I Created two page. One for admin and for one user. But have there separate access on login. I wanted to give access to admin on the user page. I am not able to find the solution for that.
Now if I login in as admin and try to access the user page it will redirect me to the login page and the same case is for the user. That part is fine.
In my login form I check the role for the user and depending on that role I redirect them to their respective pages. In the admin and user page I check the role first of the user and if it is not the same it redirects them to the login page.
Now what I tried was in the user_page.php I added two roles user and administrator to check whether the login user is administrator or the user. But that part I am not able to figure out.
<?php
ob_start();
session_start();
include("db.php");
?>
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title></title>
<style type="text/css">
.box {
border: #666666 solid 1px;
}
label {
font-weight: bold;
width: 100px;
font-size: 12px;
}
</style>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js"></script>
</head>
<body bgcolor="#FFFFFF">
<div align="center">
<div style="width:350px; border: solid 2px #333333; " align="left">
<div style="background-color:#333333; color:#FFFFFF; padding:4px;"><b>Login</b></div>
<div style="margin:25px">
<form method="post" action="">
<?php
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$myusername1=mysqli_real_escape_string($con,$_POST['username']);
$mypassword1=mysqli_real_escape_string($con,$_POST['password']);
$mypassword=MD5($mypassword1);
$sql="SELECT * FROM finforex_users WHERE username='$myusername1' and password='$mypassword1'";
$result=mysqli_query($con,$sql);
$row=mysqli_fetch_array($result);
$_SESSION['userid']=$row['userid'];
$_SESSION['role']=$row['role'];
$count=mysqli_num_rows($result);
if($count==1)
{
if ($row['role']=="administrator")
{
header ("location: admin_page.php");
}
else if ($row['role']=="user")
{
$_SESSION['role']=$row['role'];
header ("location: user_page.php");
}
}
else
{
$error="Your Login Name or Password is invalid";
}
}
?>
<label>UserName :</label><input type="text" name="username" class="box" /><br /><br />
<label>Password :</label><br/><input type="password" name="password" class="box" /><br/><br />
<input type="submit" value=" Submit " /><br />
</form>
<div style="font-size:11px; color:red; margin-top:100px">
<?php
$error;
?>
</div>
</div>
</div>
</div>
</body>
</html>
<?php
ob_start();
session_start();
include 'db.php';
if(isset($_SESSION['role'])=='administrator')
{
$query1= mysqli_query($con,"SELECT * FROM `finforex_users` WHERE `userid`='".$_SESSION['userid']."' AND `role`='administrator' ");
$arr1 = mysqli_fetch_array($query1);
$num1 = mysqli_num_rows($query1);
if($num1==1)
{
?>
<html>
<head>
<style>
body{
width:80%;
margin: 0 auto;
padding: 0;
font-family: 'Open Sans', Tahoma, Arial, helvetica, sans-serif;
}
</style>
</head>
<body>
<br>
<h1 style="font-weight: 400;">Set Margins- Administrator</h1>
<div style="float:right;">Logout</div>
page 2
<?php
}
else
{
header ("location:login.php");
}
}
else
header ("location:login.php");
?>
</body>
</html>
<?php
session_start();
include 'db.php';
if(isset($_SESSION['role'])=='user')
{
$query= mysqli_query($con,"SELECT * FROM `finforex_users` WHERE `userid`='".$_SESSION['userid']."' AND `role`='user' ");
$arr = mysqli_fetch_array($query);
$num = mysqli_num_rows($query);
if($num==1)
{
?>
<style>
{
width:80%;
margin: 0 auto;
padding: 0;
font-family: 'Open Sans', Tahoma, Arial, helvetica, sans-serif;
}
</style>
<body>
<h1 style="font-weight: 400;">Welcome User</h1>
<div style="float:right;">Logout</div>
<?php
}
else
{
header ("location:login.php");
}
}
else
header ("location:login.php");
?>
</body>
Set the role condition like
if(isset($_SESSION['role'])=='user' || isset($_SESSION['role'])=='administrator'){
// User Page
// ....code ....
