so i have a database set up. it has 3 fields. 1 is id, 2nd is uername, and 3rd is password. i already create a one username and password.
in index.php for some reason it always goes inside else statment. and it skips the if part.

-------------------- index.php --------------

<?php
//session_start();
include("connect.php");

//check, if user is loged in or not
if(isset($_session['username']))
{
    //log in(member)
    echo 
    "
     YOU ARE LOGED IN
     <input type='submit' action = 'logout.php'  value='logoff'>
    ";
}
else
{
//not loged in(not member)
echo 
"
YOU ARE NOT LOG IN!
<form name='form' method='post' action='login.php'>
<strong>Member Login </strong><br/>
<p id = 'error'>Print Errors here</p>
Username:<input name='username' type='text' id='username'><br/>
Password: <input name='password' type='password' id='password'><br/>
<input type='submit' value='Login'>
<input type='submit' action='register.php'  value='register'>
</form>
";
}
?>

-----------------------------------login.php-----------------------------------------

<?php
session_start();
include("connect.php");

$post_username = $_POST['username'];
$post_password = $_POST['password'];

if($post_username && $post_password)
{
    if(strlen($post_username) > 20 || strlen($post_password) > 20)
    {
        die("Username or Password character length is too long!");
    }
    else
    {
        //convert password to md5
        $port_password = md5($post_password);

        //query the database
        $login = sprintf("SELECT * FROM user WHERE username='%s' AND password ='%s'", mysql_real_escape_string($post_username),mysql_real_escape_string($post_password));

        $rowcount = mysql_num_rows(mysql_query($login));
        $fieldarray= mysql_fetch_assoc(mysql_query($login));

        $id= $fieldarray['user_id'];

        if($rowcount == 1)
        {       
        //log the user in
        $_SESSION['username'] = $post_username;
        $_SESSION['user_id'] = $id;
        header('Location: index.php');
        //echo $_SESSION['username'].", you hava been logged in! <a href='index.php'>Return</a>";
        }
        else
            die("Incorrect username or password combination!");

    }
}
else
die("Username and password required");
?>

I don't understand the question, so you are able to login, BUT, in index.php it doesn't do the user part (sesson)?

Try this:

<?php
session_start();
include("connect.php");

//check, if user is loged in or not
if(isset($_SESSION[['username']))
{
    //log in(member)
    echo 
    "
     YOU ARE LOGED IN
     <input type='submit' action = 'logout.php'  value='logoff'>
    ";
}
else
{
//not loged in(not member)
echo 
"
YOU ARE NOT LOG IN!
<form name='form' method='post' action='login.php'>
<strong>Member Login </strong><br/>
<p id = 'error'>Print Errors here</p>
Username:<input name='username' type='text' id='username'><br/>
Password: <input name='password' type='password' id='password'><br/>
<input type='submit' value='Login'>
<input type='submit' action='register.php'  value='register'>
</form>
";
}
?>

Also, in your login script, try not setting the session as what is being posted in the form. Because it might not be case sensative; for example if I entered phorce then displaying the username (in the future) will display as lower case even though I registered the username in uppcase. Just saying :)

i tierd putting session_start() in index.php file but it still not working.

for some reason in index.php file it always skips this part. even when i log in it dont go inside this if statment.

> if(isset($_SESSION[['username']))
> {
>     //log in(member)
>     echo 
>     "
>      YOU ARE LOGED IN
>      <input type='submit' action = 'logout.php'  value='logoff'>
>     ";
> }

The problem is in line 6 on the index.php . On that line, you write

if(isset($_session['username']))

instead of

if(isset($_SESSION['username']))

oops:
change the if statement to this:

if(isset($_SESSION['username']))
{
   // handle 
}

If that doesn't work then; just try putting this AFTER session_start() in index.php

var_dump($_SESSION['username']);

And see what the result is. If it's NULL then you know that you're not setting the session right.
I don't know because with some servers, it's how you process the linking; like a site that I was working on a while ago killed the sessions because I didn't handle the linking correctly. Give it a go anyway :)

In case you have Dreamweaver installed, use it's data application toolbar to quickly make a login page. And then you can analyze the code and fix any issue that follows up.

//log in(member)

omg it works :) thanks alot.

Which solution worked?

Please mark this thread and solved and give rep to those who helped :)

$_SESSION

how do i give rep?

Hello - Next to someones name (There is an up arrow or down arrow) :)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.