Member Avatar for Smartflight

File structure:

/index.php
/source/header.php
/manager/login.php
/manager/scripts/auth.php

login.php:

<?php require ("../source/header.php"); ?>

        <?php if ($_SESSION['check'] == 2) { unset($_SESSION['check']); echo "<p>Incorrect! Please try again.</p>"; } ?>

        <form action="scripts/auth.php" method="post" name="login-form">

            <label>Table ID</label> <br /> <input type="text" size="20" id="ID" name="ID">

            <br /><br />

            <label>Password</label> <br /> <input type="password" size="20" id="pass" name="pass">

            <br />

            <input type="submit" value="Login" id="login" name="login">

        </form>


</body>
</html>

auth.php:

<?php

    //Function to compare account details
    -code removed-

    //Store user's credentials from form
    -code removed-

    //Salt+hash them
    -code removed-

    //Connect to DB
    -code removed-

    //Fetch details from index table
    -code removed-

    //Compare two passwords
    $valid = compareDetails($userPassHash, $tablePass);

    if ($valid == 1) {
        //Create session variable
        $_SESSION['check'] = 1;
        //send to home page
        -code removed-

    }

    else {
        //Incorrect details entered
        $_SESSION['check'] = 2;
        //refresh the page
        -code removed-
    }
?>

index.php:

<?php require ("source/header.php"); ?>

    <?php echo session_id() . ' ' . $_SESSION['check']; ?>

</body>
</html>

So I have tried to make this work a lot. I have no idea why it isn't working. I'm pretty sure the authentication process is working because I am directed to login.php or index.php depending on the details entered - correct or incorrect. That also means session variables must be set before being redirected.

However, on correct login, after being redirected to index.php, the session variable 'check' shows nothing - it's blank.

On incorrect login, login.php is reloaded and doesn't show the 'try again' message like it should.

On the same server, I tried a simple expirement and session variables loaded fine accross two pages, which tells me I'm doing something wrong in my code. I've spent days on this but can't find what's wrong. Any help?

Recommended Answers

All 3 Replies

Looks like auth.php is missing the session_start()

commented: Perfect! +0
Member Avatar for Smartflight

Snap! You're right. Always thought it was something very small that was missing or wrong. Thanks a lot! :D

For some reason, I thought the script wouldn't need the session_start() function since it was started on the page that had the form. I was wrong, then.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.