I have a simple PHP login script that directs the user to dashboard.php if the login is successful. Currently, all it is doing is refreshing the page.
<?php
if (isset($_POST["submit"])) {
// startar sesion
session_start();
// username and password
$userName = "user";
$password = "pass";
}
if (isset($_POST["userName"]) && isset($_POST["password"])) {
if ($_POST["userName"] == $userName && $_POST["password"] == $password) {
header( 'Location: dashboard.php' ) ;
}
// wrong login - message
else {echo 'foo';}
}
?>
Try this
That just fixes your original code, however i would lean to more like this…
Then you rewrite login to always assign session user and pass if the credentials have been verified authenticated
Check post, if post exists compare to vals, if user password match, write them respective to their session array nodes, the redirect to dashboard which should also have thatfunctionality i outlined above at the top of its page to check session
Also do not store the users password in the session, just the verified user name should suffice and keep your site clean from potential intruders hacking in and stealing passwords of others