Custom php Login Form: using a modal

Question

I am trying to get my login php working. I can't find what's wrong. I've had it working before, but it stopped all of the sudden. I am using bootstrap also, but I don't think that would cause any problems. Everything between the php and the form seems to match up. I am using a javascript and css modal for the login form, but I don't think that would effect it either.

PHP:

<?php
session_start();
include_once 'dbconnect.php';

if(isset($_SESSION['usr_id'])) {

echo "Successfully Logged In!"; 

//header("Location: index.php");

}

if (isset($_POST['login'])) {

$email = mysqli_real_escape_string($con, $_POST['email']);

$password = mysqli_real_escape_string($con, $_POST['password']);

$result = mysqli_query($con, "SELECT * FROM users WHERE email = '" . $email . "' and password = '" . md5($password) . "'");
?>
<!--<script>
    alert("<?php echo 'Result is: '.$result; ?>");
</script> -->
<?php
$row = mysqli_fetch_array($result);
echo $row;

if ($row != NULL) {

    $_SESSION['usr_id'] = $row['id'];

    $_SESSION['usr_name'] = $row['name'];

    // header("Location: index.php");

} else {

    $errormsg = "Incorrect Email or Password!!!";

}

}

?>

Here is my login modal with the form:

<!-- The Modal -->
    <div id="login" class="modal">

<!-- Modal content -->
    <div class='js-fade fade-in is-paused'>
        <div class="modal-content">
            <span class="close" data-dismiss="modal">x</span>
                <form role="form" action="index.php" method="post" name="loginform">

                                        <fieldset>

                                            <legend>Login</legend>



                                            <div class="form-group">

                                                <label for="name">Email</label>

                                                <input type="text" name="email" id="email" placeholder="Your Email" required class="form-control" />

                                            </div>



                                            <div class="form-group">

                                                <label for="name">Password</label>

                                                <input type="password" name="password" id="password" placeholder="Your Password" required class="form-control" />

                                            </div>


                                            <div class="form-group">

                                                <input type="submit" name="login" value="login" class="btn btn-info login" role="button" />

                                            </div>

                                        </fieldset>
                                            <div class="signupbtn">
                                                <li><a href="signup/index.php" class="noaccount btn btn-info" id="signupbtn">Don't have an account? Sign Up here.</a></li>
                                            </div>
                                    </form>
        </div>

    </div>
</div>

Navbar:

<!-- Nav Bar -->
<nav class="navbar navbar-default navbar-fixed-top navbar-left">
    <div class="container">
        <div class="navbar-header">
            <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
                <span class="icon-bar"></span>
                <span class="icon-bar"></span>
                <span class="icon-bar"></span>
            </button>
                <a class="navbar-brand brand" href="#" style="font-family: Warnes">Unleasht</a>
        </div>
    <div class="collapse navbar-collapse">
        <ul class="nav navbar-nav">
            <li class="navbarli"><a href="#" class="navbarli">HOME</a></li>
            <li class="navbarli"><a href="#about" class="navbarli">ABOUT</a></li>
            <li class="navbarli"><a href="#music" class="navbarli" data-toggle="collapse" data-target=".navbar-collapse.in">MUSIC</a></li>
            <li class="navbarli"><a href="#contact" class="navbarli" data-toggle="collapse" data-target=".navbar-collapse.in">CONTACT</a></li>
        </ul>
        <ul class="nav navbar-nav navbar-right">

            <?php
            function loggedIn(){
            if(isset($_SESSION['usr_id']))
            { echo '<li class="dropdown">
                    <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">'. $_SESSION['user'] .'<span class="caret"></span></a>
                   <ul class="dropdown-menu">
                        <li><a href="#">'. $_SESSION['usr_name'] .'</a></li>
                        <li><a href="#">Account</a></li>
                        <li role="separator" class="divider"></li>
                        <li><a action="login/logout.php">Logout</a></li>
                    </ul>
                </li>';
            }else{
                unset($_SESSION['usr_id']);
                echo '<li><a href="#login" class="navbarli" data-toggle="modal" data-target="#login" id="loginbtn"><span class="glyphicon glyphicon-log-in navbarli"></span> Login</a></li>';
                }
            }
            loggedIn();
            ?>

        </ul>
    </div><!--/.nav-collapse -->
    </div>
</nav>

What am I doing wrong?

Answer 1

You can not set $_SESSION['usr_id'] after you have sent any header, try following code:

<?php
session_start();
include_once 'dbconnect.php';
if(isset($_SESSION['usr_id'])) {
    echo "Successfully Logged In!"; 
}elseif (isset($_POST['login'])) {
    $email = mysqli_real_escape_string($con, $_POST['email']);
    $password = mysqli_real_escape_string($con, $_POST['password']);
    $result = mysqli_query($con, "SELECT * FROM users WHERE email = '" . $email . "' and password = '" . md5($password) . "'");
    if (mysqli_num_rows($result)==1) {
        $row = mysqli_fetch_array($result);
        $_SESSION['usr_id'] = $row['id'];
        $_SESSION['usr_name'] = $row['name'];
        echo "OK fine";
    } else {
        echo "Incorrect Email or Password!!!";
    }
}
?>