Here is each one of my .php pages. I can get it to register and go onto my local server. However when I go to the login page and actually login it will not redirect to the members page. I am not sure what the issue it. I am pretty new to PHP and the code looks decent. Very simple but I am trying to get this to work. Any help is appreciated. Thanks.
config.php
<?php
$host = "localhost";
$username = "root";
$password = "root";
$db = "motofoto";
//Connect to MySQL Server
$con = mysqli_connect($host,$username,$password,$db) or die("Can not connect to Server.");
?>
Login.php
<?php
session_start();
require "config.php"; //Connection Script, include in every file!
//Check to see if the user is logged in.
if(isset($_SESSION['username'])){
header( "Location: members.php" ); //isset check to see if a variables has been 'set'
}
if(isset($_POST['submit']))
{
//Variables from the table
$user = $_POST['user'];
$pass = $_POST['pass'];
//Prevent MySQL Injections
$user = stripslashes($user);
$pass = stripslashes($pass);
$user = mysqli_real_escape_string($con, $user);
$pass = mysqli_real_escape_string($con, $pass);
//Check to see if the user left any space empty!
if($user == "" || $pass == "")
{
echo "Please fill in all the information!";
}
//Check to see if the username AND password MATCHES the username AND password in the DB
else
{
$query = mysqli_query($con,"SELECT * FROM members WHERE username = '$user' and password = '$pass'") or die("Can not query DB.");
$count = mysqli_num_rows($query);
if($count == 1){
//YES WE FOUND A MATCH!
#$_SESSION['username'] = $user; //Create a session for the user!
header ("Location: members.php");
}
else{
echo "Username and Password DO NOT MATCH! TRY AGAIN!";
}
}
}
?>
<html>
<table>
<tr>
<form name="register" method="post" action="login.php">
<td>
<table>
<tr>
<td colspan="3"><strong><center>Login </center></strong></td>
</tr>
<tr>
<td>Username</td>
<td>:</td>
<td><input autofocus name="user" type="text" id="user"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="pass" type="password" id="pass"></td>
</tr>
<tr>
<td></td>
<td></td>
<td><input type="submit" name="submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
<table>
<tr>
<td>Not a Member? Register</td>
</tr>
</table>
</html>
register.php
<?php
session_start(); //Must Start a session.
require "config.php"; //Connection Script, include in every file!
//Check to see if the user is logged in.
//'isset' check to see if a variables has been 'set'
if(isset($_SESSION['username'])){
header("location: members.php");
}
//Check to see if the user click the button
if(isset($_POST['submit']))
{
//Variables from the table
$user = $_POST['user'];
$pass = $_POST['pass'];
$rpass = $_POST['rpass'];
//Prevent MySQL Injections
$user = stripslashes($user);
$pass = stripslashes($pass);
$rpass = stripslashes($rpass);
$user = mysqli_real_escape_string($con, $user);
$pass = mysqli_real_escape_string($con, $pass);
$rpass = mysqli_real_escape_string($con, $rpass);
//Check to see if the user left any space empty!
if($user == "" || $pass == "" || $rpass == "")
{
echo "Please fill in all the information!";
}
else
{
//Check too see if the user's Passwords Matches!
if($pass != $rpass)
{
echo "Passwords do not match! Try Again";
}
//CHECK TO SEE IF THE USERNAME IS TAKEN, IF NOT THEN ADD USERNAME AND PASSWORD INTO THE DB
else
{
//Query the DB
$query = mysqli_query($con,"SELECT * FROM members WHERE username = '$user'") or die("Can not query the TABLE!");
//Count the number of rows. If a row exist, then the username exist!
