My access.inc.php isn't working

[terryds]

Take a look at my code :

 

access.inc.php

<?php function isLoggedIn() { if (isset($_POST['action']) and $_POST['action'] == 'login') {if (empty($_POST['un']) || empty($_POST['pw'])) {$GLOBALS['loginError'] = "Please fill in both fields";return FALSE;}      $pw = crypt($_POST['pw'], '$2a$07$427fyb79223423423acgLosdillYs$l7$');      if (dbConstainsUser($_POST['un'], $pw)) {     session_start();     $_SESSION['loggedIn'] = true;     $_SESSION['un'] = $_POST['un'];     $_SESSION['pw'] = $pw;     return TRUE;     }     else {     session_start();     unset($_SESSION['loggedIn']);     unset($_SESSION['un']);     unset($_SESSION['pw']);     $GLOBALS['loginError'] = "Invalid username or password";     return FALSE;     }} session_start();if (isset($_SESSION['loggedIn'])) {return dbContainsUser($_SESSION['un'], $_SESSION['pw']);}} function dbContainsUser($username, $password) {include dirname(dirname(dirname(__FILE__))) . '/inc/connect.php'; try {$sql = "SELECT COUNT(`id`) FROM `users` WHERE `username` = :un AND `password` = :pw";$s = $pdo->prepare($sql);$s->execute(array(':un' => $username,':pw' => $password ));} catch (PDOException $e) {$error = "SQL ERROR = Error searching for user";echo $error;die();} $row = $s->fetch(PDO::FETCH_ASSOC); if ($row[0] > 0) {return TRUE;} else {return FALSE;}}

And, my controller code :

 

<?php

include(dirname(dirname(__FILE__)) . "/pathdefiner.php");

include_once ("inc/access.inc.php");

if (!isLoggedIn()) {

include ("template/login.html");

exit();

}

echo "Under Construction";

But, if i execute the controller code, it generates an error

Notice: Undefined index: un in C:xampphtdocsterrytestadmininclogged.php on line 32

Notice: Undefined index: pw in C:xampphtdocsterrytestadmininclogged.php on line 32

My 32nd line is : return dbContainsUser($_SESSION['un'], $_SESSION['pw']);

Please help me fix this error so it'll work as expected ...

Edited September 14, 2013 by terryds

[Ingolme]

That means that $_SESSION['un'] and $_SESSION['pw'] are not set. You probably set $_SESSION['loggedIn'] somewhere but didn't set the other values.

 

This portion of code isn't inside a function, so I'm not sure what return is doing:

session_start();if (isset($_SESSION['loggedIn'])) {return dbContainsUser($_SESSION['un'], $_SESSION['pw']);}}

Since the code isn't inside a function that also means it's going to execute immediately.

[Don E]

Fox, that's exactly what I thought myself when I looked at the code earlier but I wasn't sure because the second closing brace after the if statement might be the closing brace for the isLoggedIn function?

[Ingolme]

OK, this seems to be a problem with your indentation, the code actually is inside the function. You should properly indent your code to make it easier to understand and solve problems.

 

Anyways, the only logical answer is that $_SESSION['un'] and $_SESSION['pw'] are not set. You should look for the place where $_SESSION['loggedIn'] was given a value and make sure that the other two get set there as well.

 

Be sure to close your browser so that the session is destroyed before testing again. You might just be having a session that was improperly set earlier.