i have a problem with my code when i add this
Login.php
<?PHP session_start();
$_SESSION['email'] = $_POST['email'];
?>
<?php echo '<script>window.location = "http://somepage.com/"</script>'; ?>
my login page allows any password to log in, it displays the correct email address in my home page. but when i delete the code above and type any password it will not let me log in i have to use the correct password. why would this happen? i really need the code above to work because that allows me to log in to restricted pages this is what i use in restricted pages like profile.php
resctricted pages like profile.php
<?PHP
session_start();
if(!$_SESSION['email']){
header("Location: login");
die;
}
?>
<?PHP session_start();
$_SESSION['email'] = $_POST['email']; ?>
<?php echo '<script>window.location = "http://torcdesign.com/"</script>'; ?>
<?php
require_once("configur.php");
$mysqli = new mysqli(localhost, root, password, dbname);
# check connection
if ($mysqli->connect_errno) {
echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
exit();
}
$email=$_POST['email'];
$encrypt_password = $_POST['encrypt_password'];
$encrypt_password = hash("sha512",$encrypt_password);
$sql = "SELECT * from register_login WHERE email='$email' and encrypt_password='$encrypt_password'";
$result = $mysqli->query($sql);
if (!$result->num_rows == 1) {
echo "<p>Invalid username/password combination</p>";
} else {
echo "<p>Logged in successfully</p>";
// do stuffs
}
?>
</div>