$row = mysqli_num_rows($query);
if($row == 1)
{
echo "Sorry, but the username is already taken! Try again.";
}
//ADD THE USERNAME TO THE DB
else
{
$add = mysqli_query($con,"INSERT INTO members (id, username, password) VALUES (null, '$user' , '$pass') ") or die("Can't Insert! ");
echo "Successful! <a href='members.php'> Click Here </a> to log In.";
}
}
}
}
?>
<html>
<table width="300" align="center" cellpadding="0" cellspacing="1" border="1px solid black">
<tr>
<form name="register" method="post" action="register.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong><center>Registration</center></strong></t
d>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="user" type="text" id="user"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="pass" type="password" id="pass"></td>
</tr>
<tr>
<td>Repeat Password</td>
<td>:</td>
<td><input name="rpass" type="password" id="rpass"></td>
</tr>
<tr>
<td></td>
<td></td>
<td><input type="submit" name="submit" value="Register"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
</html>
members.php
<?php
session_start();
require "config.php";
//Check to see if the user is logged in.
if(isset($_SESSION['username'])){
echo "Hello ".$_SESSION['username'].", you are logged in. <br /> This the member's page! Nothing here :(. <a href='logout.php'>Click Here </a>to log out.";
}
else{
echo "Please <a href='login.php'>Log In </a> to view the content on this page!";
}
?>
logout.php
<?php
session_start();
require "config.php";
session_destroy();
echo "You have successfully logged out. <a href='login.php'> Click here </a> to login!";
?>
1)try to add session close function, this may help as session is possibly not saved yet.
#$_SESSION['username'] = $user; //Create a session for the user!
session_write_close();
header ("Location: members.php");
2) And as Fred mentioned try to debug with php error reporting.
3) Small note: register.php => change link to Login.php not members.php
echo "Successful! <a href='Login.php'> Click Here </a> to log In.";
PS: I tested your script and it worked fine even without session_write_close();
Alternatively you can use following function to redirect through java script. It's not the solution but you can use as alternative.
function redirect($url)
{
echo $data= "<script type='text/javascript'> window.location.href = '".$url."'; </script>";
break;
}
Related
I need to redirect users to different pages based on the roles given to them in the database. Only the username and password is submitted on the login page. I have to fetch the role from the database which looks like this:
username | password | role
admin1 admin1 admin
alex12 alex12 (nothing to normal users)
Here is the code:
<?php
session_start();
// conectare la baza de date
$db = mysqli_connect("localhost", "root", "", "inregistrare");
if (isset($_POST['login_btn'])) {
$username = mysqli_real_escape_string($db,$_POST['username']);
$password = mysqli_real_escape_string($db,$_POST['password']);
$password = md5($password); // parola cryptata
$sql = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$result = mysqli_query($db, $sql);
if (mysqli_num_rows($result) == 1) {
$_SESSION['message'] = "Te poti Conecta!";
$_SESSION['username'] = $username;
header("location: clasa.php"); //spre o pagina
}else{
$_SESSION['message'] = "Parola gresita!";
}
}
?>
<head>
<title>Conectare</title>
<link rel="stylesheet" type="text/css" href="./css/index-style.css">
</head>
<body>
<?php
if (isset($_SESSION['message'])) {
echo "<div id='error_msg'>".$_SESSION['message']."</div>";
unset($_SESSION['message']);
}
?>
<form method="post" action="clasa.php"> <!-- modifica si aici cand modifici mai sus la php-->
<table align="center">
<tr>
<th id="titlu" class="titlu" colspan="2">Conectare</th>
</tr>
<tr>
<td class="border">Username:</td>
<td class="border"><input type="text" name="username" class="text-input" size="20"></td>
</tr>
<tr>
<td class="border">Password:</td>
<td class="border"><input type="password" name="password" class="text-input" size="20"></td>
</tr>
<tr>
<td class="spatiu"></td>
<td class="spatiu"></td>
</tr>
<tr>
<td><button class="register" type="submit" formaction="./register.php">Inregistrare</button></td>
<td><button class="connect" type="submit" name="login_btn">Conectare</button></td>
</tr>
</table>
</form>
</body>
</html>
You should check the user role. Here is an example how you can check it.
