I have working session variables of username and password for login in, but when I try to add another session to show an attempt at login, it doesn't register. What I have working so far is this:
// other php above where I do a query
session_start();
if ($numrows == 0){
//echo "no users matching that query
";
unset($_SESSION["username"]);
unset($_SESSION["password"]);
header ("location: welcomepage.php");
}
else {
//echo "congradulations, you have loged in
";
$_SESSION["username"] = $usernameSanitized;
$_SESSION["password"] = $passwordHashed;
header ("location: welcomepage.php");
}
?>
and in my welcomepage.php I have.
<?php
session_start();
if (isset($_SESSION["username"])&&isset($_SESSION["password"])){
echo "hello".$_SESSION["username"]."
";
}
else{
echo "you have not yet logged in";
}
?>
This is fine, but for some reason, where I run into problems is when I try to add another third session to try to mark where user tried to login, called $_SESSION['attempt'].
In the first part of my code for the login, I add:
// other php above where I do a query
session_start();
$_SESSION["attempt"] = "attempted"; //<----added this line
if ($numrows == 0){
//echo "no users matching that query
";
unset($_SESSION["username"]);
unset($_SESSION["password"]);
header ("location: welcomepage.php");
}
else {
//echo "congradulations, you have loged in
";
$_SESSION["username"] = $usernameSanitized;
$_SESSION["password"] = $passwordHashed;
header ("location: welcomepage.php");
}
?>
And then I add another conditional:
<?php
session_start();
if (isset($_SESSION["username"])&&isset($_SESSION["password"])){
echo "hello".$_SESSION["username"]."
";
}
else if (isset($_SESSION["attempt"])){ // <--- added this condition
echo "login with username and password failed";
unset($_SESSION["attempt"]);
}
else{
echo "you have not yet logged in";
}
?>
But when I enter with a wrong username or password, I'm always directed to "you have not yet logged in". What am I missing?
Thanks.
SOLUTION:
I found a much better solution to my problem. I don't know why my conditional wasn't registering the session variable as isset, but my purpose was to send a variable depending on the login status (fail or success). I did this by doing the following:
// other php code above
$_SESSION["usermessage"] = ""; // set this depending on outcome
if ($numrows == 0){
//echo "no users matching that query
";
$_SESSION["usermessage"] = "sorry, login failed";
unset($_SESSION["username"]);
unset($_SESSION["password"]);
header ("location: frontpage.php");
}
else {
//echo "congradulations, you have loged in
";
$_SESSION["usermessage"] = "you have logged in!";
$_SESSION["username"] = $usernameSanitized;
$_SESSION["password"] = $passwordHashed;
header ("location: frontpage.php");
}
?>
and as well on my welcomepage.php, I could have tested a conditional based on the value of my $_SESSION["usermessage"] as well if I needed to, but instead I just displayed it with different values.