I'm having a spot of trouble with a basic login script I'm making for a project. The Login works except for one thing that I can't get around:
At the top of my User.phppage I have the code:
<?php
session_start();
if(!$_SESSION['email']){
header("location:Login");
}
?>
Which works fine, but my other script for logging in I have this and
the $_SESSION just does not seem to be initializing or registering, am I doing something fundamentally wrong?
Not showing the database details, but they're before this part
// username and password sent from form
$email=$_POST['email'];
$pass=$_POST['pass'];
// To protect MySQL injection (more detail about MySQL injection)
$email = stripslashes($email);
$pass = stripslashes($pass);
$email = mysql_real_escape_string($email);
$pass = mysql_real_escape_string($pass);
$sql="SELECT * FROM $tbl_name WHERE email='$email' and pass='$pass'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
$row=mysql_fetch_array($result);
// Register $myusername, $mypassword and redirect to file "login_success.php";
$_SESSION['fname'] =$row['fname'];
$_SESSION['lname'] =$row['lname'];
$_SESSION['email'] =$_POST['email'];
$_SESSION['id'] =$_POST['id'];
$sow = $row['id'];
header("location:User.php?id=$sow");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