P.S the adminfile.php and anotherfile.php is where you should redirect the user and can be whatever you want.
if (mysqli_num_rows($result) == 1) {
$_SESSION['message'] = "Te poti Conecta!";
$_SESSION['username'] = $username;
$user = mysql_fetch_assoc($result);
if($user['role'] == 'admin'){
header("location: adminfile.php");
}else{
header("location: anotherfile.php");
}
}else{
$_SESSION['message'] = "Parola gresita!";
}
Use mysqli_fetch_row
$result = mysqli_query($db, $sql);
while ($row = mysqli_fetch_row($result)) {
printf ("%s (%s)\n", $row[0], $row[1]);
}
I can see that you've already got the answer from #leli.1337 But I thought I should give you same example in more secured way than the one you have above, bellow I'm using PDO prepared statements to prevent sql injections, and also There's no need to store success message /error message on a session variable.
Bellow is my code.
<?php
session_start();
// conectare la baza de date
$host_name = "localhost";
$u_name = "root";
$u_pass = "";
try {
$db = new PDO("mysql:host=$host_name;dbname=inregistrare", $u_name, $u_pass);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch (PDOException $ex) {
error_log($ex);
}
$loginMessage = ""; //will fill this at a later stage.
if (isset($_POST['login_btn'])) {
$username = UserInput($_POST['username']);
$password = UserInput($_POST['password']);
try {
$stmt = $db->prepare("SELECT username,password, role FROM users where username = ? ");
$stmt->bindValue(1, $username);
$stmt->execute();
$result = $stmt->fetchall(PDO::FETCH_ASSOC);
if (count($result) > 1) { // username corerct
foreach ($result as $row) { // now lets validate password
if (password_verify($password, $row['password'])) {
$loginMessage = "<p style=\"color:green;\">Te poti Conecta!</p>"; //We don't really need to store the success on a session.
$_SESSION['username'] = $row['username'];
if ($row['role'] === "admin") {
//admin user
header("location:admin.php");
} elseif ($row['role'] === "") {
header("location: clasa.php"); //spre o pagina
}
} else {
// password incorrect
$loginMessage = "<p style=\"color:#f00\">Parola gresita!</p>";
}
}
}
}
catch (PDOException $e) {
error_log($e);
}
}
function UserInput($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<head>
<title>Conectare</title>
<link rel="stylesheet" type="text/css" href="./css/index-style.css">
</head>
<body>
<?php
echo $loginMessage;
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<table align="center">
<tr>
<th id="titlu" class="titlu" colspan="2">Conectare</th>
</tr>
<tr>
<td class="border">Username:</td>
<td class="border"><input type="text" name="username" class="text-input" size="20"></td>
</tr>
<tr>
<td class="border">Password:</td>
<td class="border"><input type="password" name="password" class="text-input" size="20"></td>
</tr>
<tr>
<td class="spatiu"></td>
<td class="spatiu"></td>
</tr>
<tr>
<td><button class="register" type="submit" formaction="./register.php">Inregistrare</button></td>
<td><button class="connect" type="submit" name="login_btn">Conectare</button></td>
</tr>
</table>
</form>
</body>
</html>
As you can see I'm using password_verify() to verify the password hash instead of the md5 you used so, on your register.php page
you will need to hash the password like this:
$password = $_POST['password'];
// Now lets hash the password
$hash = password_hash($password, PASSWORD_DEFAULT);
instead of: $password= md5($_POST['password'];
So in your database you will store the $hash value
Thanks, Hope you find this more useful.
