Hello i have problem: in login.php file i’m storing $_SESSION[‘$myusername’];
I try to check that SESSIOn username in page.php file, if session not exists it redirects back to login.php. I try to login with valid user but i’m redirecting back to login.php
I dont know where is the problem.
login.php:
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="2"; // Database name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
if (isset($_POST['formsubmitted'])) {
$error = array();//Declare An Array to store any error message
};
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM `members` WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
//store data:
$_SESSION['$myusername'];
//next page:
header("location:page.php");
}
else {
include 'index.php';
$error[] = '<b><h5>Invalid Username or Password!</b>';
if(isset($error) && is_array($error))
{
echo "<div class='content1'>" . implode("<br />", $error) . "</div>";
};
};
?>
page.php :
<?php
ob_start();
session_start();
if(!isset($_SESSION['$myusername']))
{
header("Location: login.php")
}
?>
In Page.php you shouldn’t include the $ when checking the session variable:
should be:
In Login.php you must set the session variable:
should be:
Login.php also needs a call to session_start() at the top.