If your footer
<script> always runs and always expects
$name to be filled, then you’ll have to check whether the session was logged in. If it isn’t, redirect the user to the login page, or specify defaults.
Also, you should probably rewrite the SQL you’re using to authenticate the user. First, save the password as a hash. Second, use a
WHERE statement to fetch any rows that match the email and password, instead of looping through the results in your application.
You probably also want to fix the
var pasword typo, and I advise you to rename the
$success variable to something more descriptive, like
$loggedIn. This might not be critical for this particular purpose, but it’s a good thing to get into the habit of properly naming your variables.
CLICK HERE to find out more related problems solutions.