I made a website using WordPress, and on one page I've included my own script to guide users through a series of steps to calculate an outcome. The scripts are included in this order
Main page -> includes my Wizard.php -> Wizard.php include's Wizard_Step_xx.php
The Wizard reload's new steps every time from Step_01 until Step_10.php, this is done by a jQuery script.
Now my problem is that whenever a user finishis this "Wizard" he gets the option to log in and get redirected to his own page. Now when a user clicks the link to get to the "Wizard" I want to show the users personal page instead of showing him the first step of the wizard which would normally happen.
I've made this simple script that sets a $_SESSION variable when the user logs in :
//Validate Log In
if(isset($_POST['Validate'])) //submit login button
{
$inlog_naam = ( $_POST['inlognaam'] );
$wachtwoord = ( $_POST['wachtwoord'] );
$try = mysql_query("SELECT * FROM xxxx WHERE username = '$inlog_naam' AND password = '$wachtwoord'") or die (mysql_error() );
$result = mysql_num_rows($try);
if($result == 0)
{
$page = ( 8 );
$_SESSION['Invalid_Login_1'] = ( "true" );
}
else
{
$_SESSION['Invalid_Login_1'] = ( "false" );
$user_info = mysql_query("SELECT * FROM xxxxx WHERE username = '$inlog_naam' AND password = '$wachtwoord'") or die ( mysql_error() );
$user_info_result = mysql_fetch_array($user_info, MYSQLI_BOTH);
$user_lastname = ( $user_info_result['contact_Achternaam'] );
$user_id = ( $user_info_result['user_id'] );
$_SESSION['user_id_1'] = ( $user_id );
$_SESSION['user_name'] = ( $inlog_naam );
$_SESSION['user_lastname'] = ( $user_lastname );
$session_id = ( session_id() );
mysql_query("UPDATE xxxxx SET user_id = '$user_id', user_username = '$inlog_naam', user_lastname = '$user_lastname' WHERE session_id = '$session_id'") or die (mysql_error() );
$page = ( 9 );
$_SESSION['user_login'] = ( "true" );
$_SESSION['user_main_screen'] = ( "true" );
}
Now this part of the script works perferct, and the $_SESSION variables gets set. But when I click on the link to go to the Wizard again I got this script in the Wizard.php file to show the users personal page instead of Wizard_Step_01.php which would normally happen.
if(isset($_SESSION['user_login']) && $_SESSION['user_login'] == 'true')
{
$page = 9;
}
else
{
echo $_SESSION['user_login'];
}
This script doesn't seem to see the $_SESSION variable, though when I click next on this page to go to Wizard_Step_02.php it DOES recognize it.
I've also noticed that for some reason, my site is running 2 PHPSESSID's , I thought I would prevent this by doing this :
<?php if(!isset( $_SESSION )) { session_start(); } ?>
but for some reason it still creates a second PHPSESSID.
If anyone has any idea on how to disable/delete/unset 1 of the 2 PHPSESSID's if this is where the problem lies, or any idea why this is happening....
To be clear: I want to know why my page doesn't find the setted $_SESSION['user_login'] when I load the page. Also any suggestions or any form of help is appreciated.
Thanks for reading.