Hello
I have built 21 web sites, when I changed hosting, the PHP log in failed, due to failure to read the php session
to the log in pahe:
@session_start();
if(isset($_POST['user']) && $_POST['user'] != '' && isset($_POST['pass']) && $_POST['pass'] != '')
{
$pass = mysql_escape_string(addslashes($_POST['pass']));
$user = mysql_escape_string(addslashes($_POST['user']));
$query = "select * from table where name = '$user' AND pass = password('$pass') ";
$query2 = mysql_query($query);
if(mysql_num_rows($query2) < 1)
{
header("location:login.php");
exit;
}
else
{
$_SESSION['user'] = $user;
$_SESSION['keylock'] = "abcd";
header("location:privatepage.php");
}
}
else
{
header("location:$referer");
exit;
}
I reach the private page, here the session cannot be read , and I am redirected to the forbidden page
@session_start();
if(isset($_SESSION['keylock']) && $_SESSION['keylock'] == "abcd")
{
$user = $_SESSION['user'] ;
$display = "<br><div align = 'center'> Welcome <b> $user </b>
<a href = 'signout.php'> <b> » SIGN OUT </b> </a>
</div> <br> ";
require_once('header.php');
echo $display;
}
else
{
header("location:forbiden.php");
exit;
}
The second case is true
I tried to comment the redirection, and
wrote a varaiable
$d = $_SESSION['keylock'] ;
echo " session $d ";
I only get an output session, the session cannot be read
