I've been experimenting with php lately and I'm trying to understand sessions. So far I understand that each page needs a session_start() if I am to require a login to view certain pages/ carry information, but what I cannot figure out is how to keep the user's information after the login page.
Here is my login.php script:
<?php
session_start();
?>
<head>
<link rel="stylesheet" type="text/css" href="styles.css">
<link href='http://fonts.googleapis.com/css?family=Lato|Quattrocento+Sans|Oxygen|Hind|Raleway' rel='stylesheet' type='text/css'>
<script src="http://code.jquery.com/jquery-1.8.3.min.js"></script>
<script src="career.js"></script>
</head>
<body onload="fadeUp()">
<form id="login" class="login" action="logCheck.php" method="POST">
<div id="titleArea"><img src="tampa-bay.png" class="t2"><div class="workspaceTitle">CPC <br><align ="left">WorkSpace</align></div></div>
<center>
<table class="logTable">
<tr><td colspan="2"><input type="text" class="field" value="username" onclick='javascript: this.value = ""' name="user"></td></tr>
<tr><td colspan="2"><input type="password" class="field" onclick='javascript: this.value = ""' value="password" name="pass"></td></tr>
<tr><td></td><td colspan="2"><input type="submit" name="login" value="Login"></td></tr>
<tr><td></td><td colspan="2">Don't have an account?<a href="register.php"> Register Here</a></td></tr>
<tr><td></td><td colspan="2">Forgot your username/password?<a href="register.php"> Click Here</a></td></tr>
</table>
</center>
</form>
</body>
And here is the relevant login verification (logCheck.php) script
if(isset($_POST['login'])){
$username = mysqli_real_escape_string($con,$_POST['user']);
$pass = mysqli_real_escape_string($con,$_POST['pass']);
$sel_user = "select * from userdata where username='$username' AND password='$pass'";
$run_user = mysqli_query($con, $sel_user);
$check_user = mysqli_num_rows($run_user);
if($check_user>0){
$_SESSION['username']=$_POST['user'];
echo "<script>window.open('careerindex.php','_self')</script>";
}
else {
echo "<script>alert('Username or password is not correct, try again!')</script><script>window.open('login.php','_self')</script>";
}
}
?>
Lastly, I also have an includes which holds the header on all pages that require logins. Here is the header's session:
<?php
session_start();
if (isset($_SESSION['username'])) {
?>
logged in HTML and code here
<?php
} else {
?>
Not logged in HTML and code here
<?php
}
?>
I've tried to use a regular session_Start() on each page, a session variable that uses the username (like $_SESSION['username']=$_POST['user'];
). But I can't understand what I'm doing wrong. Any suggestions? (Ps, I've tried google searching, looking up answers here and w3 schools but none of the methods suggested seem to work)
Anywhere you are using any $_SESSION
data, you need to initiate the session with session_start()
, including in header and include files, you can find easily from StackOverflow various methods to check if a session has already been started and then if not, you can call session_start();
.
As long as you reference the $_SESSION
values correctly and you have sorted out that session_start();
runs correctly, if you have further issues then you'd need to provide more specific details and code.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments