I've been playing with this for awhile and it wont work. I've got a login page and the action is set to a file called "agencylogin.php". That checks the username and pw with the database and if its correct it starts a session and assigns the following and then directs them to "home.php" if its correct and back to the login if its not:
session_register('loggedin');
$loggedin["username"]="$agencylogin";
$loggedin["password"]="$agencypassword";
$loggedin["name"]="$agencyname";
$loggedin["attempt"]="$attempt";
On the login page i had 3 input boxes and a hidden field called "attempt" with a value of "true".
If they use the correct username/password or use the wrong ones it does exactly what its supposed to do. My problem is, what if they don't login and they go straight to the "home.php" ? For some reason its just displaying a blank "home.php" instead of kicking them back to index.php.
Heres the home.php code so far:
<?php
session_start();
$server = "";
$server_user = "";
$server_pass = "";
$server_db = "";
$connection = mysql_connect($server,$server_user,$server_pass) or die ("Couldn't make database connection.");
$db = mysql_select_db($server_db,$connection) or die ("Couldn't connect to database '$server_db'.");
$sqlINFO = $loggedin["name"];
$check = "SELECT * FROM users WHERE agency='$sqlINFO'";
$sql_result = mysql_query($check,$connection) or die ("Couldn't execute 'select' query.");
if($loggedin["attempt"]="true")
{
while($row=mysql_fetch_array($sql_result))
{
if (($loggedin["username"] == $row['username']) && ((md5($loggedin["password"])) == $row['password']) && ($loggedin["name"]==$row['agency']))
{
echo "hi";
}
}
}
else
{
session_destroy();
header('location: index.php?status=1');
}
?>
