every time click login it return me to the login screen
this is my first code to login
<form action="" method="post" name="log">
<table border="0" align="center">
<tr>
<td colspan="4"><span style="font-size:18px; color:#039; font-weight:bold;">Login</span></td>
</tr>
<tr>
<td width="113">User name</td>
<td width="120"><span id="sprytextfield1">
<input name="Uname" type="text" id="LogInUname" size="20" />
<span class="textfieldRequiredMsg"><br />
A value is required.</span></span></td>
</tr>
<tr>
<td>Password</td>
<td><span id="sprypassword1">
<input name="Pword" type="password" id="LogInPword" size="20" />
<br />
<span class="passwordRequiredMsg">A value is required.</span></span></td>
</tr>
<tr>
<td><span class="newUsers"><a href="index.php?learn_id=88">New user</a></span></td>
<td></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" name="submitid" id="LogInbutton" value="Login" /></td>
</tr>
</table>
</form>
<?php
session_start();
if(isset($_POST['submitid'])) {
$Uname = $_POST['Uname'];
$Pword = $_POST['Pword'];
$Uname = stripslashes($Uname);
$Pword = stripslashes($Pword);
$Uname = mysqli_real_escape_string($db, $Uname);
$Pword = mysqli_real_escape_string($db, $Pword);
$loginUser = " select * from loginaccess where Uname= '".$Uname."' and Pword='".$Pword."'";
$loginUserResults=$db->query($loginUser) or die($db->error);
if($loginUserResults -> num_rows == 1) {
$_SESSION['log']=1;
header('Location:index.php?learn_id=12');
}else{
header('Location:index.php?learn_id=320');
}
}
?>
<?php ob_flush() ?>
and this is the other page that it should go to
<?php
session_start();
if (!(isset($_SESSION['log']) && $_SESSION['log'] != 1)) {
header ("Location:index.php?learn_id=3");
}
?>
now please some one tell me why I am every time try to login I return to the login page what is wrong there.
First: This line
should be
Second: I don’t see the
session_start();at the very top of your first page (login)Third: Do not use both
stripslashesandmysqli_real_escape_string. The latter is enough (better if you use a PDO).