Well I made a few changes which didn't help overall as the script still doesn't work, but I think I have pinpointed where i've gone wrong...now just to figure out the right way, but at any rate here is my updated code:
index.php:
<?php include("inc/dbconn_open.php") ?>
<?php
$errs = error_reporting ('E_ALL');
if (isset($_POST['UserName'])) {$UserName = $_POST['UserName'];} else {$UserName = '';}
if (isset($_POST['Password'])) {$Password = $_POST['Password'];} else {$Password = '';}
$msg = '';
if (!empty($UserName)) {
$sql = "SELECT * FROM admin WHERE UserName='$UserName' and Password='$Password'";
$result = mysql_query ($sql);
$row = mysql_fetch_object ($result);
If (mysql_num_rows($result) > 0) {
$_SESSION['AdminLogin'] = $row->AdminID;
header ("Location: Main.php");
} else {
$msg = "Invalid Login";
}
}
?>
<HTML>
<HEAD>
<TITLE>Work Order System - Administrative Section</TITLE>
<LINK REL="STYLESHEET" HREF="inc/style.css">
<script language="JavaScript">
<!--
function leftTrim(sString) {
while (sString.substring(0,1) == ' ') {
sString = sString.substring(1, sString.length);
}
return sString;
}
function chkData1(objForm) {
objForm.UserName.value = leftTrim(objForm.UserName.value);
if (objForm.UserName.value.length == 0) {
alert("Please enter your User Name.");
objForm.Email.focus();
return false;
}
objForm.Password.value = leftTrim(objForm.Password.value);
if (objForm.Password.value.length == 0) {
alert("Please enter a your Password.");
objForm.Password.focus();
objForm.Password.select();
return false;
}
return true;
}
//-->
</script>
</HEAD>
<BODY LEFTMARGIN="0" TOPMARGIN="0" MARGINWIDTH="0" MARGINHEIGHT="0">
<TABLE WIDTH="750" BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD> </TD>
</TR>
<TR>
<TD ALIGN="CENTER"><B>Work Order System - Administrative Section</B><BR><BR></TD>
</TR>
<TR>
<TD>
<?php
If (!empty($msg)){
echo "<div class=\"cl_Error\">". $msg ."</div>";
}
?>
<form name="form1" method="post" action="main.php?AdminID=<?php echo $AdminID; ?>" onSubmit="return chkData1(this)">
<TABLE WIDTH="300" BORDER="2" ALIGN="center" CELLPADDING="2" CELLSPACING="0" bordercolor="#000033" bgcolor="#0099CC">
<TR>
<TD HEIGHT="22"><div class="admin_Main">Username:</div></TD>
<TD HEIGHT="22"> <INPUT TYPE="text" NAME="UserName"></TD>
</TR>
<TR>
<TD><div class="admin_Main">Password:</div></TD>
<TD><INPUT TYPE="password" NAME="Password"></TD>
</TR>
<TR>
<TD colspan="2" align="center"><INPUT TYPE="submit" VALUE="Login"> </TD>
</TR>
</TABLE>
</form>
</BODY>
</HTML>
Main.php:
<?php
include("inc/dbconn_open.php");
error_reporting ('E_ALL');
if (empty($_SESSION['AdminLogin']) OR $_SESSION['AdminLogin'] <> 'OK' ){
header ("Location: LogOut.php");
}
if (isset($_SESSION['AdminID']) && !empty($_SESSION['AdminID'])){
$AdminID = $_SESSION['AdminID'];
} else {
header ("Location: LogOut.php");
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Work Order System - Administrative Section</title>
</head>
<frameset cols="200,*" frameborder="NO" border="0" framespacing="0">
<frame src="Menu.php?AdminID=<?php echo $AdminID; ?>" name="leftFrame" scrolling="auto" noresize>
<frame src="Welcome.php?AdminID=<?php echo $AdminID; ?>" name="mainFrame">
</frameset>
<noframes><body>
</body></noframes>
</html>
