I'm a bit embarrassed to say, but I've run into issue with creating a PHP based login system. I'm using a site template to handle the looks of the the login process, so I will spare you the code. Here is my thought process on how to handle the login:
Create a simple login.php file. On there will be a form whose action is set to itself. It will check to see if the submit has been clicked, and if so validate to make sure the user entered a valid password / username. If they do, set a session variable save some login info (username, NOT password), and redirect them to a restricted area. If the login info isn't valid, save an error message in a session variable, display error message giving further instruction, and wait for the user to resubmit. Here is a chunk of what I have - hopefully one of you experts can see where I've gone wrong, and give me some insight:
<?php
session_start();
if(isset($_POST['submit'])) {
if(!empty($_POST['username']) AND !empty(!$_POST['password']))
{
header("Location: http://www.google.com");
} else {
$err = 'All the fields must be filled in!';
}
}
if($err) {
$_SESSION['msg']['login-err'] = $err;
}
?>
Now the above is just an example - the intent of the above code is to process user input, with the script validating simply that the user has given input for username and password. If they have, I would like them, in this case, to be redirected to google.com (for the sake of this example). If not, save an error message. Given my current code, the error message will display perfectly, however if the user submits and has something entered for the username and password, the page simply doesn't redirect. I'm sure this is a silly question, but I am a beginner, and well, to be honest, a bit buzzed right now. Thanks so much!