I am able to login a user, but while processing to the next page (memebers area) I can't display any user info let alone print the $_SESSION[email]. I am not sure what's up. Below is the login code and the testing members are page.
Login page:
session_start();
//also in a real app you would get the id dynamically
$sql = "select `email`, `password` from `accounts` where `email` = '$_POST[email]'";
$query = mysql_query($sql) or die ("Error: ".mysql_error());
while ($row = mysql_fetch_array($query)){
$email = $row['email'];
$secret = $row['password'];
//we will echo these into the proper fields
}
mysql_free_result($query);
// Process the POST variables
$email = $_POST["email"];
//Variables
$_SESSION["email"] = $_POST["email"];
$secret = $info['password'];
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
$email = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT email, password FROM accounts WHERE email = '$email'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if (@ $info['password'] != $pass)
{
}
else
{
header("Location: home.php");
}
}
}
//if the login
form is submitted
if (isset($_POST['submit'])) { // if
form has been submitted
// makes sure they filled it in
if(!$_POST['email'] | !$_POST['password']) {
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT email,password FROM accounts WHERE email = '".$_POST['email']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
//gives error if the password is wrong
if (@ $_POST['password'] != $info['password']) {
die('Incorrect password, please try again');
}
else
{
// if login is ok then we add a cookie
$_POST['email'] = stripslashes($_POST['email']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['email'], $hour);
setcookie(Key_my_site, $_POST['password'], $hour);
//then redirect them to the members area
header("Location: home.php");
}
}
}
else
{
// if they are not logged in
?>
<?php
}
?>
home.php
session_start();
if(!isset($_SESSION['email'])) {
header('Location: login_test3.php'); die('<a href="login_test3.php">Login first!</a>');
}
//Variables
$_SESSION["email"] = $email;
print $_SESSION['name'];
UPDATE
Just realized the existing code gets in to the home.php file but will not echo anything. But as soon as you hit refresh the session is gone.
