3

I am doing a project in which to enter the admin page you need username and password. The session is created once username and password are corrected or redirected to some other page is anyone of them is incorrect. My code for this is:

<?php

    include_once './connection.php'; 
    file_exists("connection.php");

    $username = $_POST['username'];
    $password = $_POST['password'];


    $query=pg_query("select password from users where username like '".$username."' ");

    $mypassword=pg_fetch_object($query)->password;

    if(($password==$mypassword)and($mypassword!=null)){
        $_SESSION["username"]="username";
        $_SESSION["password"]="passwoed";
        header("location:admin_page.php");
    }

    else{  
        header("location:attempt.php");
    }


    pg_close($connection); 


?>

In admin page, my code is :

<?php
    session_start();    
    if(!isset($_SESSION["username"])){
        header("location:homepage.php");
    }
?>

<!DOCTYPE html>
<html>
<title>Project</title>
<body>
<div id="loginContainer" align='center'>
    <font color='white'>Logged In As: <?php echo $_SESSION["username"]; ?></font>       </div>
</body>

The thing is I am directly redirected to homepage without being able to be in adminpage. Is something wrong with the session registration? But if I change the php code as, I am on the adminpage:

<?php
    session_start();    
    if(isset($_SESSION["username"])){
        header("location:homepage.php");
    }
?>

And I want to display the name of the user which I have saved through $_SESSION[] supervariable. I get the error message as Notice: Undefined index: username in C:\xampp\htdocs\admin_page.php.

Thanks in Advance

I changed the code as you told me.

But whether I write 

<?php
    session_start();    
    if(!isset($_SESSION["username"])){
        header("location:homepage.php");
    }
?>

<!DOCTYPE html>
<html>
<title>Project</title>
<body>
<div id="loginContainer" align='center'>
    <font color='white'>Logged In As: <?php echo $_SESSION["username"]; ?></font>       </div>

OR 

<?php
    session_start();    
    if(!isset($_SESSION["username"])){
        header("location:homepage.php");
    }
?>

<!DOCTYPE html>
<html>
<title>Project</title>
<body>
<div id="loginContainer" align='center'>
    <font color='white'>Logged In As: <?php echo $username; ?></font>       </div>
</body>

I get the same error. "Notice: Undefined index: username in C:\xampp\htdocs\admin_page.php." and I dont know what to do next. Please Suggest!!!

Taryn
  • 242,637
  • 56
  • 362
  • 405
Biplov Bhandari
  • 390
  • 3
  • 18
  • 1
    You don't have `session_start()` present anywhere on the page that sets the sessions. – Darren Jun 26 '14 at 06:07
  • Wrap into an else{} statement the code after the if. The problem is that your header is set, but the php in your html is compiled as well, and there is no $_SESSION["username"] – Geseft Jun 26 '14 at 06:14

3 Answers3

3

above code worked when I changed my code as: 

<?php

    session_start();
    include_once './connection.php'; 
    file_exists("connection.php");

    $username = $_POST['username'];
    $password = $_POST['password'];


    $query=pg_query("select password from users where username like '".$username."' ");

    $mypassword=pg_fetch_object($query)->password;

    if(($password==$mypassword)and($mypassword!=null)){
        $_SESSION["username"]=$username;//instead of "username"
        $_SESSION["password"]=$password;
        header("location:admin_page.php");
    }

    else{  
        header("location:attempt.php");
    }


    pg_close($connection); 


    ?>

Thank You Geseft.

Biplov Bhandari
  • 390
  • 3
  • 18
0

Update your part of code below shown

if(($password==$mypassword)and($mypassword!=null)){
    $_SESSION["username"]="username";
    $_SESSION["password"]="passwoed";
    header("location:admin_page.php");
}

to

if(($password==$mypassword)and($mypassword!=null)){
    $_SESSION["username"]= $username;
    $_SESSION["password"]= $password;
    header("location:admin_page.php");
}

As you want to set $_SESSION["username"] with the Posted value as well as $_SESSION["password"] then have to use $username and $password as you are getting Posted values in those variables.

AkshayP
  • 2,141
  • 2
  • 18
  • 27
0

Fist things first: if you want to set variables to session then you have to initialize session:

<?php

    session_start();
    include_once './connection.php'; 
    file_exists("connection.php");

    $username = $_POST['username'];
    $password = $_POST['password'];


    $query=pg_query("select password from users where username like '".$username."' ");

    $mypassword=pg_fetch_object($query)->password;

    if(($password==$mypassword)and($mypassword!=null)){
        $_SESSION["username"]=$username;
        $_SESSION["password"]=$password;
        header("location:admin_page.php");
    }

    else{  
        header("location:attempt.php");
    }


    pg_close($connection); 


    ?>

After that you can edit the admin_page as well:

<?php
    session_start();    
    if(!isset($_SESSION["username"])){
        header("location:homepage.php");
    }
else {
?>

<!DOCTYPE html>
<html>
<title>Project</title>
<body>
<div id="loginContainer" align='center'>
    <font color='white'>Logged In As: <?php echo $_SESSION["username"]; ?></font>       </div>
</body>
<?php 
 } 
?>

As I stated in the comment also, the header file is set if you do not get a "username" variable, but the rest of the page is "rendered" as well. That's why I wrapped into an else statement.

Biplov Bhandari
  • 390
  • 3
  • 18
Geseft
  • 317
  • 1
  • 7