0

I'm not sure what I am doing wrong. I've created login systems before, but this in this case neither the Session variables are being passed nor is the page being redirected. The code is not returning any errors either. 

if(isset($_POST['login'])){

$get_pass = $_POST['password'];
$get_pass_md5 = md5(md5("kJKLAD&%12!!".$get_pass."DAFKdkdf^9131*@^"));
$get_email = $_POST['email'];

require('connect.php');

$confirm_email_query = $con->query("SELECT * FROM users WHERE email = '$get_email'");

if($confirm_email_query->rowCount() == 1){

    $db_user_info = $confirm_email_query->fetch(PDO::FETCH_OBJ);
    $db_password = $db_user_info->password;

    if($db_password === $get_pass_md5){


        $fname = $db_user_info->fname;
        $lname = $db_user_info->lname;
        $team_id = $db_user_info->team_id;
        $user_id = $db_user_info->user_id;
        $privilege = $db_user_info->privilege;

        session_start();
        session_id(md5(md5($team_id.$fname.$lname)));
        $_SESSION['team_id'] = $team_id;
        $_SESSION['fname'] = $fname;
        $_SESSION['lname'] = $lname; 
        $_SESSION['user_id'] = $user_id;
        $_SESSION['privilege'] = $privilege;

        header( 'Location: index.php' ) ;

    }
    else{
        echo "Fatal Error: You have entered an incorrect password.";
    }


}
else{
    echo "Fatal Error: No such user exists.";
}
}
SyedKamran
  • 21
  • 7
  • Is `$_POST['login']` set? – Shahar Mar 10 '14 at 19:45
  • Turn up error_reporting and `display_errors` _always_ when developing code. If you have any output before, session/header/cookie calls will fail. `error_reporting(E_ALL); ini_set('display_errors', 1);` – Michael Berkowski Mar 10 '14 at 19:45
  • After enabling error reporting, I suspect you'll see errors about "headers already sent", at which point you should [read this](http://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php/8028987#8028987) – Michael Berkowski Mar 10 '14 at 19:46

1 Answers1

0

SET THE session_start() at 1st line the code or including include() must be the 1st line verify your encoding if is utf-8 ansii or other if don't have any include files within diferent encoding

user3173819
  • 62
  • 7
  • 2
    It does not need to be the first line, it needs to occur before any other output. – Michael Berkowski Mar 10 '14 at 19:45
  • some versions doesn't works if isn't the 1st line i've this problem – user3173819 Mar 10 '14 at 19:47
  • It is not version specific. It is entirely output specific. You are correct that it may not work if it isn't the first line, but that has nothing to do with the line position, and everything to do with whether or not the output buffer has flushed down to the client browser, thereby sending the opening HTML headers ahead of the cookie session_start() sends. – Michael Berkowski Mar 10 '14 at 19:50