$username = ''; $password = ''; // keep or reset the form fields if (isset($_POST['username'])) { $username = $_POST['username']; } if (isset($_POST['password'])) { $password = $_POST['password']; } $display = true; if (isset($_POST['submit'])) { unset($_POST['submit']); $user_id = ""; if (validateUserLogin($err_msg)) { $conn = new dbAccess($debug); if (($rc = $conn->dbLoginUser($username, $password, $user_id)) == GOOD_RC) { // we have a valid user // Create new session, store the user id $_SESSION['user_id'] = $user_id; $sess_id = session_id(); $_SESSION['sess_id'] = $sess_id; $dom = new DomDocument(); $dom->validateOnParse = true; $el = $dom->getElementById('sess_id'); $el->nodeValue = $sess_id; $uid = $dom->getElementById('user_id'); $uid->nodeValue = $user_id; // Redirect to user info page ob_end_clean(); header('Location: ' . $baseURL . '/dataAccess/userInfo.php'); //http_redirect('www.google.com', true, HTTP_REDIRECT_PERM);