I'm using the following script I found online:
// Check for a cookie, if none got to login page
if(!isset($HTTP_COOKIE_VARS['session_id'])) {
header('Location: login.php?refer='.urlencode($PHP_SELF.'?'.$HTTP_SERVER_VARS['QUERY_STRING']));
}
// Try to find a match in the database
$sGUID = $HTTP_COOKIE_VARS['session_id'];
$hDB = mysql_connect('localhost', 'tourists_devuser', 'aaliyah');
mysql_select_db('database', $hDB);
$sQuery = "SELECT client_id FROM clients Where sGUID = '$sGUID'";
$hResult = mysql_query($sQuery, $hDB);
if(!mysql_affected_rows($hDB)) {
// No match for guid
header('Location: login.php?refer='.urlencode($PHP_SELF.'?'.$HTTP_SERVER_VARS['QUERY_STRING']));
}
else
//Everything ok, so go to client admin page.
header('Location: clientadmin.php');
It seems to work when the last header is removed. It'll run the login script. But when the header is put back in, the script runs that instead even when nothing else has been changed and no cookies exist on the computer (and when it's removed again, the script goes back to loading the login script).
Am I missing something obvious here?😕
