<?php
//session_start();
require_once 'config.php';
?>
-----
<?php
if (isset($_POST['login'])) {
$username = $_POST["username"];
$password = $_POST["password"];
$sql = "SELECT id, username FROM users
WHERE
username = '$username' AND upassword = '$password'";
$result = $conn->query($sql);
if ($result ->num_rows > 0) {
session_start(); // you can add this at the start line of the document
$row = $result -> fetch_assoc();
$_SESSION["user_id"] = $row["id"];
$_SESSION["user_name"] = $row["username"];
header("Location: dashboard.php");
}
else {
echo '<p class="error-message">Invalid username or password.</p>';
}
$conn->close();
}
?>
-----
<form action="login.php" method="post">