I've already told you how to deal with sessions using session_start().
You either go back and read my advice again or you give up. Where did I tell you to put session_start() ? - The top of your scripts. Why didn't you do it in login.php? - Why have you left it down in an else clause after starting your html output with your header? - Did you think that I was just speaking unimportant gibberish or something?
As for the undefined index messages, these two lines I gave you earlier:
$user = mysql_real_escape_string($_POST['user']);
$pass = mysql_real_escape_string($_POST['pass']);
Change $_POST['user'] and $_POST['pass'] so that they match the names of the login fields in your html. That means if you have:
<input type="text" name"username"> you change $_POST['user'] to $_POST['username'] and the same for the password field.
My helpful sig has gone because a mod below the administrator gave me an infraction - despite the administrator personally agreeing to it.
If you need any php tips or tricks you can PM me.
Last edited by tangoforce; 09-16-2012 at 04:02 PM..