I am currently learning how to make a login system using PHP. Everything seemed easy at first - I had the input data set as $_SESSION
variables and then starting the session on the next page I open. However, as I refresh the page the session is still working but the variable data has been dropped and are unrecognized.
Here is my php which sets the variables:
<?php
include ("connection.php"); //connects to the database.
if(isset($_POST['login']))
{
$user_name = $_POST['EMAIL'];
$password = $_POST['PASSWORD'];
// echo $user_name, " AND ", $password, "<br>";
$q = "SELECT * FROM ".$table." WHERE EMAIL='".$user_name."' AND PASSWORD= '".$password."' AND IS_ADMIN= 'YES';";
// echo "<br>",$q,"<br>";
$r = mysqli_query($conn, $q);
if(mysqli_num_rows($r) > 0)
{
if(session_id() == '' || !isset($_SESSION))
{
// session isn't started
session_start();
echo "<br>GREAT SUCCESS!!!<br>";
$_SESSION["SESSION_EMAIL"]= $user_name;
$_SESSION["SESSION_PASSWORD"]= $password;
echo $_SESSION["SESSION_EMAIL"], " ", $_SESSION["SESSION_PASSWORD"];
header("Refresh:0; url=\website2.php");
}
}
else echo "<br>FAIL!!!<br>";
}
?>
Here is the bit I use to check what happens on the next page:
<?php
session_start();
if (session_status() == PHP_SESSION_ACTIVE)
{
echo 'Session is active <br>';
} else echo"session is ded";
echo $_SESSION["SESSION_EMAIL"]; // it prints out an error if it screws up here
?>