[SOLVED] Problems with login Script - please help

[mazman13]

I found this script online...it's simple and it will do what i need for now.

But I do have a problem with it.

<?php
    session_start();

    $errorMessage = '';

    if (isset($_POST['txtUserId']))
    {
        $userID = htmlentities($_POST['txtUserId']);
        $userPass = htmlentities($_POST['txtPassword']);

        //replace the following with your MySQL values
        //*********************
        $dbhost = "---";
        $dbuser = "---";
        $dbpass = "";
        $dbname = "fleet_portal";

        //*********************

        $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql');
        mysql_select_db($dbname);

        // check if the user id and password combination exist in database
        $query = "SELECT * FROM company WHERE `username` = '$userID' AND `password` = '$userPass' AND `enabled`=1";


        $result =mysql_query($query) or die('Query failed. ' . mysql_error());

       if (mysql_num_rows($result) == 1)
       {
          // the user id and password match,
          // set the session
            $_SESSION['test_logged_in'] = true;
            $_SESSION['user']=$userID;

         // after login we move to the main page
		 include"main_login.php";
         exit;
       }
       else $errorMessage = 'Sorry, wrong user id / password';
    }

    if ($errorMessage != '') {
    ?>
            <p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
            <?php
    }
?>

<form id="frmLogin" name="frmLogin" method="post">
    <table width="400" cellspacing="2" cellpadding="2" border="0" align="center">
        <tbody>
            <tr>
                <td width>User Id</td>
                <td><input type="text" id="txtUserId" name="txtUserId" /></td>
            </tr>
            <tr>
                <td width>Password</td>
                <td><input type="password" id="txtPassword" name="txtPassword" /></td>
            </tr>
            <tr>
                <td width> </td>
                <td><input type="submit" value="Login" name="btnLogin" /></td>
            </tr>
        </tbody>
    </table>
</form>

 

As you can see, Ive included the main page they see after they log in...

Well on that page I have a few forms that use PHP_SELF...everytime it goes back to main.php?whatever it pops a login again. What can be done to continue the session?

 

         // after login we move to the main page
		 include"main_login.php";
         exit;
  

[satishgadhave]

Hi mazman13,

 

instead of including 'main_login.php' on successful authentication, redirect to it.

i.e. header('location: main_login.php');