index.php
<form class="form" id="ex-form" method="post" action="index.php">
<input type="text" placeholder="Email" name="email">
<input type="password" placeholder="Password" name="password">
<button type="submit" id="login-button" name="login">Login</button>
</form>
<?php
session_start();
include 'db/db_connection.php';
if (isset($_POST['login'])) {
$email = $_POST['email'];
$password = $_POST['password'];
if($_POST['email']=="" || $_POST['password']==""){ //To check whether username and password fields are blank
$create_error_message='Blank Email OR Password...';
}else{
$sql="SELECT * FROM user WHERE email='$email' AND password='$password' AND status='1'";
$result=mysqli_query($dbcon,$sql);
$row=mysqli_fetch_array($result);
$_SESSION["status"] =$row['status'];
$_SESSION["user_type_id"] =$row['user_type_id'];
$_SESSION["first_name"] =$row['first_name'];
$count=mysqli_num_rows($result);
if ($count > 0) {
$user = $row['user_id'];
date_default_timezone_set('Asia/Colombo');
$date = date('Y-m-d');
$time = date('h:i:s');
$sql2 = mysqli_query($dbcon,"INSERT INTO `login_sessions` (`date`, `time`, `user_id`) VALUES ('$date', '$time', '$user')")or die(mysql_error());
if ($sql2) {
$_SESSION['user'] = $user;
if ($_SESSION["user_type_id"] == 1){
header("Location: src/system/modules/login/dashboard.php");
//echo "WLCOME ADMIN";
}else if($_SESSION["user_type_id"] == 2){
header("Location: src/system/modules/login/dashboard.php");
//echo "WLCOME Examiner";
}else if($_SESSION["user_type_id"] == 3){
//header("Location: ");
echo "WLCOME Job Seeker";
}else{
//header("Location: ");
}
}//if($sql2)
}//if count end
} //else
} //login
?>
dashboard.php
<?php
session_start();
include '../../db/db_connection.php';
$date = date('Y-m-d');
if(!empty($_SESSION['user'])){
?>
<html>
<body>
<div id="ad">
<?php
$query_user=mysqli_query($dbcon,"SELECT * FROM user WHERE user_id='".$_SESSION['user']."'")or die(mysql_error());
$row_user=mysqli_fetch_array($query_user);
?>
<h3 style="color:#333; margin-left:20px;">Welcome
<?php echo $row_user['first_name']." ". $row_user['last_name']; ?>
</h3><br />
</div><!--ad-->
</body>
</html>
databse table
user
**user_id first_name last_name email password status user_type_id**
1 AAA aaa aa@gmail.com 123 1 1
2 BBB bbb bb@gmail.com 111 0 3
3 CCC ccc cc@gmail.com 111 1 3
4 DDD ddd dd@gmail.com 456 1 2
user_type
user_type_id user_type_name
1 admin
2 examiner
3 jobseeker
In here I have 1 login to all the users. When I login as Admin it will preview the Admin first_name and last_name in dashboard.php I will open next browser tab and login as Examiner. then It will preview the Examiner first_name and last_name in dashboard.php. BUT in the previous tab (login as admin) that was changed the values. It will preview the examiner firstname and last name.
So the both tabs I use login seperately as admin and examiner. but sessions are not working correct. How can I fix this error??