLogin.php:

$FirstName = $_POST['FirstName'];
$LastName = $_POST['LastName'];

$sql="SELECT * FROM myweekprofiles WHERE LastName='$LastName' and FirstName='$FirstName'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){

session_register("FirstName"); 
session_register("LastName"); 
header("location:loginSuccess.php");
}else {
  //This page will describe that the email/password is incorrect
}

Here is the code for inc_header_User.php:

if(!isset($_SESSION['FirstName'])) {
echo "Hello";
}else{
$FirstName = $_SESSION['FirstName'];
}

I try to echo $FirstName within the header, but i get an error that says:

Undefined variable: FirstName in C:\wamp\www\MyWeek\includes\inc_header_User.php on line 55

Answer 1

Two things that could have gone wrong.

First, This function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0. from the documentation. So delete these lines from checkLogin.php:

session_register("FirstName");

session_register("LastName");

And write this instead (note the added session_start() ):

session_start();
$_SESSION['FirstName'] = $FirstName;
$_SESSION['LastName'] = $LastName;

Second (might be derived from the first, might not be), the logic in inc_header_User.php could be wrong for your purposes, try changing it to:

session_start();
if(!isset($_SESSION['FirstName'])) {
$FirstName = '';
echo "Hello";
}else{
$FirstName = $_SESSION['FirstName'];
}

Other notes: Is it an error, a notice or a warning? It doesn't look fatal actually, echoing a non-set variable will not likely kill your whole app.

You are prone to MySQL injection, change the first lines to this:

$FirstName = mysql_real_escape_string($_POST['FirstName']);
$LastName = mysql_real_escape_string($_POST['LastName']);

As already suggested, try using MySQLi or PDO instead of mysql_* functions for new code.