I have spent several hours and for the life of me the $_SESSION will not set. If I apply a value to it directly it works. I have renamed ['username'] in the form and tried various combinations.
<?php
//data security check ip
// include 'functions/getclientip.php';
if(isset($_POST['submit'])){
// get post data from login form
$getuser = trim(htmlentities($_POST['username']));
$getpass = trim(htmlentities(md5($_POST['password'])));
if ($getuser&&$getpass){ //check to see if both entered
require('admin_connect.php'); //connect to db
//check db for user match
$query = mysql_query("SELECT * FROM users WHERE username='$getuser'");
$numrows = mysql_num_rows($query);
if($numrows !== 0){ //check for number of rows
while ($row = mysql_fetch_assoc($query)) {
$dbid = $row['id'];
$dbuser = $row['username'];
$dbpass = $row['password'];
$dbstatus = $row['status'];
$active = "active"; // set to match required status
if(($getuser === $dbuser)&&($getpass === $dbpass)&&($active === $dbstatus)){ //check for match from POST to db
//session_start();
$client=$_SESSION['myusername'];
// $client=$_SESSION['username'];
//relabel url and send to new page
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
if((substr($url, -1)=='/') OR (substr($url, -1) == '\\')) {
$url = substr ($url, 0, -1);
}
$url .='/loader.php';
// header("location: $url");
echo $client;
exit();
}//check for match from POST to db
} // mysql_fetch_assoc
}// check number of rows
} // check to see if username and password entered
} // isset submit
?>
