Why are my session variables not working?

[Nodral]

Hi

 

I have the following script (unfinished so please no nagging about security breaches!!)  and I want a simple $_SESSION variable to be set and passed abck through if the form is not completed or it is the first time through.  However I am getting no output from $_SESSION['output'].

 

Can anyone spot where I've gone wrong?

 

<?
session_start();
include_once('connect.php');
include_once('functions.php');

$host  = $_SERVER['HTTP_HOST'];
$uri   = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');

if(strlen($_POST['ED'])>1){
$ED=$_POST['ED'];
}

if(strlen($_POST['password'])>1){
$password=$_POST['password'];
}

if(strlen($_POST['firstname'])>1){
$firstname=$_POST['firstname'];
}

if(strlen($_POST['lastname'])>1){
$lastname=$_POST['lastname'];
}

if(strlen($_POST['email'])>1){
$email=$_POST['email'];
}

if(strlen($_POST['dept'])>1){
$dept=$_POST['dept'];
}

if(strlen($_POST['workplace'])>1){
$workplace=$_POST['workplace'];
}

if(strlen($_POST['home'])>1){
$home=$_POST['home'];
}

if(strlen($_POST['role'])>1){
$role=$_POST['role'];
}

//create user table and write 1st admin into user table
if(isset($_POST['change'])){
if(isset($ED, $password, $firstname, $lastname, $email, $dept, $workplace, $home, $role)){
	//create table
	$sql="CREATE TABLE pfp_user (id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, ed VARCHAR(255) NOT NULL, firstname VARCHAR(255) NOT NULL, lastname VARCHAR(255) NOT NULL, dept VARCHAR(255)NOT NULL, workplace VARCHAR(255)NOT NULL, home VARCHAR(255)NOT NULL, password VARCHAR(255) NOT NULL, email VARCHAR(255)NOT NULL, role VARCHAR(255) NOT NULL) DEFAULT CHARACTER SET utf8";
	mysql_query($sql) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $sql . "<br />\nError: (" . mysql_errno() . ") " . mysql_error());

	//insert data
	//hash password
	$password=md5($password);
	$sql="INSERT INTO pfp_user (ED, firstname, lastname, dept, workplace, home, password, email, role) VALUES ('$ED', '$firstname', '$lastname', '$dept', '$workplace', '$home', '$password', '$email', '$role')";
		mysql_query($sql) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $sql . "<br />\nError: (" . mysql_errno() . ") " . mysql_error());
		$_SESSION['output']="User Successfully Registered.  Please log in.";
		$extra = 'index.php';
		header("Location: http://$host$uri/$extra");


}else{$_SESSION['output']='<div class="pagetext">You have missed some information<br>Please try again</div>';}
}

else{
$_SESSION['output']='<div class="pagetext">As you are the first on this site, would you will be set up as an admin user<br>Please complete your details below</div>';
}




//Create form to register the first admin user -->
include_once('header.php');
echo $_SESSION['output'];
?>

<!-- Create form to register the first admin user -->


<div class="logintable"><table>
<form method="POST" action="">
<tr><td>Payroll Number - </td><td><input type="text" name="ED" value="<?php echo $ED; ?>"></td></tr>
<tr><td>Password - </td><td><input type="password" name="password" ></td></tr>
<tr><td>Firstname - </td><td><input type="text" name="firstname" value="<?php echo $firstname; ?>"></td></tr>
<tr><td>Surname - </td><td><input type="text" name="lastname" value="<?php echo $lastname; ?>"></td></tr>
<tr><td>Email - </td><td><input type="text" name="email" value="<?php echo $email; ?>"></td></tr>
<tr><td>Department - </td><td><input type="text" name="dept" value="<?php echo $dept; ?>"></td></tr>
<tr><td>Permanent Workplace - </td><td><input type="text" name="workplace" value="<?php echo $workplace; ?>"></td></tr>
<tr><td>Home Town - </td><td><input type="text" name="home" value="<?php echo $home; ?>"></td></tr>
<tr><td>Role - </td><td><input type="hidden" name="role" value="admin">Admin</td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="change" value="Submit"></td></tr>
</form></table></div>