<?php ini_set('display_errors', '0'); session_save_path('/tmp'); session_start(); $_SESSION['logged_in']; //login page is like this require_once 'connection.php'; if($_SERVER['REQUEST_METHOD'] == 'POST'){ $username = trim($_POST['username']); try{ $Query = "SELECT * FROM users WHERE username = :username"; $statement = $conn->prepare($Query); $statement->bindValue(':username', $username); $statement->execute(); $user = $statement->fetch(PDO::FETCH_ASSOC); $RowCount = $statement->rowCount(); } catch (PDOerrorInfo $e){ die('QuerySCD Error '.$e->getMessage()); } if( $RowCount == 0 ){ // User doesn't exist $_SESSION['message'] = "error!"; //header("location: error-login.php"); $message = "Invalid login credentials"; } else{ // User exists if( password_verify($_POST['password'], $user['password'])){ $_SESSION['username'] = $user['username']; $_SESSION['active'] = $user['active']; $_SESSION['logged_in'] = $user['logged_in']; $_SESSION['logged_in'] = true; header("location: studentportal.php?onions=no&pickles=yes"); } else { $_SESSION['message'] = "error!"; //header("location: error-login.php"); $message = "Invalid login credentials"; } } } $conn = NULL; ?> my second page look like this <?php ini_set('display_errors', '0'); session_save_path('/tmp'); if ($_SESSION['logged_in']) { $_SESSION['logged_in'] = true; header('Location: studentportal.php'); $message = 'welcome user'; } else { header('Location: index.php'); } ?>
session_start(); // in top of second page
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)