}
Related
Sorry for asking this since I am fairly new to PHP, but I am trying to create a login system wherein a user logs in to enter a homepage. The login page sets cookies for the username and password if the user checks the Remember me checkbox regardless if login is successful or not. If login is successful, it starts a session. While there is an active session, the user cannot access the login page unless they log out. If login is not successful, it will redirect back to the login page. My problem here is that the cookies are not set regardless if the login is successful or not. But if I remove the if isset($_SESSION) statement, it successfully sets the cookies. Below is my code:
login.php:
<?php
session_start();
if(isset($_POST["login"]))
{
$remember = $_POST["remember"];
if($remember == 1)
{
setcookie("username", $_POST["uname"], time()+86400);
setcookie("password", $_POST["pwd"], time()+86400);
}
if(isset($_SESSION['uname']))
{
echo"<script>alert('Already logged in.')</script>";
echo"<script>location.href = 'home.php'</script>";
}
}
?>
<html>
<head>
<title>Login</title>
<style>
body
{
background-color: DimGray;
}
table
{
font-family: Calibri;
color:white;
font-size: 14pt;
font-style: normal;
font-weight: bold;
text-align: left;
background-color: DimGray;
border-collapse: collapse;
border: 2px solid white
}
table.inner
{
border: 0px
}
.my_text
{
text-align: center;
font-family: Helvetica;
color:white;
font-size: 40px;
font-weight: bold;
margin: 50px;
}
</style>
</head>
<body>
<div class = my_text> Login Page</div>
<table align="center" cellpadding = "10">
<!----- Userame ---------------------------------------------------------->
<form method="post" action="home.php">
<tr>
<td>Username: </td>
<td><input type="text" name="uname" value = "<?php if(isset($_COOKIE["username"])) echo $_COOKIE["username"]?>"/>
</td>
</tr>
<!----- Password ---------------------------------------------------------->
<tr>
<td>Password: </td>
<td><input type="text" name="pwd" value = "<?php if(isset($_COOKIE["password"])) echo $_COOKIE["password"]?>"/>
</td>
</tr>
<!----- Remember me ------------------------------------------------->
<tr>
<td>Remember Me </td>
<td><input type="checkbox" name="remember" value = "1"/>
</td>
</tr>
<!----- Submit ------------------------------------------------->
<tr>
<td colspan="2" align="center">
<input type="submit" value="Login" name="login">
</td>
</tr>
</table>
</form>
<br>
<br>
</body>
</html>
home.php:
<?php
$uname = "admin";
$pwd = "12345";
session_start();
if(isset($_SESSION['uname']))
{
echo"<table align='center' cellpadding = '10'>";
echo"<tr><td>Welcome " . $_SESSION['uname'] . "</td></tr>";
echo"<tr align = 'center'><td><a href = 'logout.php'><input type = button value = logout name logout></a></td></tr>";
}
else
{
if($_POST["uname"] == $uname && $_POST["pwd"] == $pwd)
{
$_SESSION["uname"] = $uname;
echo"<script>location.href = 'home.php'</script>";
}
else
{
echo"<script>alert('Username or Password is incorrect.')</script>";
echo"<script>location.href = 'login.php'</script>";
}
}
?>
<html>
<head>
<title>Home</title>
<style>
body
{
background-color: DimGray;
}
table
{
font-family: Calibri;
color:white;
font-size: 30pt;
font-style: normal;
font-weight: bold;
text-align: left;
background-color: DimGray;
border-collapse: collapse;
border: 2px solid white
}
table.inner
{
border: 0px
}
.my_text
{
text-align: center;
font-family: Helvetica;
color:white;
font-size: 40px;
font-weight: bold;
margin: 50px;
}
</style>
</head>
<body>
<div class = my_text> Home Page</div>
</body>
</html>
logout.php:
<?php
session_start();
if(isset($_SESSION['uname']))
{
session_destroy();
echo"<script>location.href = 'login.php'</script>";
}
else
{
echo"<script>location.href = 'login.php'</script>";
}
?>
I moved a login php script from a pretty old server to a newer server. All settings and chmods are put the same but the php script does not work on the newer server. When entering the correct login and password it does not go to main.php but stays on the index.php login page and adds this message "Invalid Username or Password!'; } } ?>".
