0

I have one login form when user give username and password it leads to login.php file

session_start();
if ( isset( $_POST['username'], $_POST['password'] ) ) {  
    $user   = $_POST['username'] ;
    $pass   = $_POST['password'] ;
    $query  = " MY QUERY "; 
    $result = mysql_query($query) or die('SQL ERROR:'.mysql_error()); 
    $row    = mysql_fetch_assoc($result);   
    if ($row) {         
        echo "query successfull wrote to DB";       
        unset($_SESSION);
        $userName = $row['firstname'].' '.$row['lastname'];
        $_SESSION['userNameSession'] = $userName;
        $_SESSION['loginStatus']     = '1';
        header('location:admin/admin.php');
    }else{
        echo "unscccessful login";
        header('location:index.php');
    }
}

When I Try to print the session by print_r($_SESSION) from this file.. it shows the session and its variable with values

Array ( [userNameSession] => full name [loginStatus] => 1 )

In my admin/admin.php (opens when successful login) wrote

    session_start();
    print_r($_SESSION);exit;

if try to print the session by print_r($_SESSION) it shows empty array as Array()

Please help.

Improve this question
10
  • Your else{} clause is gonna throw a error, you cannot echo any data out before a header(). Commented Sep 29, 2015 at 10:56
  • @Epodax thank you for your fast replay.. can u show how can i make it correct? Commented Sep 29, 2015 at 10:57
  • Remove the echo "unscccessful login"; line Commented Sep 29, 2015 at 10:57
  • @Epodax I have removed the echo but result still same..not getting session variable in next page Commented Sep 29, 2015 at 10:59
  • 1
    Actually in both paths of the if-statement the headers are already sent before reaching the header(). Commented Sep 29, 2015 at 10:59

2 Answers 2

Reset to default
3

Why do you make an unset($_SESSION)? This may cause the session variable is deleted but the session still exists.

If you want to clean $_SESSION['LoginStatus'] and $_SESSION['userNameSession'], better clean one by one (although this is not necessary because you'll rewrite its value later):

unset($_SESSION['LoginStatus']);
unset($_SESSION['userNameSession']);

The code must be like this:

session_start();
if ( !empty($_POST['username']) && !empty($_POST['password']) ) {  
    $user   = $_POST['username'] ;
    $pass   = $_POST['password'] ;
    $query  = " YOUR QUERY "; 
    $result = mysql_query($query) or die('SQL ERROR:'.mysql_error());   
    if (mysql_num_rows($result) > 0) {        
        //DELETE prints BEFORE header()!! -> echo "query successfull wrote to DB"; 
        $row = mysql_fetch_assoc($result);

        unset($_SESSION['userNameSession']);
        unset($_SESSION['loginStatus']);

        $userName = $row['firstname'].' '.$row['lastname'];

        $_SESSION['userNameSession'] = $userName;
        $_SESSION['loginStatus']     = '1';

        header('location:admin/admin.php');
    }else{
        //DELETE prints BEFORE header()!! -> echo "unscccessful login";
        header('location:index.php');
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Wowww... Thats the problem is..... Now its correct.. I dint think of it. Thanks ypu soooo much...
1

One important thing that you must notice:

Don't echo before header. I think your code should be like this:

session_start();
if ( isset( $_POST['username'], $_POST['password'] ) ) {  
    $user   = $_POST['username'] ;
    $pass   = $_POST['password'] ;
    $query  = " MY QUERY "; 
    $result = mysql_query($query) or die('SQL ERROR:'.mysql_error()); 
    $row    = mysql_fetch_assoc($result);   
    if ($row) {       
        unset($_SESSION);
        $userName = $row['firstname'].' '.$row['lastname'];
        $_SESSION['userNameSession'] = $userName;
        $_SESSION['loginStatus']     = '1';
        header('location:admin/admin.php');
    }else{
        header('location:index.php');
    }
}

Hope this helps.

Improve this answer

2 Comments

This will happen only if condition is false. How about the true part of the code.
@SajithaNilan No, it will happen on both conditions in op's code.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.