i have done session_start() in my pages

login1.php

<?php
session_start();
ob_start();
?>
<?php
mysql_connect("IP addr","username","password") or die(mysql_error());



mysql_select_db("login") or die(mysql_error());

//if login form is submitted

if(isset($_POST['submit'])) { //if form is submitted

//check whether all the fields are filled or not

if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill all the fields.');
}

//verifies against database
$_POST['username']=md5($_POST['username']);
if(!get_magic_quotes_gpc()) {
$_POST['username']=addslashes($_POST['username']);
}



$check=mysql_query("SELECT * FROM users WHERE username='".$_POST['username']."'") or die(mysql_error());
//gives error if user doesnot exist
//{

$check2=mysql_num_rows($check);

if($check2==0) {
die('User does not exist');
}
while($info=mysql_fetch_array($check))
{


$_POST['pass']=stripslashes($_POST['pass']);


$info['password']=stripslashes($info['password']);
$_POST['pass']=md5($_POST['pass']);


//gives error if password is wrong

if($_POST['pass'] !=$info['password']) {
die('incorrect password,please try again.');
}
else
//if login is ok then direct them to options page
{
$_SESSION['views'] = 1;	
header("Location:option1.php");	
ob_flush();

?>
<!META HTTP-EQUIV="Refresh" CONTENT="0; URL=option1.php">
<?php
}
}
}
else
{
//if they are not logged in

?>

<form action="<?PHP echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="50">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>

option1.php

<?php 
session_start();
ob_start();
if(isset($_SESSION['views']))
$_SESSION['views']=$_SESSION['views']+1;
else
{
//header("Location:message.php"); 
echo "session not set"."</br>";	
print_r($_SESSION);
}
?>

a long code :-)

I don't see anything wrong with the code apart from this line. if(!$_POST['username'] | !$_POST['pass']) { It should have been if(!$_POST['username'] || !$_POST['pass']) { . Thats just a syntax error.

that part is not throwing any errorThe code isn't long ! lol.. it has just 80+ lines. Anyway, Check if its entering the else { $_SESSION['views'] part. If its entering the else part, remove the meta tag and try again..

Edit: And btw, is wrong. What is "!" doing there ?
since i have used header(), so i have commented that syntaxEdit 2: And, you are not printing $_SESSION['views'] in page 2 :)
i had tried doing that but it doesn't print any value.

i a sorry but i am not able to see the modifications?btw i am using php-4.4.4 and apache-1.3.37

php and apache versions doesn't matter. Check the loop, I have added if(1==2) which will always fail. Replace it with your validation part.

sorry to bother you agn naveen, but how is that related to session?

i think its not working for me. even tried out with a simple upload script.
upload_index.php

<?php                                                                                                                                        
session_start();                                                                                                                             
$_SESSION['views']=1;                                                                                                                        
?>                                                                                                                                           
<form enctype="multipart/form-data" action="upload.php" method="POST">                                                                       
Please choose a file: <input name="uploaded" type="file"/><br/>                                                                              
<input type="submit" value="Upload"/>                                                                                                        
</form>

upload.php

<?php
session_start();
if(isset($_SESSION['views']))
{
        echo "Session variable".$_SESSION['views']."</br>";
        echo "session is set"."</br>";
}
else
echo "Session is not set"."</br>";
$target_path="/usr/local/apache/htdocs/upload/";
$target_path=$target_path.basename($_FILES['uploaded']['name']);
 
echo "target path ".$target_path."</br>";
 
$ok=1;
 
$uploaded_size=ini_get('upload_max_filesize');
$post_max=ini_get('post_max_size');
echo "maximum upload_size $uploaded_size and post_max_size $post_max "."</br>";
if($ok==0)
{
        echo "Sorry your file was not uploaded";
}
else
{
        if(move_uploaded_file($_FILES['uploaded']['tmp_name'],$target_path))
        {
                echo "The file ".basename($_FILES['uploaded']['name'])." has been uploaded";
        }
        else
        {
                echo "Sorry, there was a problem uploading your file."."</br>";
                echo "the error is ".$_FILES['uploaded']['error']."</br>";
        }
 
}
 
print_r($_FILES);
 
 
?>

still the same problem

hmm..Your above script should definitely work.. Check your php.ini file for session. Check for these lines and if its commented, uncomment it. session.save_handler = files session.use_cookies = 1 . If this doesn't work, then I can't do much about it.

this lines are not commented. i guess i m having a hard luck with this forum.
can you suggest me of other way so that i can prevent the users from opening the option1.php page without logging.

my php.ini says that session.save_path=/var/lib/php/session.
but there was no php dir . so i created a php dir and session dir and gave 0777 permissions to session dir. now everything is ok.
thanks