Login Detection Error

[Titan85]

Hello, I am having some trouble with my login script for some reason. When I login, I get the success message, but then when I go to another page, I have to login again. Every time I go to another page, I just get redirected to the login page. Here is my login script:

PHP Code:

<?php 

########## If Login Hit ##########
if ($_POST['login']) {
    $user = mysql_real_escape_string($_POST['user']);
    $pass = md5($_POST['pass']);
    
    // Get User Data
    $check = mysql_query("SELECT * FROM `admins` WHERE user = '$user'") or die ("Error Checking Username! \n<br />\n" .mysql_error());
    $u = mysql_fetch_array($check);
    $chk = mysql_num_rows($check);
    //
    
    // Check Fields
    if (!$user || !$pass) { echo('<meta http-equiv="refresh" content="2;URL='.$_SERVER['PHP_SELF'].'" /> <div class="error">Please fill in all fields!</div>'); }
    //
    
    // Check User
    else if ($chk < 1) { echo('<meta http-equiv="refresh" content="2;URL='.$_SERVER['PHP_SELF'].'" /> <div class="error">Invalid username!</div>'); }
    //
    
    
    // Check Password
    else if ($u['pass'] !== $pass) { echo('<meta http-equiv="refresh" content="2;URL='.$_SERVER['PHP_SELF'].'" /> <div class="error">Invalid password!</div>'); }
    //
    
    // If Everything Checks Out
    else if ($pass == $u['pass'] && $chk >= 1) {
        @$_SESSION['user'] = $user;
        @$_SESSION['pass'] = $pass;
        @$_SESSION['site'] = $siteName;
        
        echo('<meta http-equiv="refresh" content="2;URL=index.php" /> <div class="message">Welcome '.$user.', you are now logged in!</div>'); 
    }
    //
    
    // If Another Error Occurs
    else { echo('<meta http-equiv="refresh" content="2;URL='.$_SERVER['PHP_SELF'].'" /> <div class="error">Invalid password!</div>'); }
    //
}    
    
########## If Login Not Hit ##########
if (!$_POST['login']) { ?>

    <div class="message">Admin Login</div> <br /><br />
    
        <!-- Login Form -->
                <form method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
                    <table width="250" align="center">
                        <tr>
                            <td>Username:</td>
                            <td><input type="text" name="user" /></td>
                        </tr>
                        <tr>
                            <td>Password:</td>
                            <td><input type="password" name="pass" /></td>
                        </tr>
                        <tr>
                            <td></td>
                            <td><input type="submit" name="login" value="Login" /></td>
                        </tr>
                    </table>
                </form>
        <!-- /Login Form -->
        
<? }

?>

That script is contained in this page:

PHP Code:

<?php @session_start(); require('config.php'); require('includes/chk_ban.inc.php'); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title><?php echo $m['title'] ?> | Admin Panel</title>
<link rel="stylesheet" href="main-style.css" type="text/css" />
</head>

<body>
<div id="frame">
    <div id="border">
        
        <div id="top">
            <div class="t_txt"><?php echo $siteName ?></div>
        </div>
        
        <div id="left">
            <div class="s_title">Navigation</div>
<?php require('includes/nav.inc.php'); ?>
        </div>
        
        <div id="main">
            <div class="spacer"><?php require('login.inc.php'); ?></div>
        </div>
        
        <div id="footer">
            <div id="footer_txt"><?php echo $m['copyright'] ?></div>
        </div>
    
    </div>
</div>
</body>
</html>

Here is how I check the login:

PHP Code:

<?php @session_start(); if (!isset($_SESSION['user']) || !isset($_SESSION['pass']) || $_SESSION['site'] != $siteName) { header('Location: '.$cmsHome.''); } ?>

That script is included on all protected pages like this:

PHP Code:

<?php require('../chk_login.inc.php'); require('../config.php'); require('../includes/chk_ban.inc.php'); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title><?php echo $m['title'] ?> | Admin Panel</title>
<link rel="stylesheet" href="../main-style.css" type="text/css" />
</head>

<body>
<div id="frame">
    <div id="border">
        
        <div id="top">
            <div class="t_txt"><?php echo $siteName ?></div>
            <div class="r_txt"><?php require(''.$cmsHome.'/includes/user.inc.php'); ?></div>
        </div>
        
        <div id="left">
            <div class="s_title">Navigation</div>
<?php require('../includes/nav.inc.php'); ?>
        </div>
        
        <div id="main">
            <div class="spacer">
<?php require('manage.inc.php'); ?>
            </div>
        </div>
        
        <div id="footer">
            <div id="footer_txt"><?php echo $m['copyright'] ?></div>
        </div>
    
    </div>
</div>
</body>
</html>

I can not figure out why it is not working. It is probably something simple, but I can't seem to locate it. Anyone see a problem? Thanks

[resnostyle]

i believe you are missing session_start(); on the first page.

[Titan85]

i believe you are missing session_start(); on the first page.

I have the session_start(); on the page that the first PHP code is contained in. Thanks though