The page that has the following code will only redirect:
Here is the code I am trying to include at the top of other pages that I want to check S_SESSION before allowing access:
<?php
session_start();
include ('connect_SQL_DB.php');
include('header.html');
if(!isset($_SESSION['login']) || (trim($_SESSION['login'])=='')) {
header('location:login_redirect.php');
exit();
}
?>
Here js my code for the login page:
<?php
session_start();
include ('connect_SQL_DB.php');
include('header.html');
print '<h2>Login Form</h2>
<p>Users who are logged in can view and make changes to the website.</p>';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ( (!empty($_POST['email'])) && (!empty($_POST['password'])) ) {
$query=mysql_query("SELECT * FROM account WHERE email= '"
. $_POST['email'] . "'
AND password= '" . $_POST['password'] . "'
AND enabled='1'") or die (mysql_error());
$check = mysql_num_rows($query);
if ($check > 0) {
$row = mysql_fetch_array($query, MYSQL_ASSOC);
$user = array(
'userid' => $row['userid'],
'email' => $row['email'],
'accesslevel' => $row['accesslevel'],
'password' => md5 ($row['password']),
'enabled' => $row['enabled'],
);
//Session
session_start();
$_SESSION['login'][] = $user;
header('location:message.php');
ob_end_clean();
exit();
} else {
header('location:login_redirect.php');
}
} else {
print '<p>Please make sure you enter both an email address and a password!<br />Go
back and try again.</p>';
}
} else {
print '<form action="login.php" method="post">
<p>Email Address: <input type="text" name="email" size="20" /></p>
<p>Password: <input type="password" name="password" size="20" /></p>
<p><input type="submit" name="submit" value="Log In!" /></p>
</form>';
}
include('footer.html');
?>
