1

This is my header.php

The only problem i am facing is that the notice on the bottom of my screen but login is working properly as it should be.When I submit username and password it pass through another page.The notice shows error on if($_SESSION['login_id']=="").

<?php 
        var_dump($_SESSION);
       if($_SESSION['login_id']=="")
        {
            ?>    
            | <a href="index.php?page=login">Login</a>  | 
            <?php   
        }   
        else
        {
            echo "<font color='green'> | Welcome ".$_SESSION['login_usr']." ".$_SESSION['login_id']."  | Logged in as ".$_SESSION['type']." | </font>";
            if($_SESSION['type']=="Admin")
            {
                ?> <a href="index.php?page=main_record_officer">
            <?php
                }
            if($_SESSION['type']=="Student")
            {            
                ?> <a href="index.php?page=main_student">
             <?php } 
             if($_SESSION['type']=="Teacher")
            {
                ?><a href="index.php?page=main_teacher">
            <?php }
             if($_SESSION['type']=="Accountant")
            {
                ?><a href="index.php?page=main_accountant">
             <?php } ?>
            My Page</a> | <a href="logoff.php">Logoff</a> | <?php
         }              
        ?>
        <a href="index.php?page=help">Help</a> |

This is my login.php

<?php
    if(isset($_POST['submit_btn']))
    {
        $user=$_POST['usrname'];
        $pass=$_POST['password'];

        $sql="select * from record_officer where admin_name='$user' and admin_password='$pass'";
        $result=mysql_query($sql);
        $row=mysql_fetch_array($result);
        $count=mysql_num_rows($result);
        if($count==1)
        {
                $_SESSION['login_usr']=$row['admin_name'];
                $_SESSION['login_id']=$row['admin_id'];
                $_SESSION['type']="Admin";
                print "<script>window.location='index.php?page=main_record_officer';</script>";
        }

else if($pass==""||$user=="")
        {
            echo "<center><font color='red'>Required fields are empty !!! </font></center><br><br>";
        }
        else
        {
            echo "<center><font color='red'>Invalid user name and password !!! </font></center><br><br>";
        }
    }
?>
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
Divya Gurung
  • 27
  • 5

2 Answers2

1

Make sure to start your session by including session_start() at the top of your pages, at least, the ones that need the session functionality. That said, replace your test: if($_SESSION['login_id']=="") with this: 

if( isset($_SESSION['login_id']) && ($_SESSION['login_id']=="") )
NaijaProgrammer
  • 2,892
  • 2
  • 24
  • 33
  • I have already started include session_start() on top of pages and replace with this line but the problem in same ... – Divya Gurung Apr 08 '15 at 17:21
0

I would suggest using empty (http://php.net/empty) as it first checks if a variable is defined at all and then if it has content.

So this: 

if($_SESSION['login_id']==""){
}

should better be:

if(!empty($_SESSION['login_id'])){
}

And as mentioned you need to make sure your session is active, for example like this, at the beginning of the document:

// PHP >= 5.4
if (session_status() == PHP_SESSION_NONE) {
    session_start();
}

// ..or else:
if(session_id() == '') {
    session_start();
}

Beware that you will encounter the "undefined.." error whenever you try to access a variable that is not yet set.

So you need to check your code and add checks wherever necessary.

For example:

$user=$_POST['usrname'];
$pass=$_POST['password'];

Should be:

$user = empty($_POST['usrname']) ? "" : $_POST["usrname"];
$pass = empty($_POST['password']) ? "" : $_POST["password"];

This way the variables $user and $pass will be "" in case the variables were not sent.

Pape
  • 291
  • 1
  • 9
  • Notice: Undefined index: usrname in C:\xampp\htdocs\SIMS2\login.php on line 32 Notice: Undefined index: password in C:\xampp\htdocs\SIMS2\login.php on line 33..... Now I am getting this notice on login.php.... – Divya Gurung Apr 08 '15 at 17:28