session not being stored unless I destroy non existence session?

Question

session is not being stored unless I destroy non existence one. I am trying to create login form, every time I login it doesnt work unless I go to logout.php which has session_destroy(); then when I login in again it works perfectly.

code:

    <?php
    @session_start();
    require_once ( 'include/config.php' );
    class users{
    public function login() {
    session_start();
    if(!isset($_SESSION['id'])) {
    $login_submit=$_POST ['submit'];
    if (isset($login_submit)) {

    $login_username=$_POST ['username'];
    $login_password=$_POST ['password'];
    $login_username = stripslashes($login_username);
    login_password = stripslashes($login_password);
    $login_username = mysql_real_escape_string($login_username);
    $login_password = mysql_real_escape_string($login_password);
    $site_info=mysql_query("SELECT * FROM site_settings");
    $site_settings=mysql_fetch_object($site_info);
    $site_url=$site_settings->site_url;

    $login=mysql_query("SELECT * FROM users where username='$login_username' AND     password='$login_password' ");
    $rows=mysql_num_rows($login);

    $admin_login=mysql_query("SELECT * FROM admin where admin_u='$login_username' AND  admin_p='$login_password' ");
    $admin_login_info=mysql_fetch_object($admin_login);
    $admin_rows=mysql_num_rows($admin_login);

    if($rows == 1) {
    $linfo=mysql_fetch_object($login);
    $_SESSION ['id']=$linfo->id;
    $_SESSION ['username']=$login_username;
    echo "<meta http-equiv='refresh' content='0,overview'>";
    }

    elseif($admin_rows == 1) {

    $_SESSION ['adminid']=$admin_login_info->id;
    $_SESSION ['adminusername']=$admin_login_info->username;
    echo "<meta http-equiv='refresh' content='0,admin/services.php'>";

    }
    else {
    echo "<p id='lger'> اسم المستخدم او كلمة السر غير صحيحة </p>";
    }
     }

    }else {echo "<meta http-equiv='refresh' content='0,overview'>";}

    }
    }
    ?>

code of the page contain the login function:

    <?php
    @session_start();
    require_once ( 'include/functions.php' );
    if(!isset($_SESSION['id'])) {
    print ("
    <div id='login'>
    <p id='loginp'>تسجيل الدخول </p><br><br>
    <form action='index' method='post' id='form'>
    <input type='text' name='username' placeholder='اسم المستخدم' class='linput'>    </input><img src='images/login.png' class='limg'></img><br><br>
    <input type='password' name='password' placeholder='كلمة السر' class='linput'></input><img src='images/lock.png' class='limg'></img><br><br>
    <input type='submit' name='submit' value='دخول' class='lbutton'> </input>
    </form>
    <br>
    <hr id='hrlogin'>
    <div id='aga'><p id='new'>لاتمتلك حساب؟</p>
    <a href='signup.php' id='nhref'>أنشئ حساب جديد</a></div>
    </div>
    ");
    $users = new users();
    $users->login();
    } else {
    echo "<meta http-equiv='refresh' content='0,overview'>";

    }
    ?>

Answer 1

You can always test for your session with something like:

if(! isset($_SESSION)) session_start();

In addition to the above, if you want to account for checking to see if sessions are disabled for some reason, you can supress the error message, set a test session variable, and then verify it was set. If its not, you can code in a reaction for disabled sessions. You'll want to do all this at or near the start of your script. So as an example (works differently depending on error handling setting):

$_SESSION['valid'] = 'valid';

if('valid' !== $_SESSION['valid'])
{
   // handle disabled sessions
}

ALSO if you are using PHP 5.4+ there a cool little trick called session_status()

if (PHP_SESSION_NONE === session_status()) session_start();

Hope this helps.