I am a programming noob but perhaps the script uses certain coding that is better not used anymore at newer servers. Any ideas what to change to the script so it could possible work again? Thank you in advance.
Here is the code of the index.php login page:
<?
ob_start("ob_gzhandler");
session_start();
$username = "admin";
$password = "admin";
// main page
$mainpage = "main.php";
if(isset($_SESSION['logedin']))
if($_SESSION['logedin'] == 'loggedin')
{
header("Location: $mainpage");
exit();
}
if(isset($_POST['submit']))
{
if($_POST['username'] == $username && $_POST['password'] == $password)
{
$_SESSION['logedin'] = 'loggedin';
// Redirect to the page
header("Location: $mainpage");
exit();
}
else
{
$error = '<br /><br />Invalid Username or Password!';
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en-US">
<head>
<title>test</title>
<meta http-equiv="content-type" content="application/xhtml+xml; charset=UTF-8" />
<style type="text/css">
html, body, #wrapper {
height:100%;
width: 100%;
margin: 0;
padding: 0;
border: 0;
}
#wrapper td {
vertical-align: middle;
text-align: center;
}
#headerBox {
border: 1px solid #A6E0FF;
width: 800px;
color: #00529B;
background: #EDF8FE;
height: 150px;
text-align: center;
margin: 0px auto;
}
#top {
color: #00529B;
background: #DAF3FF;
text-align: center;
border-bottom: 1px solid #BFE9FF;
padding-top: 10px;
padding-bottom: 10px;
font-weight:bold;
}
#bottom {
color: #00529B;
background: #EDF8FE;
text-align: center;
padding-top: 30px;
}
</style>
</head>
<body>
<table id="wrapper">
<tr>
<td>
<div id="headerBox">
<form method="post" id="login" action="index.php">
<div id="top">Log In</div>
<div id="bottom">
Username: <input id="username" name="username" type="text" />
Password: <input id="password" name="password" type="password" />
<input type="submit" name="submit" id="submit" value="Log in" />
<? if(isset($error)) echo $error; ?>
</div>
</form>
</div>
</td>
</tr>
</table>
<script type="text/javascript">
//<![CDATA[
<!--
document.getElementById("username").focus();
//-->
//]]>
</script>
</body>
</html>
You seemed to be missing an opening bracket after an if-statement, so this should be working:
<?php
ob_start("ob_gzhandler");
session_start();
$username = "admin";
$password = "admin";
// main page
$mainpage = "main.php";
if(isset($_SESSION['logedin']))
{
if($_SESSION['logedin'] == 'loggedin')
{
header("Location: $mainpage");
exit();
}
}
if(isset($_POST['submit']))
{
if($_POST['username'] == $username && $_POST['password'] == $password)
{
$_SESSION['logedin'] = 'loggedin';
// Redirect to the page
header("Location: $mainpage");
exit();
}
else
{
$error = '<br /><br />Invalid Username or Password!';
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en-US">
<head>
<title>test</title>
<meta http-equiv="content-type" content="application/xhtml+xml; charset=UTF-8" />
<style type="text/css">
html, body, #wrapper {
height:100%;
width: 100%;
margin: 0;
padding: 0;
border: 0;
}
#wrapper td {
vertical-align: middle;
text-align: center;
}
#headerBox {
border: 1px solid #A6E0FF;
width: 800px;
color: #00529B;
background: #EDF8FE;
height: 150px;
text-align: center;
margin: 0px auto;
}
#top {
color: #00529B;
background: #DAF3FF;
text-align: center;
border-bottom: 1px solid #BFE9FF;
padding-top: 10px;
padding-bottom: 10px;
font-weight:bold;
}
#bottom {
color: #00529B;
background: #EDF8FE;
text-align: center;
padding-top: 30px;
}
</style>
</head>
<body>
<table id="wrapper">
<tr>
<td>
<div id="headerBox">
<form method="post" id="login" action="index.php">
<div id="top">Log In</div>
<div id="bottom">
Username: <input id="username" name="username" type="text" />
Password: <input id="password" name="password" type="password" />
<input type="submit" name="submit" id="submit" value="Log in" />
<?php if(isset($error)) { echo $error; } ?>
</div>
</form>
</div>
</td>
</tr>
</table>
<script type="text/javascript">
//<![CDATA[
<!--
document.getElementById("username").focus();
//-->
//]]>
</script>
</body>
</html>
I'm using PHP 7 to do my project about developing a website. I'm new to PHP and now I have a problem about login session that when I enter the correct username and password it show the message "wrong username or password" and cannot login. I don't know which part got problem. Please help me. Every help would be appreciated. Here is my code.
