Background: I have a standard content management system that i designed. index.php contains the login form, and splash.php contains the screen with all the detail. splash.php is the only page loaded, the other pages are just included in the body of splash.php based on the query string. splash.php performs a login validation before anything else happens. In here, it just queries the database and looks if the session variables match what is in the database.
So what happens is when i create a new user, it creates the user, and then displays the success message, but then clears the session variables that i have set that store the user id so when i click to navigate to another location, it thinks the user is no longer logged in and redirects them to the login page. I found the piece of code where the session variables are being cleared, and it makes no sense because there isnt anything in there that would clear the variables. I also noticed that the sessionID remains the same, so i know the session isnt expiring or being reset.
Here is the code where the variables are cleared:
} else { // session id is the same, but session variables are being unset
// insert into database
OpenConnection();
// search for user to see if it exists
$sql = "select * from tblUser where username = '".$user."';";
$query = mysql_query($sql);
if (mysql_num_rows($query) > 0) {
print "User already exists. Please choose a different username";
} else {
$sql = "insert into tblUser (username, password, firstName, lastName, userType, clientID, email) values ('".$user."','".$pass."','".$fName."','".$lName."','".$type."','".$clientID."','".$email."');";
$query = mysql_query($sql);
if (!$query) {
die ("Error creating user. Details: ".mysql_error());
} else {
print "<b>".$fName." ".$lName."</b> was added successfully!";
}
}
CloseConnection();
}
Any ideas? I'm clueless. The form is in the same file, and this is the only place in the file that resets the variables.