I have working session variables of username
and password
for login in, but when I try to add another session to show an attempt
at login, it doesn't register. What I have working so far is this:
// other php above where I do a query
session_start();
if ($numrows == 0){
//echo "no users matching that query
";
unset($_SESSION["username"]);
unset($_SESSION["password"]);
header ("location: welcomepage.php");
}
else {
//echo "congradulations, you have loged in
";
$_SESSION["username"] = $usernameSanitized;
$_SESSION["password"] = $passwordHashed;
header ("location: welcomepage.php");
}
?>
and in my welcomepage.php
I have.
<?php
session_start();
if (isset($_SESSION["username"])&&isset($_SESSION["password"])){
echo "hello".$_SESSION["username"]."
";
}
else{
echo "you have not yet logged in";
}
?>
This is fine, but for some reason, where I run into problems is when I try to add another third session to try to mark where user tried to login, called $_SESSION['attempt']
.
In the first part of my code for the login, I add:
// other php above where I do a query
session_start();
$_SESSION["attempt"] = "attempted"; //<----added this line
if ($numrows == 0){
//echo "no users matching that query
";
unset($_SESSION["username"]);
unset($_SESSION["password"]);
header ("location: welcomepage.php");
}
else {
//echo "congradulations, you have loged in
";
$_SESSION["username"] = $usernameSanitized;
$_SESSION["password"] = $passwordHashed;
header ("location: welcomepage.php");
}
?>
And then I add another conditional:
<?php
session_start();
if (isset($_SESSION["username"])&&isset($_SESSION["password"])){
echo "hello".$_SESSION["username"]."
";
}
else if (isset($_SESSION["attempt"])){ // <--- added this condition
echo "login with username and password failed";
unset($_SESSION["attempt"]);
}
else{
echo "you have not yet logged in";
}
?>
But when I enter with a wrong username or password, I'm always directed to "you have not yet logged in"
. What am I missing?
Thanks.