login.php
<?php session_start(); ?>
<html>
<head>
<style type="text/css">
#login{
width: 300px;
border: 1px solid #c8c8c8;
margin: 80px auto;
text-align: center;
font-family: calibri;
background: #f1f1f1;
border-radius: 4px;
box-shadow: 0 0 6px gray;
}
#login h2{
background: #222;
margin: 2px;
margin-bottom: 18px;
color: #FFF;
font-size: 18px;
padding: 4px;
}
</style>
<title></title>
</head>
<body>
<div id="login">
<form action="login_process.php" method="post">
<h2>Login</h2>
<?php
if (!empty($_SESSION['error']))
{
foreach ($_SESSION['error'] as $er)
{
echo '<font color="red">'.$er.'</font><br />';
}
unset($_SESSION['error']);
}
?>
<b>Username : </b>
<input type="text" name="unm">
<br /><br />
<b>Password : </b>
<input type="password" name="pwd">
<br /><br />
<input type="submit" value="Sign In">
<br /><br />
</form>
</div>
</body>
</html>
login_process.php
<?php session_start();
if (!empty($_POST))
{
extract($_POST);
$_SESSION['error']=array();
if (empty($unm) || empty($pwd))
{
$_SESSION['error'][]="Please enter username or password";
header("location:login.php");
}
else
{
include("include/config.php");
$q ="SELECT * FROM admin
WHERE a_unm='$unm' AND a_pwd='$pwd'";
$res=mysqli_query($q,$link);
$row=mysqli_fetch_assoc($res);
if (!empty($row))
{
$_SESSION['admin']['unm']=$row['a_unm'];
$_SESSION['admin']['pwd']=$row['a_pwd'];
$_SESSION['admin']['status']=true;
header("location:index.php");
}
else
{
$_SESSION['error'][]="Wrong Username or Password";
header("location:login.php");
}
}
}
else
{
header("location:login.php");
}
?>
config.php
<?php
$link= mysqli_connect("localhost","root","");
mysqli_select_db("course_registration_system",$link);
?>
Database detail
enter image description here
I have fixed your issue: Try this below code
login_process.php
<?php session_start();
if (!empty($_POST))
{
extract($_POST);
$_SESSION['error']=array();
if (empty($unm) || empty($pwd))
{
$_SESSION['error'][]="Please enter username or password";
header("location:login.php");
}
else
{
include("include/config.php");
$q ="SELECT * FROM admin WHERE a_unm='$unm' AND a_pwd='$pwd'";
$res=mysqli_query($link,$q);
$row=mysqli_fetch_assoc($res);
if (!empty($row))
{
$_SESSION['admin']['unm']=$row['a_unm'];
$_SESSION['admin']['pwd']=$row['a_pwd'];
$_SESSION['admin']['status']=true;
header("location:index.php");
}
else
{
$_SESSION['error'][]="Wrong Username or Password";
header("location:login.php");
}
}
}
else
{
header("location:login.php");
}
?>
config.php
<?php
$link= mysqli_connect("localhost","root","","course_registration_system");
//mysqli_select_db("course_registration_system",$link);
?>
I am developing an application in php and html in which the user must enter a number in the input. however if the number is 1 to press the button opens another page, but if the number is different does not open anything. The code i'm using is as follows:
<html>
<head>
<title>RHM</title>
<style type="text/css">
h1 { color: red; font-family: arial; font-size: 3em; font-weight: bolder; }
p { color: navy; font-family: Verdana; }
</style>
</head>
<body>
<h1 align="center">INGRESE CONTRASEÑA</h1>
<form action="#" method="post" >
<p align="center"> <input type="password" name="contras" style="width:200px;height:50px;background-color:yellow;color:blue;font-size:14pt;font-family: Comic Sans MS;text-align:center;padding-right:10px;"/></p>
<p align="center" ><input type="submit" value="Entrar" /></p>
<?
