I started to expirement with sessions....I need some help

[karatekid36]

The following code is my login page.  I can not get the page to redirect to the proper page once I submit the email and password.  It worked before I added all the sessions coding, meaning that when I typed in the correct password and email, it redirected to the proper page.  Now it will not do this.  Is there any reason why?

 

<?php

// Check if the form has been submitted.
if (isset($_POST['submitted'])) {

require_once ('mysql_connect.php'); // Connect to the db.

$errors = array(); // Initialize error array.

// Check for an email address.
if (empty($_POST['email'])) {
	$errors[] = 'You forgot to enter your email address.';
} else {
	$e = escape_data($_POST['email']);
}

// Check for a password.
if (empty($_POST['password'])) {
	$errors[] = 'You forgot to enter your password.';
} else {
	$p = escape_data($_POST['password']);
}

if (empty($errors)) { // If everything's OK.

	/* Retrieve the user_id and first_name for 
	that email/password combination. */
	$query = "SELECT user_id, first_name FROM brothers WHERE email='$e' AND password=SHA('$p')";		
	$result = @mysql_query ($query); // Run the query.
	$row = mysql_fetch_array ($result, MYSQL_NUM); // Return a record, if applicable.

	if ($row) { // A record was pulled from the database.

		// Set the session data & redirect.
		session_name('YourVisitID');
		session_start();
		$_SESSION['user_id'] = $row[0];
		$_SESSION['first_name'] = $row[1];
		$_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);

		// Redirect the user to the loggedin.php page.
		// Start defining the URL.
		$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
		// Check for a trailing slash.
		if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
			$url = substr ($url, 0, -1); // Chop off the slash.
		}
		// Add the page.
		$url .= '/after_logged_in_index.php';

		header("Location: $url");
		exit(); // Quit the script.

	} else { // No record matched the query.
		$errors[] = 'The email address and password entered do not match those on file.'; // Public message.
		$errors[] = mysql_error() . '<br /><br />Query: ' . $query; // Debugging message.
	}

} // End of if (empty($errors)) IF.

mysql_close(); // Close the database connection.

} else { // Form has not been submitted.

$errors = NULL;

} // End of the main Submit conditional.

// Begin the page now.
$page_title = 'Login';
include ('includes/header_login.html');

if (!empty($errors)) { // Print any error messages.
echo '<h1 id="mainhead">Error!</h1>
<p class="error">The following error(s) occurred:<br />';
foreach ($errors as $msg) { // Print each error.
	echo " - $msg<br />\n";
}
echo '</p><p>Please try again.</p>';
}

// Create the form.
?>
<h1 id="mainhead">Psi Beta Chapter Managment System </h1>
<h2>Login</h2>
<form action="index.php" method="post">
<p>Email Address: <input type="text" name="email" size="20" maxlength="40" /> </p>
<p>Password: <input type="password" name="password" size="20" maxlength="20" /></p>
<p><input type="submit" name="submit" value="Login" /></p>
<input type="hidden" name="submitted" value="TRUE" />
</form>
<?php
include ('includes/footer.html');
?>