views:

183

answers:

2

when user clicks on login button(index.php) I am calling chechlogin.php where I am checking loginId an password as-

if($count==1)
{
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
$_SESSION['UserId'] = $myusername;
$_session['SessionId'] = session_id();
header("location:LoggedUser.php");
}

in LiggedUser.php

<?php session_start();  //starting session

if (!isset($_SESSION['SessionId']) || $_SESSION['SessionId'] == '') { header("location:index.php"); } ?>

Problem: It is always going back to index.php page although I am entering right userid and password.I think session_id() is not working properly or ??

+4  A: 

change $_session to $_SESSION.

btw session_register is deprecated and shouldn't be used. See session-register manual for details.

btw #2. You don't need to store sessionId in the $_SESSION, UserId is enough. So you code could look like:

login.php

if ($count == 1) {
    $_SESSION['UserId'] = $myusername;
    header ("location: LoggedUser.php");
    exit;
}

loggeduser.php

if (empty ($_SESSION['UserId'])) {
    header ("location:login.php");
    exit;
}

// user is logged 

EDIT: Exit added as Emil suggested.

Piotr Pankowski
I need sessionId so what should I do?
nectar
session_id() will return the same ID for every page as long as it is the same session.
Emil Vikström
I am storing the session id in database thats why I need that, I think in every page I am calling session_start()...thats why session_id() is not working, is it??
nectar
You have to use session_start() on every page. SessionID is stored in user cookie so ID is the same on every page unless browser is closed.
Piotr Pankowski
+1  A: 

Consider calling exit; after each header('Location: ...') call. Otherwise PHP will continue parsing the rest of the code, which may cause unpredictable errors.

header("Location: LoggedUser.php");
exit;
Emil Vikström