hello, so my first time here, i need some help. so i need help on the session part. i already did the session_start() but it still not working it showing i havent logged in. im clueless right now and need some help is there any fix?
login.php and block
<?php
session_start();
ini_set('session.cookie_lifetime', 3600);
ini_set('session.cookie_secure', false);
ini_set('session.cookie_httponly', true);
// Enable error reporting
error_reporting(E_ALL);
ini_set('display_errors', 1);
// Check if the user is already logged in
if (isset($_SESSION['username']) && isset($_SESSION['user_id'])) {
header("Location: menu.php");
exit();
}
include 'dbconnection.php'; // Include database connection
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST['username'], $_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$stmt = $conn->prepare("SELECT id, username, password, status FROM users WHERE (username = ? OR email = ?) AND status = 'success'");
$stmt->bind_param("ss", $username, $username);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
$stmt->bind_result($user_id, $db_username, $db_password, $db_status);
$stmt->fetch();
if (password_verify($password, $db_password)) {
echo "Location: menu.php";
$_SESSION['username'] = $db_username;
$_SESSION['user_id'] = $user_id; // Set user_id in session
$_SESSION['attempts'] = 0; // Reset attempts
} else {
$_SESSION['attempts']++;
echo "Invalid password. Attempts: " . $_SESSION['attempts'];
}
} else {
$_SESSION['attempts']++;
echo "Invalid username or email. Attempts: " . $_SESSION['attempts'];
}
if ($_SESSION['attempts'] >= 3) {
echo "Show forgot password button.";
}
$stmt->close();
} else {
echo "Username and password are required.";
}
}
?>
menu.php and block
<?php
session_start();
ini_set('session.cookie_lifetime', 3600);
ini_set('session.cookie_secure', false);
ini_set('session.cookie_httponly', true);
// Check if the user is logged in
if (!isset($_SESSION['username'])) {
header("Location: login.php"); // Redirect to login if not logged in
exit();
}
// Display the menu options here
echo "Welcome to the menu, " . $_SESSION['username'];
?>
the sql