heres my code
login.php
Code: Select all
<?php
include "inc.php";
$username = stripslashes($_POST['user']);
$password = stripslashes($_POST['password']);
$query = mysql_query("SELECT password FROM users WHERE username='$username'");
$db = mysql_fetch_array($query);
$db_pass = $db['password'];
$userage = $db['age'];
$usertype = $db['type'];
if (md5($password) == $db_pass)
{
$_SESSION['user'] = $username;
$_SESSION['age'] = $userage;
$_SESSION['type'] = $usertype;
echo $_SESSION['type'];
}
else
{
echo "not found in database! please register!";
}
?>
//all that is contained in inc.php is the db connection.and by the way i don't get any errors and even when im not loged in, if i echo the session "type" it still returns "e" (this is after the session is destroyed)