$Contraseña=$_POST['contras'];
if ($Contraseña==1) {
action=="Decidir.php";
}
?>
</form>
</body>
</html>
So far as this does nothing. please help thank you all.
I solved it like this:
....
<?
$Contraseña=$_POST['contras'];
if ($Contraseña==10836053) {
header("Location: Decidir.php");
}
?>
</form>
Thank sam_io.
Hey Stackoverflow users,
Since I was able to get some amazing help before with a problem I was stuck on for longer than I could remember I thought I would come at you with this.
Working with a login system that authenticates the user and kills the session off but currently it's not recognizing the variables assigned to the session. After clicking the logout button everything seems like it's working but when doing a direct connect to the Members Page by typing it into the address bar it loads the page instead of redirecting to the login page.
Members.php
<?PHP
session_start();
if (!isset($_SESSION['username'])) {
header('location:login.php');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>The Animator BETA</title>
<style>
//CSS Has been removed as it's lengthy and unrelated to the issue.
</style>
<!--[if lt IE 9]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js"></script>
<script>
$(document).ready(function(){
$('#login-trigger').click(function(){
$(this).next('#login-content').slideToggle();
$(this).toggleClass('active');
if ($(this).hasClass('active')) $(this).find('span').html('▲')
else $(this).find('span').html('▼')
})
});
</script>
</head>
<body>
<header class="cf">
<nav style="text-align:center">Logout</nav>
</header>
<h1 style="text-align:center"> The Animator - BETA</h1>
<hr />
<div id="nav" style="text-align:center">
<ul style="text-align:center">
<li><a href= "#" ><strong>Home</strong></a></li>
<strong><li><a href= "industrial.html" >Industrial</a></li>
<li><a href= "educational.html" >Education</a></li>
<li><a href= "independent.html" >Independent</a></li>
<li><a href= "emergent.html" >Emergent</a></li>
<li><a href= "team.html" >Team</a></li>
<li><a href= "project.html" >Project</a></li>
<li><a href= "budget.html" >Budget</a></li>
<li><a href= "profile.html" >Profile</a></li></strong>
</ul>
</div>
<hr />
<div style="padding-left:19%"><input type="text" value="search" />
<input type="button" value="Search!" name="search"/>
</div>
<div> </div>
<div align="center">
<div><img src="logo.png" width="407" height="345" alt="Logo" usemap="sectors" /></div>
</div>
</div>
<map name="sectors">
<area shape="rect" coords="72,40,194,165" alt="Industrial" href="industrial.html">
<area shape="rect" coords="210,38,328,162" alt="Emergent" href="emergent.html">
<area shape="rect" coords="208,178,331,296" alt="Independent" href="independent.html">
<area shape="rect" coords="71,177,194,295" alt="Educational" href="educational.html">
</map>
<div> </div>
<div style="text-align:right"></div>
<div> </div>
<div id="footer"> <hr />
<p><strong><u>About The Animator | Contact | Privacy Policy | FAQ</u></strong><u></u></p>
</div>
</body>
</html>
LOGIN PAGE
<?php
error_reporting(E_ALL);
ini_set('display_errors',"On");
include ('database_connection.php');
if (isset($_POST['formsubmitted'])) {
// Initialize a session:
session_start();
$error = array();//this aaray will store all error messages
if (empty($_POST['e-mail'])) {//if the email supplied is empty
$error[] = 'You forgot to enter your Email ';
} else {
if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*#([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['e-mail'])) {
$Email = $_POST['e-mail'];
} else {
$error[] = 'Your Email Address is invalid ';
}
}
if (empty($_POST['Password'])) {
$error[] = 'Please Enter Your Password ';
} else {
$Password = $_POST['Password'];
}
if (empty($error))//if the array is empty , it means no error found
{
$query_check_credentials = "SELECT * FROM account WHERE (email='$Email' AND passwords='$Password')";
$result_check_credentials = mysqli_query($dbc, $query_check_credentials);
if(!$result_check_credentials){//If the QUery Failed
echo 'Query Failed ';
}
if (#mysqli_num_rows($result_check_credentials) == 1)//if Query is successfull
{ // A match was made.
