i have a login for like the following:
<form action="authenticate.php" method="post">
<label for="username">
<i class="fas fa-user"></i>
</label>
<input type="text" name="username" placeholder="Username" id="username" required>
<label for="password">
<i class="fas fa-lock"></i>
</label>
<input type="password" name="password" placeholder="Password" id="password" required>
<input type="submit" value="Login">
</form>
below is my authenticate.php
<?php
session_start();
include('config.php');
if ( mysqli_connect_errno() ) {
die ('Failed to connect to MySQL: ' . mysqli_connect_error());
}
if ( !isset($_POST['username'], $_POST['password']) ) {
die ('Please fill both the username and password field!');
}
if ($stmt = $link->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
$stmt->bind_param('s', $_POST['username']);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
$stmt->bind_result($id, $password);
$stmt->fetch();
if (password_verify($_POST['password'], $password)) {
$_SESSION['loggedin'] = TRUE;
$_SESSION['name'] = $_POST['username'];
$_SESSION['id'] = $id;
header('Location: index.php');
exit();
} else {
echo 'Incorrect password!';
}
} else {
echo 'Incorrect username!';
}
$stmt->close();
}
i have used the following php code on every header so that the user is redirected if not logged in
<?php
// We need to use sessions, so you should always start sessions using the below code.
session_start();
include('config.php');
// If the user is not logged in redirect to the login page...
if (!isset($_SESSION['loggedin'])) {
header('Location: login.php');
exit();
}
?>
everything is working fine on my localhost, now i uploaded it to server, live the problem is even when i login i am again redirected to login page. here is my website for reference: enter link description here can anyone tell me what could be the problem with my code?
</div>