php session variables dont carry over from login page to home page. I can see the variables being saved in the session files on the web server with the correct values, but the second page doesn't see them. looks like it is openeing a new session every time.
The home page just redirects back to login page even after successful login. I do see that there have been quite a few questions in the forum on this issue. But most of them have the same solution. use session_start().
I've used session_start() on both pages.
My actual plan was to use MySQL db for saving session data. Login page would write session data to DB but the home page wouldnt read it. I'm trying to use local files now to eliminate any issue with the DB or my code for session management using DB. I still have the same issue with local files as well.
login.php
<?php
session_start();
if(isset($_POST['submit'])) {
//sanitize the data
$user = htmlspecialchars (stripslashes (trim ($_POST['user'])));
$password = htmlspecialchars (stripslashes (trim ($_POST['password'])));
$domain = htmlspecialchars (stripslashes (trim ($_POST['domain'])));
//validate user account from LDAP.
//once authorized, assign session variables and redirect to home page.
$_SESSION['accesslevel'] = "III";
$_SESSION['loggedin'] = "true";
$_SESSION['user'] = $user;
$_SESSION['name'] = $name;
header('location:home.php');
?>
`<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Admin Login</title>
<link rel="stylesheet" href="css/login.css">
</head>
<body>
<div class="logincontainer">
<div class="login">
<h1>Login</h1>
<form action="<?php htmlentities(urldecode($_SERVER['PHP_SELF']));?>"
method="post">
<p><b></b><input type="text" name="user" value="" placeholder="ADM_5-
2-1" required autocomplete="off"></p>
<p><b> </b><input type="password" name="password" value=""
placeholder="Password" required autocomplete="off"></p>
<p><select name="domain">
<option value="DOMAIN">DOMAIN</option>
<option value="domain">NANET</option>
<option value="domain">EUNET</option>
<option value="domain">APNET</option>
<option value="domain">JPNET</option>
</select>
</p>
<p class="submit"><input type="submit" name="submit" value="Login">
</p>
</form>
</div>
</div><br>
<div class="error">
<?php //print_r($_POST);?>
<?php //var_dump($_POST);?>
<?php //echo $msg;?>
</div>
</body>
</html>
home.php
<?php
session_start();
if ((!isset($_SESSION['loggedin'])) or ($_SESSION['loggedin'] != true)) {
header ("location: login.php");
}
<<<<html (php uses session variable (name) for user profile menu>>>>>
?>