I have a login system which checks for the correct login details like below :
<?php
@session_start();
require_once "connection.php";
$Username=$_POST['uname'];
$Password=$_POST['pass'];
$encrypt_password=md5($Password);
//echo $encrypt_password;
$Username=stripslashes($Username);
$Password=stripslashes($Password);
$Username = mysql_real_escape_string($Username);
$Password = mysql_real_escape_string($Password);
$sql="SELECT * FROM loginlist WHERE username='$Username' and password='$encrypt_password'";
$query=mysql_query($sql) or die(mysql_error());
$Count=mysql_num_rows($query);
if($Count == 1)
{
session_register(myusername);
session_register(mypassword);
$_SESSION['uname']=$Username;
$_SESSION['pass']=$Password;
header("location:controlpanel.php");
}
else
{
echo 'wrong user name or password';
}
?>
if the login details are correct it will transfer to the controlpanel.php, I have the below code at the start of controlpanel.php
@session_start();
if(!isset($_SESSION['uname']))
echo"<script>window.location='thisisthesystem.php';</script>";
else
but every time I try to login (with correct login details) it throws me back to the login page. Please let me know what's going on wrong there :
Thanks in advance.
