Problems with PHP Session-continue a session

I am setting up a client's website and need to do login control. The user can log in normally and without error, but sending him to the main page when he is logged in is as if he had not logged in. Here is my code:

Login.php

<form class="form-horizontal" action="conf/logar.php" method="POST">
    <fieldset>
        <!-- Text input-->
        <div class="form-group">
            <label class="col-md-4 control-label" for="user">Usuario</label>
            <div class="col-md-2">
                <input id="user" name="user" placeholder="login" class="form-control input-md" required="" type="text">
            </div>
        </div>
        <!-- Password input-->
        <div class="form-group">
            <label class="col-md-4 control-label" for="senha">Senha</label>
            <div class="col-md-2">
                <input id="senha" name="senha" placeholder="senha" class="form-control input-md" required="" type="password">
            </div>
        </div>
        <!-- Button -->
        <div class="form-group">
            <label class="col-md-4 control-label" for="log">Login</label>
            <div class="col-md-4">
                <button id="log" name="log" class="btn btn-success">Login</button>
            </div>
        </div>
    </fieldset>
</form>

Log.php

include("conexao.php");

$user = $_POST["user"];
$senha = $_POST["senha"];

$userBusca = mysql_query("SELECT * FROM usuario WHERE usuario_login = '".$user.
    "' AND usuario_senha = '".$senha.
    "' ") or die(mysql_error("Erro ao fazer login"));

if (mysql_num_rows($userBusca) == 1) {
    session_start(); //Inicia a sessão
    $_SESSION["usuario_nome"] = $_POS["user"];
    $_SESSION["usuario_senha"] = $_POST["senha"];
    header("Location:../index_logado.php");

} else {
    "<script>
    alert('Usuário não encontrado! Informe os dados corretamente');
    window.location.href = '../login.php'; < /script>";
}

I created a page that controls whether the user is logged in or not.

Restricted.php

@session_start();

if(isset($_SESSION["usuario_nome"])){

}else{
    header("Location:login.php");
}

But by including ' restricted.php ' na ' index_logated.php ' is as if the user has not logged in and I can not rescue the session data. Thank you for your help. Vlws!

Author: Guilherme Lautert, 2015-08-11
Source

2 answers

Man, I have high expectations of having found your problem:

You added the user name in the session like so: $_SESSION ["user_name"] = $_POS ["user"];

Is missing a T; So $_SESSION ["user_name"] returns NULL;

 1
Author: Renan Fernandes Mazo, 2015-09-03 02:58:20

There is an arrowhead before session_start(), i will risk saying that it is there because it has generated warnings or some other unwanted output. If it was this, the unwanted exit was not for nothing, it indicates a situation that deserves attention.

If session_start() indicates that the headers have already been sent, obviously there will be problems in the execution of PHP and the arroba will only prevent the alert for possible problems to be displayed, but they will occur try alerts or not.

session_start() it should be called before any output from the server to the browser, if you have any questions, better put at the beginning of the execution of the code.

As a first measure I recommend taking the arroba and see what appears. If it is normal, take the redirect from the authenticating page (logar.php) and see if there is output. From what I've seen, there can be no way out. Remember that the browser must have cookies enabled or else the url must contain something similar to PHPSESSION=xxxxxxxx.

Warnings, alerts and errors are not bad, usually bad is to ignore them. This only refers to the arroba, with it you do not even know if there is any problem.

 0
Author: fbiazi, 2015-08-11 23:51:04