My website works fine on php4 when I upgrading to php5 there is problem in login the code give me this message
("Invalid way to login please follow the right steps of login.");
I don't no why this happen
PHP Code:
<?php
if (!is_null($_SESSION['user']))
{
// user already signed from this machine
$user = $_SESSION['user'];
echo"<strong><font color='red'>Sorry, User $user already signed from this computer.</font>
<br> Please, <a href='logout.php'>Logout</a> and then login.</strong>";
}
else
{
include 'main.php';
$link = bio_connect();
if ($hdnLoginSubmit)
{
$found = false;
// if user is student
$qr = "select * from students where std_id='$txtUsername' and std_password='$txtPassword'";
$res = mysql_query($qr)or die(mysql_error());
$rowsAffected = mysql_num_rows($res);
if ($rowsAffected != 0)
{
while ($row = mysql_fetch_array($res))
{
$username = $row[std_name];
$user_no = $row[std_no];
$user_inistitute = $row[inis_no];
$user_groupNo = $row[group_no];
}
$userType = "s";
$found = true;
}
else
{
// if user is teacher (lectural or tutor)
$qr = "select * from teachers where teach_id='$txtUsername' and teach_pswd='$txtPassword'";
$res = mysql_query($qr)or die(mysql_error());
$rowsAffected = mysql_num_rows($res);
if ($rowsAffected != 0)
{
while ($row = mysql_fetch_array($res))
{
$username = $row[tname];
$user_no = $row[teach_no];
$user_inistitute = $row[inis_no];
$userType = $row[teach_type];
}
$found = true;
}
else
{
//user not found
echo "<strong><font color='red'>Invalid User Name or Password</font><br>
<a href='index.php'>Click Here</a> if you have account, or contact the webmaster if you haven't.</strong>";
}
}
if ($found)
{
$_SESSION['user'] = $user_no;
$_SESSION['name'] = $username;
$_SESSION['inis'] = $user_inistitute;
$_SESSION['ut'] = $userType;
switch ($userType)
{
case "s" : header("Location: index.php");
break;
case "l" : header("Location: admin/index.php");
break;
case "t" : header("Location: tutor/index.php");
}
}
}
else
{
// illegal access
die("Invalid way to login please follow the right steps of login.");
}
<td> </td>
</tr>
<tr>
<td></td>
</tr>
</table></td>
<td width="5%" bordercolor="#FFFFFF"> </td>
<td width="75%">
<table width="100%" border="0">
<tr>
<td width="75%" rowspan="6" align="left" valign="top">
<?php
if ($_SESSION['user']!=NULL)
{
// user already signed from this machine
$user = $_SESSION['user'];
echo"<strong><font color='red'>Sorry, User $user already signed from this computer.</font>
<br> Please, <a href='logout.php'>Logout</a> and then login.</strong>";
}
else
{
include 'main.php';
$link = bio_connect();
if ($hdnLoginSubmit)
{
$found = false;
// if user is student
$qr = "select * from students where std_id='$txtUsername' and std_password='$txtPassword'";
$res = mysql_query($qr)or die(mysql_error());
$rowsAffected = mysql_num_rows($res);
if ($rowsAffected != 0)
{
while ($row = mysql_fetch_array($res))
{
$username = $row[std_name];
$user_no = $row[std_no];
$user_inistitute = $row[inis_no];
$user_groupNo = $row[group_no];
}
$userType = "s";
$found = true;
}
else
{
// if user is teacher (lectural or tutor)
$qr = "select * from teachers where teach_id='$txtUsername' and teach_pswd='$txtPassword'";
$res = mysql_query($qr)or die(mysql_error());
$rowsAffected = mysql_num_rows($res);
if ($rowsAffected != 0)
{
while ($row = mysql_fetch_array($res))
{
$username = $row[tname];
$user_no = $row[teach_no];
$user_inistitute = $row[inis_no];
$userType = $row[teach_type];
}
$found = true;
}
else
{
//user not found
echo "<strong><font color='red'>Invalid User Name or Password</font><br>
<a href='index.php'>Click Here</a> if you have account, or contact the webmaster if you haven't.</strong>";
}
}
if ($found)
{
$_SESSION['user'] = $user_no;
$_SESSION['name'] = $username;
$_SESSION['inis'] = $user_inistitute;
$_SESSION['ut'] = $userType;
switch ($userType)
{
case "s" : header("Location: index.php");
break;
case "l" : header("Location: admin/index.php");
break;
case "t" : header("Location: tutor/index.php");
}
}
}
else
{
// illegal access
die("Invalid way to login please follow the right steps of login.");
}
<!doctype html public "-//W3C//DTD HTML 4.0//EN">
<html>
<head>
<title>Untitled web-page</title>
</head>
<body>
<?php
function bio_connect()
{
$link = mysql_connect("localhost", "myusername", "mypassword")
or die ("Could not connect to MySQL");
mysql_select_db ("mydbname")
or die ("Could not select database");
return $link;
}
?>
</body>
</html>
This code uses a deprecated directive from register_globals. I'm surprised it was even enabled on you're old PHP4 host.
Values passed from get, post, cookies, etc should be requested via the $_GET, $_POST, $_COOKIE superglobals, much the same way you're using the $_SESSION superglobal.
Since $hdnLoginSubmit is undefined, an if ($hdnLoginSubmit) is always false, causing you're code to drop to the else statement. That should be if (isset($_POST['hdnLoginSubmit'])) which should allow you're code to proceed in the intended if block.
You should remove any html out of either main or login depending on how these are handled. As it sits, you're redeclaring you're doctype, html, head and body tags when it is not necessary to do this unless you're planning on using and parsing as an xml based result.
__________________
As of PHP 5.5, the MySQL library has been officially deprecated. It is recommended to move to either MySQLi or PDO libraries for your mysql connectivity. See here for help choosing which interface you prefer: http://php.net/manual/en/mysqlinfo.api.choosing.php
Before you post, read our: 