I have a issue with my login form. I'm trying to login with PHP and MySQLi but for some reason every time I press the login button. The fields within the form reset to blank fields. This is my code index.php
<html>
<head>
<title>User Login</title>
</head>
<body>
<form action="" method="post">
<table width="500" align="center" bgcolor="skyblue">
<tr align="center">
<td colspan="3"><h2>User Login</h2></td>
</tr>
<tr>
<td align="right"><b>Email</b></td>
<td><input type="text" name="email" required="required"/></td>
</tr>
<tr>
<td align="right"><b>Password:</b></td>
<td><input type="password" name="pass" required="required"></td>
</tr>
<tr align="center">
<td colspan="3">
<input type="submit" name="login" value="Login">
</td>
</tr>
</table>
</form>
</body>
</html>
<?php
session_start();
$con = mysqli_connect("localhost","root","usbw","login");
if (mysqli_connect_errno())
{
echo "MySQLi Connection was not established:" . mysqli_connect_error();
}
// checking the user
if(isset($_POST['login'])){
$email = mysqli_real_escape_string($con,$_POST['email']);
$pass = mysqli_real_escape_string($con,$_POST['pass']);
$sel_user = "SELECT * FROM users WHERE user_email='".$email."' AND user_pass='".$pass."'";
echo $sel_user;
$run_user = mysqli_query($con, $sel_user);
$check_user = mysqli_num_rows($run_user);
echo $check_user;
if($check_user == 1){
$_SESSION['user_email']=$email;
header('Location: loggedin.html'); }
else { header('Location: index.html'); }
}
?>
I hope someone can help me to fix this issue because I really need to build a login form for my website
There's a few things I'd like to point out about your code, but the primary issue you've been having all along is that you are sending headers before you are calling the session_start(); and header("Location: ..); functions. This causes "Headers already sent" warnings, and will not break your script, but it won't function properly. You should read How to fix "Headers already sent" error in PHP.
The code below has been altered some as well, I've made a few changes to it that you really should include
Using prepared statements, to protect your database against SQL injection (see How can I prevent SQL injection in PHP?) (never, never, never, never ever trust user-input!)
Using exit after calling a header("Location .."); function (see php - Should I call exit() after calling Location: header?)
The altered code is given below, and should be placed above ANY kind of HTML.
<?php
session_start();
$con = mysqli_connect("localhost","root","usbw","login");
if (mysqli_connect_errno()) {
echo "MySQLi Connection was not established:" . mysqli_connect_error();
}
if (isset($_POST['login'])) {
$email = mysqli_real_escape_string($con, $_POST['email']);
$pass = mysqli_real_escape_string($con, $_POST['pass']);
$sql = "SELECT user_email FROM users WHERE user_email=? AND user_pass=?";
if ($stmt = $mysqli_prepare($sql)) {
mysqli_stmt_bind_param($stmt, "ss", $email, $pass);
mysqli_stmt_store_result($stmt);
// Checking if the user was valid
if (mysqli_stmt_num_rows($stmt) > 0){
$_SESSION['user_email'] = $email;
header('Location: loggedin.html');
exit;
} else {
header('Location: index.html');
exit;
}
}
}
?>
<!-- HTML form goes here, nothing(!) before this PHP -->
What you really should do is to hash your passwords - from the looks of it, your passwords are stored in clean text in the database, this is a BIG no-no!
You should use password_hash() and password_verify() for that. It's really important to protect your user should your database be breached.
To troubleshoot further, you should enable error-reporting:
error_reporting(E_ALL);
mysqli_error
mysqli_stmt_error
When you have enabled this, PHP will tell you what's wrong if you just check your logs.
dude try this
<html>
<head>
<title>User Login</title>
</head>
<body>
<form action="" method="post">
<table width="500" align="center" bgcolor="skyblue">
<tr align="center">
<td colspan="3"><h2>User Login</h2></td>
</tr>
<tr>
<td align="right"><b>Email</b></td>
<td><input type="text" name="email" required="required"/></td>
</tr>
<tr>
<td align="right"><b>Password:</b></td>
<td><input type="password" name="pass" required="required"></td>
</tr>
<tr align="center">
<td colspan="3">
<input type="submit" name="login" value="Login">
</td>
</tr>
</table>
</form>
</body>
</html>
<?php
session_start();
$con = mysqli_connect("localhost","root","usbw","users");
if (mysqli_connect_errno())
{
echo "MySQLi Connection was not established:" . mysqli_connect_error();
}
// checking the user
if(isset($_POST['login'])){
$email = mysqli_real_escape_string($con,$_POST['email']);
$pass = mysqli_real_escape_string($con,$_POST['pass']);
$sel_user = "SELECT * FROM users WHERE user_email='".$email."' AND user_pass='".$pass."'";
$run_user = mysqli_query($con, $sel_user);
$check_user = mysqli_num_rows($run_user);
if($check_user == 1){
$_SESSION['user_email']=$email;
header('Location: loggedin.html');
}
else {
header('Location: index.html');
}
}
?>
I am new in PHP and I made a simple login page.It works fine on local server but doesn't works on first attempt on live server. After the 1st attempt then does works. I think the problem is in sessions, but I unable to figure out the exact problem. Once again describe in detail (In any Browser after 1st attempt it shows same login page instead of redirect on main.php. then after 2nd attempt it redirects on main.php page and works fine until browser has been running. Next day again it needs 2 attempts when wrong credentials works fine from the 1st attempt but with correct credentials it requires 2 attempt.)
