I have a Login page that accepts a username and password. I execute the query and set credentials into Session variable like below, this has always worked.
Code: Select all
if($row= mysql_fetch_array($result)){
//Login Successful
$_SESSION['SESS_ENABLED'] = 'Authenticated';
session_write_close();
header("location: index.php");
exit();
}else {
//Login failed
header("location: login-failed.php");
exit();
}Code: Select all
if(!isset($_SESSION['SESS_ENABLED']) || (trim($_SESSION['SESS_ENABLED']) == '')) {
header("location: access-denied.php");
exit();
}