I have two pages ie login.php page and add_product.php page. I am storing session in the login page and getting it on the add_poduct.php. The problem is that when I directly paste the url of "add_product.php" to url, it returns a notice error. And it will return a notice error bacause the index used in the SESSION will be unknown on that page. How can I fix that so that if I directly paste the link of product page, it will retun me to login.php without notice error. My login.php is as follow-
<?php
session_start();
$link = mysqli_connect("localhost", "root", "", "youtube_project");
?>
<?php
if(isset($_POST['submit1'])){
$username = mysqli_real_escape_string($link, $_POST['username']);
$pwd = mysqli_real_escape_string($link, $_POST['pwd']);
$sql = mysqli_query($link, "SELECT * FROM admin_login WHERE username='$username' && password='$pwd'");
if(mysqli_num_rows($sql) >= 1){
while($row=mysqli_fetch_array($sql)){
$_SESSION["admin"]=$row["username"];
//print_r($_SESSION); //Getting values
}
?>
<script type="text/javascript">
window.location="add_product.php";
</script>
<?php
} else {
$msg = "Invalid Username/Password combination";
}
}
?>
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title>Login Form</title>
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div class="login">
<div class="login-triangle"></div>
<h2 class="login-header">Log in</h2>
<form class="login-container" name="form1" action="" method="post">
<p style="color:red;"><?php if(isset($msg)){ echo $msg; } ?></p>
<p><input type="text" placeholder="Username" name="username" required></p>
<p><input type="password" placeholder="Password" name="pwd" required></p>
<p><input type="submit" name="submit1" value="Log in"></p>
</form>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
</body>
</html>
And the add_product.php page is as follows:
<?php
session_start();
print_r($_SESSION); //Can't get values, empty array
if($_SESSION["admin"]==""){
?>
<script type="text/javascript">
//window.location="admin_login.php";
</script>
<?php
}
$link = mysqli_connect("localhost", "root", "", "youtube_project");
?>
<?php
if(isset($_POST['submit1'])){
$v1=rand(1111, 9999);
$v2=rand(1111, 9999);
$v3=$v1.$v2;
$v3=md5($v3);
$fnm=$_FILES["pimage"]["name"];
$dst="../product_image/".$v3.$fnm;
move_uploaded_file($_FILES["pimage"]["tmp_name"], $dst);
$name = $_POST['pnm'];
$price = $_POST['pprice'];
$qty = $_POST['pqty'];
$dst1="product_image/".$v3.$fnm;
$cat = $_POST['pcategory'];
$desc = $_POST['ptext'];
$sql = "INSERT INTO product VALUES ('', '$name', $price, $qty, '$dst1', '$cat', '$desc')";
mysqli_query($link, $sql);
}
?>
<?php include('header.php'); ?>
<?php include('menu.php'); ?>
<div class="grid_10">
<div class="box round first">
<h2>
Add Product</h2>
<div class="block">
<form name="form1" action="" method="post" enctype="multipart/form-data">
<table>
<tr>
<td>Product Name</td>
<td><input type="text" name="pnm"></td>
</tr>
<tr>
<td>Product Price</td>
<td><input type="text" name="pprice"></td>
</tr>
<tr>
<td>Product Quantity</td>
<td><input type="text" name="pqty"></td>
</tr>
<tr>
<td>Product Image</td>
<td><input type="file" name="pimage"></td>
</tr>
<tr>
<td>Product Category</td>
<td>
<select name="pcategory">
<option value="Gents_Clothes">Gents Clothes</option>
<option value="Ladies_Clothes">Ladies Clothes</option>
<option value="Gents_Shoes">Gents Shoes</option>
<option value="Ladies_Shoes">Ladies Shoes</option>
</select>
</td>
</tr>
<tr>
<td>Product Description</td>
<td><textarea name="ptext">Enter text here...</textarea></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit1" value="Upload"></td>
</tr>
</table>
</form>
</div>
</div>
<?php include('footer.php'); ?>
