Creating Sessions

[huntinjon]

I am new to php and mysql, and I still have not got the debugging part down yet.  I am trying to create a session for a secure login, and I keep getting a white screen. Can you please take a look at my code and give me some advice please?

<?php

session_start();
$rootDir = "/intramural/schedulesevents/"; //change to "" when moving from it_test to root

//-------------Check if the form has been submitted -----------------------
if (isset($_POST['submitted'])) {

// connect to the db.
require_once('mysql_connect.php');

$errors = array(); //Initialize error array.

//Check for Login name
if (empty($_POST['txtUsername'])) {
$errors[] = 'You forgot to enter your Username';
} else {
$u = escape_data($_POST['txtUsername']);
}

// Check for a password
if (empty($_POST['txtPassword'])) {
$errors[] = 'You forgot to enter your password';
} else {
$p = escape_data($_POST['txtPassword']);
}

if (empty($errors)) { // If everythings OK

// Retrieve username and password combination.
$query = "SELECT AdminID, First, Password FROM AgentLogin WHERE AdminID='$u' AND Password=SHA('$p')";
$result = @mysql_query ($query); // Run the query.
$row = mysql_fetch_array ($result, MYSQL_NUM); // Return a record, if a pplicable

if ($row) { // A record was pulled from the database

//Set the session data & redirect
session_start();
$_SESSION['AdminID'] = $row['AdminID'];
$_SESSION['First'] = $row['First'];

echo "Logged in as ".$_Session["First"].".";

// Redirect the user to the admin.php page.
// Start defining the URL
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
//check for a trailing slash
if ((substr($url, -1) == '/') OR (substr($url, -1) =='\\')) {
$url = substr ($url, 0, -1); // Chop off the slash
}
// Add the page.
$url .= '/admin.php';

//header ("Location: $url");
exit(); // Quit the script

} else { // No record matched the query
$errors[] = 'The username and paswsword entered do not match those on file.';
// Public Message
$errors[] = mysql_error() . '<br /><br />Query: ' . $query; // Debugging message.
}
}// end of if(empty($errors))

mysql_close(); // Close the database connection

} else { // Form has not been submitted
$errors = NULL;
} // end of the main submit conditional



// Begin the page now.
$rootDir = "/intramural/schedulesevents/"; //change to "" when moving from it_test to root
$pageTitle = "Campus Recreation Center";
$homePage = 1;
srand((double)microtime()*1000000);
$randomTheme = rand(0,6);
$_SESSION['imgDir'] = $rootDir."/images/";
$_SESSION['styDir'] = $rootDir."/";
$_SESSION['incDir'] = "/www/htdocs/web/campusrec.okstate.edu/".$rootDir."/includes/";
include $_SESSION['incDir']."header.php";
include $_SESSION['incDir']."mainnav.php";
include $_SESSION['incDir']."titleNav.php";

if (!empty($errors)) { // Print any error messages.
echo '<h1 id ="mainhead">ERROR!</h1>
<p class="error">The following error(s) occurred:<br />';
foreach ($errors as $msg) { // Print each error.
echo " - $msg<br />\n";
}
echo '</p>Please try again.';
}

?>


<!-- Create the Form -- -->
<table cellpadding="0" cellspacing="0" border="0" align="left">
<tr>
<td valign="top" width="594">

<br>

<table border="0">
<form action="login.php" method="post">
<tr>
<td colspan=3><h2>Intramural Sports Free Agents Admin Login</h2></td>
</tr>
<tr>
<td><span class="licontent">Username: </span></td>
<td width="125"><input type=text name="txtUsername"></td>
<td width="150"></td>
</tr>
<tr>
<td><span class="licontent">Password: </span></td>
<td><input type="password" name="txtPassword"></td>
<td></td>
</tr>
<tr>
<td></td>
<td align="right"><input type="submit" name="submit" value="Login"><br>
<input type="hidden" name="submitted" value="TRUE"></td>
<td></td>
</tr>
</form>
</table>

</td>

</tr>
</table>

[kenrbnsn]

Please edit your post and put the [nobbc][code][/nobbc] tag at the beginning and [nobbc][/code][/nobbc] tag at the end.

Ken