Session state help

dekon · December 14, 2012, 2:06pm

i am having trouble with getting my login page to work could someone help me figure out where i am going wrong with this code please since it don’t redirect to the other page once logged in and don’t store the session thanks.

<?php
session_start();
include('mysql.php');
mysql_connect("$host", "$user", "$passwd");
mysql_select_db("mdb_sn027");
if(isset($_SESSION['username']))
{
    die("You are already logged in!");
} // That bit of code checks if you are logged in or not, and if you are, you can't log in again!
if(isset($_POST['submit']))
{
$myusername=$_POST['usename'];
$mypassword=$_POST['pass'];

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM user WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);

//If result matched $myusername and $mypassword,table is 1 row
if($count==1){

$_SESSION['myusername'] = $myusername;
header("location: .........");
}
else {
    if (isset($_SESSION['myusername'])) {
        unset($_SESSION['myusername']);
    }
    echo "Wrong Username or Password";
}
}
?>

QMonkey · December 14, 2012, 6:24pm

One tip is you might need session_write_close() just before the header() redirect.

$_POST[‘usename’]
is that supposed to be username ?

You’ve said what it didn’t do but what is it actually doing?

dekon · December 15, 2012, 4:54pm

the textbox i named usename
when you type in the password and username it redirects to a new page but there is also a webpage where you have to be logged on to view it. when you click to access after password and username have been accepted it still redirects you to the login page.

ramasaig · December 15, 2012, 5:37pm

I assume your database access is not having any problems ?
Is it possible the ‘die’ statement is preventing the header() redirect ?

As a separate matter, you should consider using ‘mysqli’ as ‘mysql’ functions are deprecated now.

SpacePhoenix · December 15, 2012, 7:28pm

Is the “Home” script index.php if so move the session_start() to the start of the index.php

StarLion · December 17, 2012, 2:17pm

Right;

1: Consider updating the script to use mysqli or PDO.
2: Location has a capital L.
3: the if inside your outer Else clause will never evaluate to true.
4: You’re not detecting the session because of the following:

if(isset($_SESSION['[COLOR="#FF0000"]username[/COLOR]'])) 
...
$_SESSION['[COLOR="#FF0000"]myusername[/COLOR]'] = $myusername;

~One of these things is not like the other…~ (come on, everybody sing with me!)