Membership page php

We are trying to create a membership login page.

This is my code.

main_login

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
开发者_如何学运维    <title>Untitled Page</title>
</head>
<body>
    <form name="form1" method="post" action="checklogin.php">
    <table style="width:300px;border:0;text-align:center;background-color:#CCCCCC">
        <tr>
            <td>
                <table style="width:100%;background-color:#FFFFFF;border:0;">
                    <tr>
                        <td colspan="3"><strong>Member Login </strong></td>
                    </tr>
                    <tr>
                        <td style="width:78px">Username</td>
                        <td style="width:6px">:</td>
                        <td style="width:294px"><input name="myusername" type="text" id="myusername"></td>
                    </tr>
                    <tr>
                        <td>Password</td>
                        <td>:</td>
                        <td><input name="mypassword" type="text" id="mypassword"></td>
                    </tr>
                    <tr>
                        <td>&nbsp;</td>
                        <td>&nbsp;</td>
                        <td><input type="submit" name="Submit" value="Login"></td>
                    </tr>
                </table>
            </td>
        </tr>
    </table>
    </form>
</body>
</html>

checkLogin.php

<?php
$dbhost = 'localhost';
$dbuser = 'myuse';
$dbpass = 'myPassword';
$dbname = 'myDbName';

// This is an example opendb.php
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die  ('Error connecting to mysql');
mysql_select_db($dbname);


// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM myTable WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"

$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword']   = $mypassword;
$_SESSION['LoggedIn'] = 1; 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

login_success.php

<?php
session_start();
if(!empty($_SESSION['Username']))  
  {  }
 else
  {header("location:main_login.php");}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
// Check if session is not registered , redirect back to main page. // Put this
code in first line of web page.
<html>
<body>
    Login Successful
</body>
</html>

I am trying to make login_success.php only viewable for members only, but I only get redirected to main_login.php.

I don't think I am sending the Session to login_success.php

Can anybody help? please?

Thanks.

Well, the biggest (and only) problem could be, that while logging in, you set these keys in your $_SESSION array:

$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword']   = $mypassword;
$_SESSION['LoggedIn'] = 1; 

but then you check for different one:

$_SESSION['Username']

In your checkLogin.php page, you're storing the username in $_SESSION['myusername'] and in your login_success.php page, you're checking to see if $_SESSION['Username'] exists. Change one or the other so they're both the same, and this should fix your problem.