PHP Session Help On MIT APP Inventor

hello, so my first time here, i need some help. so i need help on the session part. i already did the session_start() but it still not working it showing i havent logged in. im clueless right now and need some help is there any fix?

login.php and block

<?php

session_start();
ini_set('session.cookie_lifetime', 3600);
ini_set('session.cookie_secure', false); 
ini_set('session.cookie_httponly', true);

// Enable error reporting
error_reporting(E_ALL);
ini_set('display_errors', 1);


// Check if the user is already logged in
if (isset($_SESSION['username']) && isset($_SESSION['user_id'])) {
    header("Location: menu.php");
    exit();
}

include 'dbconnection.php'; // Include database connection

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    if (isset($_POST['username'], $_POST['password'])) {
        $username = $_POST['username'];
        $password = $_POST['password'];

        $stmt = $conn->prepare("SELECT id, username, password, status FROM users WHERE (username = ? OR email = ?) AND status = 'success'");
        $stmt->bind_param("ss", $username, $username);
        $stmt->execute();
        $stmt->store_result();

        if ($stmt->num_rows > 0) {
            $stmt->bind_result($user_id, $db_username, $db_password, $db_status);
            $stmt->fetch();

            if (password_verify($password, $db_password)) {
                echo "Location: menu.php";
                $_SESSION['username'] = $db_username;
                $_SESSION['user_id'] = $user_id; // Set user_id in session
                $_SESSION['attempts'] = 0; // Reset attempts
            } else {
                $_SESSION['attempts']++;
                echo "Invalid password. Attempts: " . $_SESSION['attempts'];
            }
        } else {
            $_SESSION['attempts']++;
            echo "Invalid username or email. Attempts: " . $_SESSION['attempts'];
        }

        if ($_SESSION['attempts'] >= 3) {
            echo "Show forgot password button.";
        }

        $stmt->close();
    } else {
        echo "Username and password are required.";
    }
}

?>

menu.php and block

<?php
session_start();
ini_set('session.cookie_lifetime', 3600);
ini_set('session.cookie_secure', false); 
ini_set('session.cookie_httponly', true);

// Check if the user is logged in
if (!isset($_SESSION['username'])) {
    header("Location: login.php"); // Redirect to login if not logged in
    exit();
}

// Display the menu options here
echo "Welcome to the menu, " . $_SESSION['username'];
?>

the sql

Not sure if sessions will work without a browser ?

Do some testing, using examples here:

https://www.w3schools.com/php/php_sessions.asp

You might try setting cookies instead ?

https://www.w3schools.com/php/php_cookies.asp

1 Like

thank you fot tips i will check it