$_SESSION = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);//Assign the result of this query to SESSION Global Variable
$_SESSION['email'] = $Email;
session_start("username");
header("Location: members.php");
}else
{
$msg_error= 'Either Your Account is inactive or Email address /Password is Incorrect';
}
} else {
echo '<div class="errormsgbox"> <ol>';
foreach ($error as $key => $values) {
echo ' <li>'.$values.'</li>';
}
echo '</ol></div>';
}
if(isset($msg_error)){
echo '<div class="warning">'.$msg_error.' </div>';
}
/// var_dump($error);
mysqli_close($dbc);
} // End of the main Submit conditional.
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login Form</title>
<style type="text/css">
body {
font-family:"Lucida Grande", "Lucida Sans Unicode", Verdana, Arial, Helvetica, sans-serif;
font-size:12px;
}
.registration_form {
margin:0 auto;
width:500px;
padding:14px;
}
label {
width: 10em;
float: left;
margin-right: 0.5em;
display: block
}
.submit {
float:right;
}
fieldset {
background:#EBF4FB none repeat scroll 0 0;
border:2px solid #B7DDF2;
width: 500px;
}
legend {
color: #fff;
background: #80D3E2;
border: 1px solid #781351;
padding: 2px 6px
}
.elements {
padding:10px;
}
p {
border-bottom:1px solid #B7DDF2;
color:#666666;
font-size:11px;
margin-bottom:20px;
padding-bottom:10px;
}
a{
color:#0099FF;
font-weight:bold;
}
/* Box Style */
.success, .warning, .errormsgbox, .validation {
border: 1px solid;
margin: 0 auto;
padding:10px 5px 10px 60px;
background-repeat: no-repeat;
background-position: 10px center;
font-weight:bold;
width:450px;
}
.success {
color: #4F8A10;
background-color: #DFF2BF;
background-image:url('images/success.png');
}
.warning {
color: #9F6000;
background-color: #FEEFB3;
background-image: url('images/warning.png');
}
.errormsgbox {
color: #D8000C;
background-color: #FFBABA;
background-image: url('images/error.png');
}
.validation {
color: #D63301;
background-color: #FFCCBA;
background-image: url('images/error.png');
}
</style>
</head>
<body>
<form action="login.php" method="post" class="registration_form">
<fieldset>
<legend>Login Form </legend>
<p>Enter Your username and Password Below </p>
<div class="elements">
<label for="name">Email :</label>
<input type="text" id="e-mail" name="e-mail" size="25" />
</div>
<div class="elements">
<label for="Password">Password:</label>
<input type="password" id="Password" name="Password" size="25" />
</div>
<div class="submit">
<input type="hidden" name="formsubmitted" value="TRUE" />
<input type="submit" value="Login" />
</div>
</fieldset>
</form>
<button onclick="window.location='theanimator.html';">Go Back!</button>
</body>
</html>
LOGOUT
<?php
unset($_SESSION['email']);
header('Location: login.php');
exit;
?>
your logout page has to be this:
<?php
//start the session
session_start();
//this will destroy the session that is started
session_destroy();
header('Location: login.php');
exit;
?>
The problem was, you didn't destroy the session so the session exist when you go back to page.
Also you where looking checking on $_SESSION['username'] but you unset $_SESSION['email'] that is never going to work.