Sir I have following codes on login.php

<?php
     error_reporting(E_ALL);
     ini_set('display_errors', 1);

require_once("../includes/connectsql.php");
require_once("../includes/functions.php");

$error = false;
$cerror="";
$cur_id=0;
$cur_user="";
$cur_email="";
$mypass="";
if(isset($_POST['login'])){ 
    $muser=clean($_POST['username']); 
    $mpass=clean($_POST['password']); 
    $mypass=SHA1($mpass);
    if (!preg_match("/^[a-zA-Z0-9]+$/",$mpass)) {
        $error = true;
        $cerror="Password must contain only alphabets and space";
    }
    if(!filter_var($muser,FILTER_VALIDATE_EMAIL)) {
        $error = true;
        $cerror = "Please Enter Valid Email ID";
    }

    if ($error == false)
    {
        $query="select * from u_login where email ='".$muser."' and pass='".$mypass."'";
        $result=sqlsrv_query($con,$query)or die ("Error". sqlsrv_errors($con)) ;
        while($res = sqlsrv_fetch_array($result)) {
            $cur_id=($res['id']);
            $cur_user=($res['userid']);
            $cur_email=($res['email']);
        }  
        if(empty($cur_user)){
            $cerror="Email or Password is invalid";
        }
        else
        {
            date_default_timezone_set('Asia/Karachi');
            session_start();
            $_SESSION['v'] = 'vikas';
            $_SESSION['id'] = $cur_id;
            $_SESSION['user'] = $cur_user;
            $_SESSION['email'] = $cur_email;
            $_SESSION["startTime"] = date('Y-m-d H:i:s');
            header("location:../index.php");
        }
    }
}
?>

When I enter correct login then control moves to this php
header("location:../index.php");
But immediately goes back to login.php
what I am doing wrong?
At the top of index.php i have these codes

<?php
session_start();
include_once("includes/connectsql.php");

if(!isset($_SESSION['user'])) 
{
  header("location: admin/login.php");
  exit;
}
?>

I think session is created but page moves to login.php
Please help

instead of doing the redirect, do a var_dump on $_SESSION and see whats in there. Then, do the same on index.php as well. Something obviously isnt being set, or carrying over - it may be that headers have been sent before your session begins (but that would cause an error).

It is also possible that isset is giving a false positive:
http://php.net/manual/en/function.isset.php

Since you set the value to "something", even "", it will return a valid value, since it is not NULL. Since you are using empty() earlier in your script, why not apply it here too?

Sir, this is first time when I am trying to upload my website on this windows hosting

https://somee.com/default.aspx

my all files work fine on Wampserver32, on local host there is no issue but when I upload via cpanel then session_save_path error occurs.

This is dirctory structure of File Manager. I do not know where to create session folder and then save $_session data in it.
Untitled.png

Please help

Member Avatar for diafol

You must have session_start on the top of every page before your includes.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.