php/mysql variable

Question

I am trying to use the the content of 2 variables in 2 php pages, but I can't get it to work.

$connect = mysql_connect('localhost', 'username', 'password');

if(!$connect)

{
    die('Could not connect to the database: ' . mysql_error());
}

mysql_select_db("database", $connect);


$id   = $lastid; // in the page I created this variable i have: $lastid = mysql_insert_id()

$code = $random; // in the page I created this variable i have: $random = rand(123456789,98765432); 

if($id&&$code)
{
    $check= mysql_query('SELECT * FROM members WHERE id= "$id" AND random = "$code"');
    $checknum = mysql_num_rows('$check');

    if($checknum == '1') // run query to activate the account
    {
        $acti= mysql_query('UPDATE members SET activation = "1" WHERE id= "$id"');

        die('Your account has been activated. You may now log in!');

    }else{

        die('Invalid id or activation code.');
    }

}else{

    die('Could not either find $id or $code!'); 
}

?>

I would be fine if I could use mysql_insert_id() on my new page, but mysql_insert_id() does not work if I don't alter the database.

Answer 1

If you have two separate pages (lets say page1.php) contains [as an example]:

<?php
$lastid = mysql_insert_id();
$random = rand(123456789,98765432); //you should really use mt_rand() with a proper number 
?>

You want to pass the values to page2.php but the values will be lost when going to page2.php You would need to store them in a session like so:

<?php
session_start();
$_SESSION['lastid'] = mysql_insert_id();
$_SESSION['random'] = rand(123456789,98765432); 
?>

Then you can access them like so within page2.php

<?php
session_start();
$connect = mysql_connect('localhost', 'username', 'password')or die('Could not connect to the database: '.mysql_error());
mysql_select_db("database", $connect);

$id   = $_SESSION['lastid'];
$code = $_SESSION['random'];

if(isset($id)&&isset($code)){
    $check= mysql_query('
    SELECT * 
    FROM members 
    WHERE id="'.mysql_real_escape_string($id).'" AND random="'.mysql_real_escape_string($code).'"');


    if(mysql_num_rows($check) == '1') // run query to activate the account
    {
       mysql_query('UPDATE members SET activation = "1" WHERE id= "'.mysql_real_escape_string($id).'"');
       //Really you should use the header to redirect to the login page, or set user as logged in
        die('Your account has been activated. You may now log in!');
    }else{
        //Really you should use the header to redirect to a warning
        die('Invalid id or activation code.');
    }

}else{
   //Really you should not tell the user about codes or ids and just redirect them to home
    die('Could not either find $id or $code!'); 
}

?>

Also note the syntax changes.

Answer 2

You need to use $_SESSION storage to make them persist across two pages. Read the PHP manual on session storage.

// The first page...
session_start();
// Store variables in `$_SESSION`
$_SESSION['id']   = mysql_insert_id();
$_SESSION['code'] = rand(123456789,98765432); 


// The next page:
session_start();
// Retrieve $id and $code from $_SESSION
$id   = $_SESSION['id'];
$code = $_SESSION['code'];

// etc... the rest of your code...
if($id&&$code)
{
    $check= mysql_query('SELECT * FROM members WHERE id= "$id" AND random = "$code"');
    $checknum = mysql_num_rows('$check');

    if($checknum == '1') // run query to activate the account
    {
        $acti= mysql_query('UPDATE members SET activation = "1" WHERE id= "$id"');
        die('Your account has been activated. You may now log in!');
    }else{
        die('Invalid id or activation code.');
    }
}else{
    die('Could not either find $id or $code!'); 
}

In short, call session_start() at the top of any script on which you need to access session variables. Then store values into the $_SESSION superglobal array or access previously stored values.