**login.php**
<form action="login.php" method="post" onsubmit="return loginvalidate()" name="loginfrm">
<table width="600" border="0">
<tr>
<td>User Name</td>
<td><input name="txtusername" type="text" maxlength="15" id="txtusername"/></td>
<span id="message"></span>
</tr>
<tr>
<td></td>
<td><span style="color:#FF0000">*</span> Minimum 5 alphanumeric letters (a-z A-Z 0-9)</td></tr>
<tr>
<td>Password</td>
<td><input name="txtpass" type="password" maxlength="7" />
<span style="color:#FF0000">*</span> Minimum 5 alphanumeric letters (a-z A-Z 0-9)</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="submit"/></td>
</tr>
<tr>
<td>Forget password?</td>
<td>New Register</td>
</tr>
</table>
</form>
<?PHP
session_start();
function login()
{
include ("includes/dbConfig.php");
$uname = $_POST["txtusername"];
$pass = $_POST["txtpass"];
$uname = stripslashes($uname);
$pass = stripslashes($pass);
$uname = mysql_real_escape_string($uname);
$pass = mysql_real_escape_string($pass);
$log = mysql_query("SELECT * FROM logininfo WHERE username = '$uname' and password = '$pass'");
if(mysql_num_rows($log)==1)
{
$_SESSION["username"] = $uname;
//header("location: main.php");
echo ("<script type='text/javascript'>window.location.href='main.php'</script>");
}
else
{
echo "<script type='text/javascript'>alert('Login Fail - Check Username and password')</script>";
}
mysql_close($ms);
}
if(isset($_POST['submit']))
{
login();
}
?>
main.php
<?php
session_start();
$temp = $_SESSION["username"];
echo "$temp";
if (!isset($_SESSION["username"]))
{
header('Location: admin.php');
}
?>
You put session_start(); at top of page but not in login function.use this code.
**login.php**
<?PHP
function login()
{
include ("includes/dbConfig.php");
$uname = $_POST["txtusername"];
$pass = $_POST["txtpass"];
$uname = stripslashes($uname);
$pass = stripslashes($pass);
$uname = mysql_real_escape_string($uname);
$pass = mysql_real_escape_string($pass);
$log = mysql_query("SELECT * FROM logininfo WHERE username = '$uname' and password = '$pass'");
if(mysql_num_rows($log)==1)
{
session_start();
$_SESSION["username"] = $uname;
//header("location: main.php");
echo ("<script type='text/javascript'>window.location.href='main.php'</script>");
}
else
{
echo "<script type='text/javascript'>alert('Login Fail - Check Username and password')</script>";
}
mysql_close($ms);
}
if(isset($_POST['submit']))
{
login();
}
?>
Here is a problem i am having.
I have a loginform.php and when the user clicks the login button I want to display an error message on the same 'loginform.php' on my '#diverror' div if the user dose not exist.
loginform.php
<form method="post" action="login.php">
<div style='width:500px;margin:auto;border:2px solid darkgrey;margin-top: 50px;'>
<table id='logintable'>
<tr>
<td colspan="2" style='text-align: center;font-weight: bold;'>Login</td>
</tr>
<tr>
<td>Username</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td></td>
<td><button type= submit>Login</button></td>
</tr>
</table>
<div id="diverror"> </div>
</div>
</form>
login.php
<?php
require 'connect.php';
$username= $_POST['username'];
$password= $_POST['password'];
$sqlcommand = "SELECT * FROM user WHERE username = '$username'";
$result = mysql_query($sqlcommand,$db);
include 'loginform.php';
if(mysql_num_rows($result)>=1)
{
$row = mysql_fetch_assoc($result);
$dbpass = $row['password'];
$dbuser = $row['username'];
$dbactive = $row['active'];
$_SESSION['username']=$dbuser;
header ('Location: index.php');
}
else // If the user dose not exist,
{
//Display this message on the loginform.php > #diverror
}
?>
Store error message in SESSION...
else // If the user dose not exist,
{
$_SESSION['msg']="User does not exist";
header("Location: loginform.php");
exit();
}
then just echo SESSION variable, after displaying message you need to unset session variable.
