Jump to content

PHP Login Logs in but only correct on a refresh


exceedinglife
 Share

Recommended Posts

Hello all,

I have a php login project that I am almost finished with. I have users in a table and I can login with the users BUT when I click the login button I get

	Notice: session_start(): A session had already been started - ignoring in E:\xampp\htdocs\PHP_Login\index.php on line 53

Warning: Cannot modify header information - headers already sent by (output started at E:\xampp\htdocs\PHP_Login\index.php:53) in E:\xampp\htdocs\PHP_Login\index.php on line 60
	

When I click the refresh button I get what I am supposed to get and I am logged in to the dashboard.

 

<?php
error_reporting(E_ALL);
ini_set("display_errors", "1");
  // Initialize SESSION
    session_start();
  // Check if logged in ifso sent to Welcome.php
    if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true) {
        header("Location: php/welcome.php");
        exit;
    }
  // Include config mySQL
    require_once "php/config.php";
  // Define all variables and initialize them as 'empty'
    $username = $password = "";
    $usernameerror = $passworderror = "";

  // Process form data when submitted
  if($_SERVER["REQUEST_METHOD"] == "POST") {
      // Check if username is empty.
      if(empty(trim($_POST["username"]))) {
          $usernameerror = "Please enter a username";
      } else {
          $username = trim($_POST["username"]);
      }
      // Check if password is empty.
      if(empty(trim($_POST["password"]))) {
          $passworderror = "Please enter a password";
      } else {
          $password = trim($_POST["password"]);
      }
      // Validate credentials.
      if(empty($usernameerror) && empty($passworderror)) {
          // Prepare a SELECT statement.
          $sql = "SELECT userid, name, username, password FROM users WHERE " .
                 "username = :username";
          if($stmt = $pdoConn->prepare($sql)) {
              // bind variables to the prepared statement as parameters
              $stmt->bindParam(":username", $param_username, PDO::PARAM_STR);
              // Set parameters
              $param_username = trim($_POST["username"]);
              // Attempt to execute prepared statement.
              if($stmt->execute()) {
                  // Check if username exists if so check password.
                  if($stmt->rowCount() == 1) {
                      if($row = $stmt->fetch()) {
                          $id = $row["userid"];
                          $username = $row["username"];
                          $password_hashed = $row["password"];
                          $name = $row["name"];
                          if(password_verify($password, $password_hashed)) {
                              // Password correct start new session

                                  session_start();
                                  // store data in SESSION variables
                                  $_SESSION["loggedin"] = true;
                                  $_SESSION["id"] = $id;
                                  $_SESSION["username"] = $username;
                                  $_SESSION["name"] = $name;
                                  //Redirect to welcome.php
                                  header("Location: php/welcome.php");

                          } else {
                              // If password INCORRECT error msg
                              $passworderror = "Password was <b>Incorrect!</b>";
                          }
                      }
                  } else {
                      $usernameerror = "No account was found.";
                  }
              } else {
                  echo "Error something went wrong, incorrect execution ";
              }
          }
          // Close prepared stmt
          unset($stmt);
      }
      // Close connection
      unset($pdoConn);
  }

?>

 

Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.