0

File structure:

/index.php
/source/header.php
/manager/login.php
/manager/scripts/auth.php

login.php:

<?php require ("../source/header.php"); ?>

        <?php if ($_SESSION['check'] == 2) { unset($_SESSION['check']); echo "<p>Incorrect! Please try again.</p>"; } ?>

        <form action="scripts/auth.php" method="post" name="login-form">

            <label>Table ID</label> <br /> <input type="text" size="20" id="ID" name="ID">

            <br /><br />

            <label>Password</label> <br /> <input type="password" size="20" id="pass" name="pass">

            <br />

            <input type="submit" value="Login" id="login" name="login">

        </form>


</body>
</html>

auth.php:

<?php

    //Function to compare account details
    -code removed-

    //Store user's credentials from form
    -code removed-

    //Salt+hash them
    -code removed-

    //Connect to DB
    -code removed-

    //Fetch details from index table
    -code removed-

    //Compare two passwords
    $valid = compareDetails($userPassHash, $tablePass);

    if ($valid == 1) {
        //Create session variable
        $_SESSION['check'] = 1;
        //send to home page
        -code removed-

    }

    else {
        //Incorrect details entered
        $_SESSION['check'] = 2;
        //refresh the page
        -code removed-
    }
?>

index.php:

<?php require ("source/header.php"); ?>

    <?php echo session_id() . ' ' . $_SESSION['check']; ?>

</body>
</html>

So I have tried to make this work a lot. I have no idea why it isn't working. I'm pretty sure the authentication process is working because I am directed to login.php or index.php depending on the details entered - correct or incorrect. That also means session variables must be set before being redirected.

However, on correct login, after being redirected to index.php, the session variable 'check' shows nothing - it's blank.

On incorrect login, login.php is reloaded and doesn't show the 'try again' message like it should.

On the same server, I tried a simple expirement and session variables loaded fine accross two pages, which tells me I'm doing something wrong in my code. I've spent days on this but can't find what's wrong. Any help?

2
Contributors
3
Replies
13
Views
4 Years
Discussion Span
Last Post by Smartflight
0

Snap! You're right. Always thought it was something very small that was missing or wrong. Thanks a lot! :D

For some reason, I thought the script wouldn't need the session_start() function since it was started on the page that had the form. I was wrong, then.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.