what is wrong here:
$('#btnlogin').click(function() {
var uname = $('#inpuname').val().trim();
var pass = $('#inpass').val().trim();
$.post('ad-login-pro.php', {uname, pass}, function(data) {
console.log(data); // result is 1
if (data == 1) {location.href = 'ad-start.php';}
});
});
ad-login-pro.php
$xuname = $_POST['uname'];
$xpass = $_POST['pass'];
$sql = "select status, uname, pass from users where uname = :auname and pass = :apass limit 1";
$st = $db->prepare($sql);
$st->execute([":auname" => $_POST['uname'], ":apass" => $_POST['pass']]);
$row = $st->fetch();
if ($row['uname'] == $xuname && $row['pass'] == $xpass) {
$_SESSION['login'] = 1;
$_SESSION['logstatus'] = $row['status'];
echo $_SESSION['login'];
}
ad-start.php
if (!$_SESSION['login'] == 1) {header('location: ad-login.php');}
This line works, i.e. I'm returning to ad-login.php.
But it shouldn't work because $_SESSION['login'] == 1;
Any idea?
