I've a login page, where I'm setting the admin ID as a session variable
$_SESSION['adminUserId'] = $row['id'];
Now I've a header.php file which is called first on every page. To display the header. And the first line of Header.php has
if (!isset($_SESSION['adminUserId'])) {
header("Location: ../index.php");
}
Now the strange part about this is, while I'm doing echo $_SESSION['adminUserId']), it displays the value of the variable. But when I'm checking the variable with isset, the result is false. I'm unable to understand this, as how this is happening. Also, another strange thing, include header.php is the first line of code for every page, it works fine for all the pages apart from one, where it redirects the user to index.php
I've tried changing the variable name, setting the variable in a different way. But doesn't work for the specific page.
if (!isset($_SESSION['adminUserId'])) {
header("Location: ../index.php");
}
The expected result for a logged in user should be true but for a not logged in user it should be false, but it is showing vice versa
index.php (Here the session is getting set)
$qry = $DB_con->prepare("SELECT * FROM user WHERE username = '".$username."' AND password = '".$password."' AND role ='".$role."' AND country ='".$country."'");
$qry->execute();
$admin = $qry->fetchAll(PDO::FETCH_ASSOC);
// print_r($admin);
if($admin){
foreach($admin as $row)
{
if($username==$row['username'] && $password==$row['password'] && $role == 'Admin')
{
$country = $row['country'];
$_SESSION['Country'] = $country;
$DEO_id = $row['id'];
$_SESSION['adminUserId'] = $DEO_id;
$session_role = $row['role'];
$_SESSION['session_role'] = $session_role;
$usernameAdmin = $row['username'];
$_SESSION['city'] = $usernameAdmin;
$_SESSION['isAdminLoggedIn'] = "True";
header('location:admin/dashboard.php');
}
elseif($username==$row['username'] && $password==$row['password'] && $role == 'Data Entry User')
{
$DEO_id = $row['id'];
$_SESSION['dataEntry_ID'] = $DEO_id;
$country = $row['country'];
$_SESSION['Country'] = $country;
$session_role = $row['role'];
$_SESSION['session_role'] = $session_role;
header('location:data_operator/dashboard.php');
}
else
{
$error = "Invalid Username or Password.";
}
}
}
{
$error = "Invalid Username or Password.";
}
dashboard.php (Where the header.php is called and code works fine)
<?php include('header.php');
include('../include/dbcon.php');
?>
Now there's another link in the dashboard page
<a href="new-registration.php" class="btn btn-success btn-icon-split" style="width:100%">
<span class="text">New Registration</span>
</a>
When I see the new-registration.php page, this is how it looks like
<?php include('header.php');
include('../include/dbcon.php');
?>
And now the final header.php(where all this action is taking place)
<?php
include('../include/dbcon.php');
if(!isset($_SESSION['adminUserId']))
{
header("Location: ../index.php");
}
?>