Hello guys I’m new at putting my website in a server and i just can’t make it work although it works at localhost. the $SQL query works fine because the website can still tell if I’m entering a correct username and password. I think my session does not work or header? i dont know what do you guys think?
This is the code i used:
<?php
include 'connect.php';
session_start();
$un= $_POST['txtUserName'];
$pw= $_POST['txtPass'];
$SQL="SELECT * FROM admins WHERE binary idno='$un' AND binary pass='$pw'";
$result= mysqli_query($con,$SQL);
$count=mysqli_num_rows($result);
$rows = mysqli_fetch_row($result);
$_SESSION['p']=$rows['pass'];
if ($count==1)
{
$SQL = "SELECT * FROM admins WHERE binary idno='$un'";
$result = mysqli_query($con,$SQL); //rs.open sql,con
while ($row = mysqli_fetch_assoc($result))
{
$_SESSION['name']=$row['firstname']." ".$row['lastname'];
}
$_SESSION['username']=$un;
$_SESSION['pos']="admin";
$_SESSION['cnt']=0;
$_SESSION['status']="Active";
$_SESSION['authorized'] = TRUE;
if($_SESSION['status']=="Active"){
$admin="AdminAdminAccounts.php";
header('Location'.$admin);
}}
else{
$SQL="SELECT * FROM users WHERE binary `TEL#`='$un' AND binary pass='$pw'";
$result= mysqli_query($con,$SQL);
$count=mysqli_num_rows($result);
$rows = mysqli_fetch_row($result);
$_SESSION['p']=$rows['pass'];
if ($count==1)
{
$SQL = "SELECT * FROM users WHERE binary `TEL#`='$un'";
$result = mysqli_query($con,$SQL); //rs.open sql,con
while ($row = mysqli_fetch_assoc($result))
{
$_SESSION['name']=$row['firstname']." ".$row['lastname'];
}
$_SESSION['username']=$un;
$_SESSION['pos']="user";
$_SESSION['cnt']=0;
$_SESSION['status']="Active";
$_SESSION['authorized'] = TRUE;
echo '<script language="javascript">';
echo 'window.location.href="TransactionTable.php"';
echo '</script>';
}
else{
$_SESSION['cnt']++;
if (($_SESSION['cnt']==3)||($_SESSION['cnt']==6)||($_SESSION['cnt']==9)){
header('location:Locked.php');
}
else{
$_SESSION['mes']=1;
header('location:LoginPage.php');
}
}
}
mysqli_close($con);
?>