I am trying to start a user session when a user logs in to my website. The setup is pretty simple. Here is my checkLogin.php script that checks whether the user is a member of the website.
Expand|Select|Wrap|Line Numbers
- <?
- session_start();
- $username = $_POST["username"];
- $password = $_POST["password"];
- include '../connect.php';
- $sql = sprintf( "SELECT * FROM members WHERE username = '%s' AND password = '%s'", $username, $password );
- $res = mysql_query( $sql );
- $count = mysql_num_rows( $res );
- if ( $count == 1 ){
- $_SESSION["username"] = $username;
- $_SESSION["loggedIn"] = true;
- header( "Location:/pro/" );
- } else {
- header("Location:/");
- }
- ?>
Expand|Select|Wrap|Line Numbers
- <?
- session_start();
- if (!$_SESSION['loggedIn']){
- header("Location:/");
- } else {
- ?>
- <html>
- <body>
- <?
- $currentUser = $_SESSION['username'];
- echo $currentUser;
- }
- ?>
- <p>Welcome to the pro section.</p>
- <a href="Logout.php">Logout</a>
- </body>
- </html>
Ordinarily, there would be a request cookie with PHPSESSID as the name, but not with me. Is there something I need to configure in my php.ini file or is the code wrong?
I am baffled!
Any help would be appreciated!