Redirect based on session variable

[digi duck]

Hi. I am trying to create a very simple admin login page that will let only me access a number of pages. I am trying the following code for the login page:

 

<?php session_start();

// Define your username and password 
$username = "username"; 
$password = "password"; 

if ($_POST['txtUsername'] == $username && $_POST['txtPassword'] == $password)
{ $_SESSION['admin']="true"; 
header("location: admin.php");
}
?>

### HTML code and form for entering in username and password with action echoing it back to itself ### 

 

On  the admin.php page i then try:

 

<?php 
if ($_SESSION['admin'] != "true") 
{ header("location: login.php");}
else { ?>


### code for the rest of the page ###

 

I am fairly new to all this and cant understand why its remaining on the login page and not sending me to admin.php when the password and username are correct. Is this the correct way to be going about it? I envisaged simply adding the above code to the top of any page only the admin could see. Any help is much appreciated.

[Pikachu2000]

Do you have the error_reporting = -1 and display_errors = On directives set in your php.ini file?

[PaulRyan]

You're missing the session start function on your admin page.

 

<?php session_start();

  if ($_SESSION['admin'] != "true") { 
    header("location: login.php");
  } else { ?>

[digi duck]

Thanks for your help. Putting the session_start(); at the top of the admin page did it. Cant believe it was so simply in the end. cheers!

[Pikachu2000]

Yes, and setting up error reporting would have given you an undefined index notice, which probably would have allowed you to figure it out on your own. Always develop with error_reporting = -1 and display_errors = On.

[PaulRyan]

Yes, and setting up error reporting would have given you an undefined index notice, which probably would have allowed you to figure it out on your own. Always develop with error_reporting = -1 and display_errors = On.

++;