I'm having some trouble with a user login that suddenly stopped working. I've got a session_start(); at the top of every page that needs it, but the session variables I've declared seem to have just stopped carrying over to the login pages.
I can also disable the redirect and print_r($_SESSION) on the login page, which will print the appropriate variable.
Here's the code for the login page:
<? session_start(); ?>
<?php include($_SERVER["DOCUMENT_ROOT"]."/_/includes/head.php"); ?>
<?php
if (isset($_POST['submitted'])){
$username = $_POST['username'];
$password = $_POST['password'];
function enc($string){
$salt = "2@xp";
$hash = sha1(md5($salt.$string)).md5($string).sha1(md5(md5($string)));
return $hash;
}
$pass = enc($password);
if($username&&$password){
$query=mysql_query("SELECT * FROM `users` WHERE `username`='$username'");
$numrows = mysql_num_rows($query);
if ($numrows!=0){
while ($row = mysql_fetch_assoc($query)){
$dbusername = $row['username'];
$dbpassword = $row['password'];
//check to see if they match
if ($username==$dbusername&&$pass==$dbpassword){
echo ("You're in! <a href='index.php'>Home</a>");
$_SESSION['username'] = $dbusername;
session_register("username");
header("Location: index.php");
}
else echo ("Incorrect Password");
}
}
else header("Location: login.php");
}
else echo ('Login Failed');
}
?>
And here is the code for the page to be redirected to at login:
<?php
session_start();
if ($_SESSION['username']){
echo "<section id='login'><a href='logout.php'>Logout</a></section>";
$user = $_SESSION['username'];
}
else header("Location: login.php");
?>
I get kicked back to the login page every time. Any help would be awesome. Thanks!