I am trying to do a very simple login form and register a session in order to validate the user on a particular section of my web site.
The form
<form method="post" action="home.php">
Username:<input type="text" name="un"><br>
Password:<input type="text" name="pw"><br>
<input type="submit" name="Submit" value="Submit">
</form>
The first line of home.php includes "lichk.php" which checks for a SESSION. If there is no session, it checks the username and password to see if they are valid. If they are, then it starts a session and registers it as user.
lichk.php
// IF SESSION REGISTERED, VALIDATE USER
if (session_is_registered("user")){
$liparts = array();
$liparts = explode("||",$_SESSION['user']);
if ($un!= $liparts[0] || $pw != $liparts[1]){
header('Location: index.php?failed_ses_badli');
}
// IF SESSION IS NOT REGISTERED, CHECK LOGIN
}else{
// FORM HAS NOT BEEN SUBMITTED
if (!isset($_POST['un'])){
header('Location: index.php?failed_noses_noun');
// FORM SUBMITTED, TEST LOGIN
}else{
if ($un == $_POST['un'] && $pw== $_POST['pw']){
session_start();
$_SESSION['user'] = "valid||user";
}else{
header('Location: index.php?failed_noses_badli');
}
}
}
I then created test2.php and included lichk.php on the first line. A link to test2.php appears on home.php. Here is what happens.
- I fill out the form.
- On home.php, the included lichk.php indicates that no session is registered so it checks the login info and starts the session.
- I click the link to test2.php.
- On test2.php, lichk.php (which is included on the first line) does not recognize that a session is registered.
What am I doing wrong?
