Hi, I can't seem to work around the problem. If someone could please point me in the right direction for why the login.php page reloads when I enter the correct empid and password from the database. here is my code:

<?php 
	require_once("nocache.php");

	if (isset($_POST['submit'])) 
	{
	$id = $_POST["empid"];
	$pword = $_POST["password"];
	if (empty($id) || empty($pword))
		{
		header("location: login.php");
		}

	else { 
	require_once("dbconn.php");
	$sql = "SELECT empid, password, surname, departmentid, jobid 
		FROM employee, departments, jobs 
		WHERE empid = '$id' and password = '$pword' AND departments.departmentid=employee.departmentid AND jobs.jobid=employee.jobid";
		echo $sql;
	$rs = mysql_query($sql, $dbConn);
	echo mysql_num_rows($rs)."<hr>";
	exit;

	if (mysql_num_rows($rs)> 0 )
		{
		session_start();
		$_SESSION["who"] = $id;
	        $_SESSION["sname"] = mysql_result($rs,0,"surname");
	        $_SESSION["department"] = mysql_result($rs,0,"departmentid");
		$_SESSION["jid"] = mysql_result($rs,0,"jobid"); 

		header("location: choosereview.php");
		}
	else {
		header("location: login.php");
		}
	}
	}

?>

sorry, I wanted to know why the login page doesnt go to the choosereview.php page

You need to put some debugging lines in to see where it's going back to login.php. There are two instances of header("login.php"). I suggest before each one you write some output (which will also prevent the redirect) so that you can identify which path your script is taking.

Also line 21 looks suspicious:

exit;

Seems like if the "else" path is taken in line 13 then it will only get as far as line 21 at which point the script will halt.

ok removed the exit; code, it worked the first time but every go after that is giving me the same page :S

remove

echo $sql;

from line 18. it might help

I have a feeling it's something I'm missing in between...
the form is basically submitting to itself, maybe I should play around with it and see if it submits to another page... :(

Actually there are a few "echo" lines. These will prevent any redirects from taking effect. Your logic needs some rethinking, I think.

As I mentioned earlier, echo on line 18 is sending headers. Once headers are already sent you can not use session_start(). Therefore the code will break at line 25. Make sure you have Error Reporting On.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.