Search code examples
phpmysqlsessionerror-handlinginternal-server-error

php admin session session

I'm trying to make an admin account for my website using php. I'm using the following code and I get "500 internal Server Error" I have no idea what i'm doing wrong. I have the following php script in my index.php file for admin.

<?php
session_start();
if(!isset($_SESSION["manager"])){
    header("Location: admin_login.php");    
    exit(); 
}

$id = preg_replace('#[^0-9]#i', '',  $_SESSION["id"]);
$manager = preg_replace('#[^0-9]#i', '', $_SESSION["manager"]);
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]);

include "../scripts/db_connect.php";
$sql_str = mysql_query("SELECT * FROM admins WHERE userName = '$userName' AND password =       '$password' LIMIT 1");
$exist_Count = mysql_num_rows('$sql_str');

if($exist_Count == 0){
    header('location: ../index.php');
    exit(); 
}
?>

and the following code is for admin_login.php file where I ask the user to sign in 

<?php
if(isset($_POST["userName"]) && isset($_POST["password"])){
    $manager = $_POST["userName"];
    $password = $_POST["password"];
    include "../scripts/db_connect.php";
    $results = mysql_query("SELECT id FROM admins WHERE userName = '$manager' AND password ='$password' LIMIT 1");

$existCount = mysql_num_rows($results);
if($existCount == 1){
    while($row  = mysql_fetch_array($results)){
        $id = $row["id"];   
    }
    $_SESSION["id"] = $id;
    $_SESSION["manager"] = $manager;
    $_SESSION["password"] = $password;
    header("Location: index.php");
    exit();
}
else{
    echo 'Invalid Information';
    exit(); 
    }

}
?>
Solution

  • You forgot to add session_start() on your admin_login.php

    <?php
session_start(); //<---------- Here
if(isset($_POST["userName"]) && isset($_POST["password"])){
    $manager = $_POST["userName"];
    $password = $_POST["password"];
    include "../scripts/db_connect.php";
    $results = ......
    //.... rest of your code............