This is panel login:
<?php include('header.php');
$login=mysql_query("select * from user")or die(mysql_error());
$row=mysql_fetch_row($login);
$level = $row[3];
session_start();
if (isset($_SESSION['username'])){
if ($level == '1')
{
header('location:admin/index.php');
}
if ($level == '2')
{
header('location:member/index.php');
}
}
?>
<body>
<div class="row-fluid">
<div class="span12">
<center>
</br>
</br>
<div id="container">
<div id="header">
<div class="alert alert-success"><label>Login to the System</label></div>
</div>
<form method="post">
<table>
<tr>
<td><label>User Name</label></td>
<td><input type="text" id="username" name="username" placeholder="username" required></td>
</tr>
<tr>
<td><label>Password</label></td>
<td><input type="password" id="password" name="password" placeholder="Password" required></td>
</tr>
<tr>
<td></td>
<td><button type="submit" id="submit" name="submit" class="btn btn-success">Login</button></td>
</tr>
</table>
</form>
<?php
if (isset($_POST['submit'])){
$username=$_POST['username'];
$password=($_POST['password']);
$login=mysql_query("select * from user where user_name='$username' and user_password='$password'")or die(mysql_error());
$count=mysql_num_rows($login);
$row=mysql_fetch_row($login);
$level = $row[3];
if ($count > 0){
$_SESSION['username']=$row[1];
if ($level == 1)
{
header('location:admin/index.php');
}
if ($level == 2)
{
header('location:member/index.php');
}
}
else{ ?>
<!-- <script type="text/javascript">
alert("Error Login! Wrong Combination of Username and Password!");
</script> -->
<div class="alert alert-error">Error login! Please check your username or password</div>
<?php
}}
?>
</div>
</center>
</div>
</div>
</body>
</html>
I logged in with the correct information but the system is not forwarded to the member's page. $_SESSION['username'] not working. I tried all the solutions I can find on the internet, none of them worked. I'm out ideas as to why this isn't working. Any help will be greatly appreciated, thank you.
I used this code: can you help me fix it ? Thank you very much
You are destroying your session before reading the variable.
session_start();
session_destroy();
session_start();
Therefore you will not be able to access your $_SESSION variables.
Remove the two first lines of the snippet above and this will be fine.
You destroy session and afterward you want to check if exists.
You must process the form at another page or simply protect session_desytroy will not execute after you send from.
if (empty($_POST['submit'])){
session_start();
session_destroy();
session_start();
}
If you put it into the condidion, it will not destroy your session after form is sent.
I personally think ist is pointless to set, destroy and set again session. Simply do
session_start();
session_destroy();
After this call it's not so strange there's nothing left in $_SESSION.
Apart from this there's a lot of things awfully wrong in your logic, I mean:
$login=mysql_query("select * from user")or die(mysql_error());
$row=mysql_fetch_row($login);
$level = $row[3];
You're selecting a random user, what the hell is $level supposed to be containing here?
You destroyed your session in session_destroy();
<?php include('header.php');
//Where are the user details to select the user? Should not it be like?
$sql = "select * from `user` WHERE `username ` = 'something' AND `password` = 'something' LIMIT 1";
$login=mysql_query($sql)or die(mysql_error());
$row=mysql_fetch_row($login);
$level = $row[3];
//Start a session first
session_start();
//Set session username here
$_SESSION['username'] = $row[username-array-key]
if ($level == '1')
{
header('location:admin/index.php');
}
if ($level == '2')
{
header('location:member/index.php');
}
?>