0

Ok so what I'm trying to accomplish is a simple login page(adminlogin.php) that then goes to a small php file(session.php) which starts a php session and stores the posted data in session variables. Once this is finished the php file redirects to a admin menu page(adminmenu.php). on the menu page I have a check to see if any session data has been set, this stops access to admin sections without logging in. My issue is that it the session.php page doesn't seem to be assigning the post values to the session storage, because i get redirected to the login page.

Login code

<?php
require('header.php');
?>
<section class="results">
<form id="login" method="post" action="session.php">
<fieldset id="login">
<legend>Admin Login</legend>
<label for="username">Username:</label>
<input type="text" name="user" id="user" size="20"><br />
<label for="password">Password:</label>
<input type="password" name="pwd" id="pwd" size="20"><br />
<input type="submit" id="login" value="Login" />
</fieldset>
</form>
</section>
<?php require('footer.php')?>

Session code

<?php
    echo "start";
    session_start();
    $_SESSION['username'] = $_POST['user'];
    $_SESSION['password'] = $_POST['pwd'];  
    require('header.php');
    require('footer.php');
    header("Location: adminmenu.php");
?>

Menu code

  if(!isset($_SESSION['username'])) {
    header("Location: adminlogin.php");

    } else {
    ...
    }
Brendon Rother
  • 119
  • 4
  • 17

2 Answers2

4

You can't have anything output before session_start because it has to set headers. Remove your echo statement and I bet it works

Machavity
  • 30,841
  • 27
  • 92
  • 100
0

Ok so I've worked out what the issue was.

session_start() needs to be called before anything on EVERY page that uses session storage

I was under the assumption that it was only needed to initialise a session but it is actually used to call all session variables from storage so that they can be used.

Thanks for all the help

Brendon Rother
  • 119
  • 4
  • 17