hello kindly help ,
i have a login.php

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Login Form</title>

<link rel="stylesheet" href="css/loginstyle.css" type="text/css" />
</head>

<body>


<div id="main-form">
    <form name="form1" method="post" action="checklogin.php">
        <input name="username" type="text" id="myusername">
        <input name="password" type="password" id="mypassword">
        <input type="submit" name="Submit" value="Login">
    </form>
</div>
</body>
</html>

checklogin.php

<?php

error_reporting(0);
$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password=""; // Mysql password 
$db_name="weddingprofessionalsdb"; // Database name 
$tbl_name="users"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['username']; 
$mypassword=$_POST['password']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

        $_SESSION['username'] = $row['username']; 
        $_SESSION['logged'] = TRUE; 
        header("Location: index.php"); // Modify to go to the page you would like 
        exit; 
}
else {
echo "<script>alert('Wrong Username or Password.');</script>";

}
?>
<html>
<head>
<meta http-equiv="refresh" content="1;url=login.php">
<link rel="stylesheet" href="css/loginstyle.css" type="text/css" />

<body>
</body>
</head>
</html>

and index.php

<?php 
session_start(); 
if(!$_SESSION['logged']){ 
    header("Location: login.php"); 
    exit; 
} 
echo 'Welcome, '.$_SESSION['username']; 
?>

why is it everytime i login with the correct username and password, i still go back to the login page :( , please help thank you

In checkLogin.php you could try putting:

session_start(); since everywhere you use sessions, should include this.

if(!$_SESSION['logged']){ is always returning false as like phorce said session_start() is not being called. You could also use cookies if you wanted.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.