<div id="diverror">
<?php echo $_SESSION['msg'];
unset($_SESSION['msg']); ?>
</div>
NOTE: must start session at the beginning of the both files..
session_start();
To avoid this showing up even when a user has not logged in yet, use
<div class="text-error ">
<?php
session_start();
if (isset($_SESSION['msg']))
{
echo $_SESSION['msg'];
}
unset($_SESSION['msg']); ?>
</div>
This way, error will only show up if msg has been set and this can only happen when user submits.
I am making a web with a login system which is working fine.
I have also made a page which one has to log in to view. It is also working fine and when a user logs in it also gives a welcome "username" message.
However for an unknown reason this session variable is not being stored to the other pages. The thing is that I used the same methods which I used for the page with login restrictions.
Below is my login page. (works fine).
<?php
session_start();
?>
<form id="login_form" method="post" action="">
<p>
<?php
if(isset($_POST["username"]) && isset($_POST["password"])){
$username = $_POST["username"];
$password = $_POST["password"];
if(strlen($username) < 4 || strlen($password) < 4){
echo "Username or Password are invalid.";
}else{
require("connect.php");
$login = mysql_query("SELECT * FROM users WHERE username = '$username' AND password = '$password' ") or die(mysql_error());
if(mysql_num_rows($login) == 0){
echo "Username or Password are incorrect!";
} else{
require("member.php");
$member_info = mysql_fetch_assoc($login);
setMember($member_info["id"]);
$_SESSION['user'] = "$username";
echo "Welcome ".$member_info["fname"]." ".$member_info["lname"]."<br />";
echo "Redirecting... Please wait.";
jumpTo("my_logs_testing.php",2);
}
//Free result & close connection.
mysql_free_result($login);
mysql_close($link);
}
}else{
}
?>
</p>
<table frame="box" bgcolor="" width="40%" border="0" cellpadding="6" align="center">
<tr>
<td colspan="2"><div align="center"><font color="#FFFFFF"><strong>Diving Advisor | Log In System</strong></font> </div> </tr>
<tr>
<td width="25%"><font color="#FFFFFF"><strong><label for="username2">Username:</label></strong></font></td>
<td width="75%" align="left"><input name="username" type="text" id="username" size="30" maxlength="20" /></td>
</tr>
<tr>
<td><font color="#FFFFFF"><label for="password"><strong>Password:</label></strong></font></td>
<td align="left"><input name="password" type="password" id="password" size="30" maxlength="20" /></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="submit_login" id="submit_login" value="Log In" /></td>
</tr>
</table>
</form>
This is the page with login restriction (works fine).
<?php
session_start();
$current_user = $_SESSION['user'];
require("member.php");
if( !isMember() ){
header("Location: login.php");
} else {
?>
<?php
if(mysql_connect('localhost', 'root','') && mysql_select_db('diving_advisor')){
echo "Welcome ".$current_user;
$errors = array();
if(isset($_POST['datepicker'],$_POST['location'],$_POST['description'])) {
cont.......................
And this is one of the the other pages which is not working (session variable seems to be lost! HERE IS THE PROBLEM!!!!
<?php
session_start();
$current_user = $_SESSION['user'];
require("member.php");
?>
Here is code from template.......................
Then the editable region....
<?php
echo $current_user;
?>
<p><strong>Heading 1</strong></p>
<p>This is the home page of the diving advisor application.
Lore......
echo $currentuser is printing nothing on the page. It is suppose to print the logged in user but for some reason it is not.
Please help cause i really do not know what is wrong!!
Tks in advance.
session_start();
Needs to be the first thing that is called on each page.