All,
This question probably has a very simple answer - something I'm overlooking. But maybe someone can tell me where to look...
I have a PHP page ("index.php") with a very simple login form (e.g., username and password).
When the user clicks the "Submit" button, the form POSTs the values to another PHP page ("login.php"). That page is supposed to confirm the user's credentials, then do the following:
- If the user's credentials are not correct, redirect the user to error.php, along with an error message
- If the user's credentials ARE correct, create a session and set $_SESSION['authenticated'] = true, then redirect him to "loggedin.php"
[UPDATE]
Then, on loggedin.php, I check to see that isset($_SESSION['authenticated']) returns true. If it does, then proceed. If not, redirect the user back to index.php.
However, here's what happens. The FIRST time I fill out the form (with valid creds) and submit it, I can see briefly in the URL bar that the user is sent to login.php, then loggedin.php, but then BACK to index.php.
But, if I re-enter the same credentials and submit the info a SECOND time, everything works exactly as it should.
So, in short, it looks like either login.php is not setting the $_SESSION variable the first time through, or that it is, but for some reason, it's not set when I check it for the first time on loggedin.php
Is there some delay between setting the variable on login.php, and having isset() return true on loggedin.php?
Or, is there something else I'm doing wrong?
Here are the relevant (I think) snippets of code:
In login.php:
session_start();
$_SESSION['authenticated'] = true;
header('Location: http://www.mydomain.com/loggedin.php');
In loggedin.php:
session_start();
$authenticated = $_SESSION['authenticated'];
if (!isset($authenticated)) {
header('Location: http://www.footballpoolz.com/mobile/index.php');
die();
}
Many thanks in advance for any advice or insights!
Cheers, Matt Stuehler