-1

So I created a login.php for our Web application project but it doesn't seem to let me login in a session

Here's my login.php code: 

<?php
if(isset($_POST['username']) && isset($_POST['pass'])){
include("sql_connect.php");
$res = mysqli_query($mysqli, "SELECT * FROM customer
                              WHERE idnum='".$_POST['username']."'
                              AND password = '".$_POST['pass']."'");

if(mysqli_num_rows($res)==1){
    $_SESSION['logged_in'] = "$idnum";   //creates and initializes the session with the name 'variable_name'
    echo $_SESSION['logged_in'];   //will now print out value
    header("location:index.php");
    }
    else{
        echo "Incorrect Username/Password!";
    }
}
?>

and here's my index.php code: 

<?php
session_start();
if(!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] != "TRUE"){
    header("location:login.php");
}
include("sql_connect.php");
?>
Improve this question
6
  • 1
    login.php is missing session_start(); Commented Oct 10, 2016 at 15:28
  • Barmar beat me to it, add session_start(); at the top of login.php Commented Oct 10, 2016 at 15:28
  • $_SESSION['logged_in'] != "TRUE" this is always true... $_SESSION['logged_in'] never is equal to text 'TRUE' Commented Oct 10, 2016 at 15:28
  • It's still not working guys Commented Oct 10, 2016 at 15:35
  • $_SESSION['logged_in'] != "TRUE" as stated. TRUE and "TRUE" are two different animals; one is a boolean while the other is a string. You don't even need that anyway. Plus, we don't know if your form is ok or not. Commented Oct 10, 2016 at 15:48

1 Answer 1

Reset to default
0

You need to add session_start() on all files using sessions (the ones reading, updating, setting, etc. them).

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

It's still not working for me, I don't know why
There are other mistakes in your code and logic like @nospor pointed in a comment above. $_SESSION['logged_in'] seems to contain a username and not the string "TRUE" and the condition you use is always true (boolean). Work a bit on your code logic...
Not my downvote here, but OP is also outputting before header and see the comments under the question. You've put yourself in that rabbit hole here.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.