login session not workingPosted: Thu Apr 24, 2008 5:07 pm

[danieln]

hi,

 

i have this header.php file included at the top of every of my page.

 

when i enter my username & password from the login page, it works well and directs me to the mail.php page. but when i click on o move to the next page, i was then kicked out from the logged in session as if i was not logged on.

 

here is my code:

 

<?php

include_once('connect.php');

session_start();

$uid = isset($_POST['user']) ? $_POST['user'] : $_SESSION['user'];

$pwd = isset($_POST['pass']) ? $_POST['pass'] : $_SESSION['pass'];

 

echo "display : " . $uid . " " . $pwd ;

 

if(!isset($uid)) {

?>

Please login

<?php

exit();

}

 

$_SESSION['username'] = $uid;

$_SESSION['password'] = $pwd;

 

$query = "SELECT * FROM webture_staff " .

"WHERE username = '$uid' AND password = '$pwd' ";

$result = mysql_query($query)

or die(mysql_error());

if (!$result) {

unset($_SESSION['username']);

unset($_SESSION['password']);

echo "please login 2 " ;

}

?>

 

please advice where did it went wrong?

 

[Coreye]

session_start(); should go before anything else.

 

<?php
session_start();
include_once('connect.php');
$uid = isset($_POST['user']) ? $_POST['user'] : $_SESSION['user'];
$pwd = isset($_POST['pass']) ? $_POST['pass'] : $_SESSION['pass'];

echo "display : " . $uid . " " . $pwd ;

if(!isset($uid)) {
?>
Please login
<?php
exit();
}

$_SESSION['username'] = $uid;
$_SESSION['password'] = $pwd;

$query = "SELECT * FROM webture_staff " .
"WHERE username = '$uid' AND password = '$pwd' ";
$result = mysql_query($query)
or die(mysql_error());
if (!$result) {
unset($_SESSION['username']);
unset($_SESSION['password']);
echo "please login 2 " ;
}
?>