I'm making a simple login script in PHP. Its working fine on my XAMPP localhost but I can not run it on CPANEL. The scarier part is it does not give me any error instead the login form page reload every time I submit.
THE FORM:
<div class="panel-body">
<form role="form" method="post" action="<?php $_PHP_SELF ?>">
<div class="form-group">
<div class="input-group"> <span class="input-group-addon"><span class="glyphicon glyphicon-user"></span></span>
<input type="text" class="form-control" id="exampleInputEmail1" name="name" placeholder="Admin ID" required>
</div>
</div>
<div class="form-group">
<div class="input-group"> <span class="input-group-addon"><span class="glyphicon glyphicon-star"></span></span>
<input type="password" class="form-control" id="exampleInputPassword" name="password" placeholder="Password" required>
</div>
</div>
<hr/>
<!-- <button type="button" class="btn btn-success"><span class="glyphicon glyphicon-arrow-left"></span> Back</button>-->
<button type="submit" class="btn btn-warning" name="admin_login"><span class="glyphicon glyphicon-log-in"></span> Sign In</button>
<p><br/>
</p>
THE SCRIPT on the same php file:
<?php
include "sessionforadmin.php";
include "connection.php";
if(isset($_POST["admin_login"])){
if(!empty($_POST['name']) && !empty($_POST['password'])) {
$user=$_POST['name'];
$pass=$_POST['password'];
$user = mysql_real_escape_string($user);
$pass= md5( mysql_real_escape_string($pass));
$query=mysql_query("SELECT * FROM admin WHERE admin_name='".$user."' AND password='".$pass."'");
$numrows=mysql_num_rows($query);
if($numrows!=0)
{
while($row=mysql_fetch_assoc($query))
{
$dbusername=$row['admin_name'];
$dbpassword=$row['password'];
}
if($user == $dbusername && $pass == $dbpassword)
{
user_login( $user );
/* Redirect browser */
header("Location: home.php");
}
} else {
?>
<script>
alert("Invalid username or password!");
document.location.href='index.php';
</script>
<?php
}
} else { ?>
<script>
alert("All Field are required!");
document.location.href='index.php';
</script>
<?php
}
}
?>
EDIT :
The Error that I receive on doing error_reporting is:
Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/exploitb/public_html/badminpanel/index.php:29) in /home/exploitb/public_html/badminpanel/sessionforadmin.php on line 2 Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/exploitb/public_html/badminpanel/index.php:29) in /home/exploitb/public_html/badminpanel/sessionforadmin.php on line 2 Warning: mysqli_select_db() expects exactly 2 parameters, 1 given in /home/exploitb/public_html/badminpanel/connection.php on line 8
Where am I wrong here??