I'm having trouble with my PHP code for User Login . This code is working on local machine, however I went up in my amazon instance and the moment I log in the user the server does not authenticate the session. The login.php page is in a subdomain login.xxxx.com.br and the restricted page is in another subdomain paginarestrita.xxxx.com.br, so when I go to debug the code and call the variables of the login page in the restricted area apache informs that the variable has not been defined, or that apache on my server can not open a different www domain session since I ran tests with the files in the same subdomain.
login:
<?php session_start(); ?>
<?php
require('db_conn.php');
if(isset($_POST['entrar'])){
$usuario = $_POST['usuario'];
$senha = $_REQUEST['senha'];
$sql= ("SELECT * FROM login WHERE usuario ='$usuario' AND senha ='$senha'");
$query=mysql_query($sql) or die (mysql_error());
$results= mysql_num_rows($query);
if($results == 0){
echo "<script>alert('Erro ao logar')</script>";
echo "<meta HTTP-EQUIV='refresh' CONTENT='5;URL=http://portal.xxxxx.com.br'>";
}else{
// Cria uma sessão que identifica se o usuário efetuou o login
session_start();
$_SESSION["usuario"]=$usuario;
echo "<script>alert('Usuário autenticado com sucesso')</script>";
echo "<meta HTTP-EQUIV='refresh' CONTENT='0;URL= http://user.xxxxxx.com.br'>";
}
}
?>
Restricted Page:
<?php
$usuario=$_SESSION["usuario"];
if(isset($usuario)){
echo "<script>alert('Usuário autenticado com sucesso')</script>";
return true;
}else{
//session_destroy();
header( "Location:http://portal.xxxxx.com.br/" , TRUE , 302 );
}
// Logout
if( isset($_GET["acao"]) && $_GET["acao"]=="logout" ) {
// Destrói todos os dados da sessão
session_destroy();
// Redireciona o usuário para o formulário de login
header( "Location:http://portal.xxxxxx.com.br/" , TRUE , 302 );
exit;
}
?>