here is the logincheck page which is modified according to what nogdog says:
<?php
error_reporting(E_ALL & ~ E_NOTICE);
session_start();
include ('dbconnect.php');
if(isset($POST['username']) and isset($POST['password']))
{
session_regenerate_id();
$vusertype = $POST['usertype'];
$vusername = $POST['username'];
$vpassword = $POST['password'];
$verror = 'Login attempt was unsuccessful';
$sql = "SELECT * FROM user WHERE username='$vusername' AND password='$vpassword'";
$result = mysqli_query($conn, $sql) or die('error query');
$rows = mysqli_num_rows($result);
if($rows == 1)
{
$SESSION['id'] = session_id();
$sessid = $SESSION['id'];
$SESSION['username'] = $vusername;
$SESSION['password'] = $vpassword;
$SESSION['logged_in'] == true;
session_write_close();
header("Location: http://localhost/main.php?rand=$sessid");
exit;
}
else
{
$SESSION = array();
$SESSION['error'] = $verror;
session_write_close();
header("Location: http://localhost/index.php");
exit;
}
}
the seperate login page which is in the diffirent folder:
?php
error_reporting(E_ALL & ~E_NOTICE);
session_start();
$error = $_SESSION['error'];
?>
<html>
<head>
</head>
<body bgcolor="#E8EEEB">
<td width="316" class="font"><font color="#FF0000" ><?php echo ($error) ;?></font></td>
form action="userlogincheck.php" method="post" enctype="multipart/form-data" name="Login">
<td colspan="3"><font class="font-title">Welcome</font></td>
</tr>
<tr>
<td width="83"><font class="font-login">Username: </font></td>
<td width="165"><label>
<input class="login" type="text" name="username" />
</label></td>
<td> </td>
</tr>
<tr>
<td height="23"><font class="font-login">Password:</font></td>
<td><input class="login" type="password" name="password" /></td>
<td><input class="button-login" name="Submit" type="submit" id="Submit" value="Sign In" />
<input class="button-login" name="Cancel" onClick="action='index.php'" type="submit" id="Cancel" value="Cancel" />
?>
and the main.php page which is also in the different folder:
<?php
error_reporting(E_ALL & ~E_NOTICE);
session_start();
$sessid = $GET['rand'];
$username = $SESSION['username'];
?>
<html>
<head>
</head>
<body style="overflow:hidden" bgcolor="#E8EEEB">
<table width="1000" border="0" cellpadding="0" cellspacing="4"><tr><td></td></tr></table>
<table background="../images/background.jpg"align="center" width="1000" border="0" cellpadding="0" cellspacing="0">
<tr>
<td colspan="2" height="74"><p> </p>
<p>
<font color="#FFFFFF" size="-1"><?php echo 'Welcome '. $username; ?> </font></p>
</td>
</tr>
</table>
thank you for your reply.