Hi there.
I am trying to use sessions to do a login (what a co-inky-dink). So I have them login, the values are submitted via a form post to my login script. That script then verifies the information, and redirects back to my admin page.
I log in successfully so I know everything is ok. For some odd reason, every once in a while it won't log me in. It will return me to the login form.
Now the login form and the admin area are on the same page. What makes the difference is whether a session variable:
$_SESSION['login'] is set. If it is set to 'true' then they have logged in and they can see the admin area. If it isn't set or is set to '' then they can't see the admin area, and are shown a login form.
Protected Pages
<?php
session_start();
if($_SESSION['login'] != 'true' || !isset($_SESSION['login']) ){
// display login form
}
else{
// display admin area
}
?>
Login.php
<?php
// Grab username and Password
// Match against database values
else if($password == $dbPass){
session_start();
session_register('user');
session_register('login');
$_SESSION['user'] = $display['fName']." ".$display['lName'];
$_SESSION['login'] = 'true';
$header = '<meta http-equiv="REFRESH" content="5; URL=http://www.winfieldvfd.org/admin/index.php" />'; // $header is a variable which is put in the <head> tags of HTML. Allows me to refresh page w/out using header(Location: www)
?>
Logout.php
$_SESSION['login'] = '';
$_SESSION['user'] = '';
session_unregister('login');
session_unregister('user');
session_destroy();
Any help you guys can give me would be great.
Thanks in advance.
~Brett
