All geek questions in one place

PHP Sessions - User Not Saved After Login

I am creating a basic password protected area on my website and I have a login form.

<!-- login.php -->
<?php
session_start();
?>
<?php if(!empty($_SESSION['user'])) { ?>
<form>
    <input type="text" name="username" />
    <input type = "password" name = "password" />
    <input type="submit" value = "login" />
    <input type="hidden" name="token" value="KdasS2wFgw24F7hh" />
</form>
<?php } else { ?>
You are already logged in.
<? } ?>


<!-- dologin.php -->

<?php
$allowed = //sql checking db
if($allowed > 0) {
    $_SESSION['user'] = $row['user_id'];
}
header("Location: login.php");
?>
+3
source share
2 answers

You have lost session_start () at the top dologin.php. This is necessary at the top of each page before starting any exit.

Without session_start();you, you won’t have access to create or update a session variable (in your case $ _SESSION ['user'])

session_start(): http://php.net/manual/en/function.session-start.php

Also, another useful tip:

, header(); exit();. , , login.php , dologin.php

- :

<?php if(!empty($_SESSION['user'])) { ?>

,

<?php if(empty($_SESSION['user'])) { ?> // No `!`

, $_SESSION ['user']

, :

<!-- login.php -->
<?php
session_start();
?>
<?php if(empty($_SESSION['user'])) { ?>
<form>
    <input type="text" name="username" />
    <input type = "password" name = "password" />
    <input type="submit" value = "login" />
    <input type="hidden" name="token" value="KdasS2wFgw24F7hh" />
</form>
<?php } else { ?>
You are already logged in.
<? } ?>


<!-- dologin.php -->

<?php

session_start();

$allowed = //sql checking db
if($allowed > 0) {
    $_SESSION['user'] = $row['user_id'];
}
header("Location: login.php");
exit();
?>
+10

if (!empty($_SESSION['user'])), , , $_SESSION['user'] . " ". , , , .

+1

Source: https://habr.com/ru/post/1753839/

More articles:


All Articles