login php script not allowing login

Question

I have created a log in system however when i log in it say the email or password are incorrect even though it's a test user and the details are correct. Maybe it doesn't match the database, I have check over and over again. I can't seem to find the problem. Any help is much appreciated.

PHP:

if(isset($_SESSION['user'])!="")
{
header("Location: index-user.php");
}

if(isset($_POST['btn-login']))
{
$email = mysql_real_escape_string($_POST['email']);
$upass = mysql_real_escape_string($_POST['pass']);

$email = trim($email);
$upass = trim($upass);

$res=mysql_query("SELECT user_id, user_name, user_pass FROM users WHERE user_email='$email'");
$row=mysql_fetch_array($res);

$count = mysql_num_rows($res); // if uname/pass correct it returns must be 1 row

if($count == 1 && $row['user_pass']==md5($upass))
{
    $_SESSION['user_name'] = $row['user_id'];
    header("Location: index-user.php");
}
else
{
    ?>
<script>alert('Email or password invalid.');</script>
    <?php
}

}
?>

HTML:

<input class="loginmodal-input" type="text" name="email" placeholder="Email" required>
<input class="loginmodal-input" type="password" name="upass" placeholder="Password" required>
<button type="submit" name="btn-login" id="login-btn" class="login btn-block loginmodal-submit">Login</button>
<button class="login-btn-2 btn btn-lg btn-block" type="button" aria-label="Close" value="Cancel" data-dismiss="modal"> Cancel</button>

MySQL Info: user_id user_name user_email user_pass

Answer 1

The condition in this line:

if(isset($_SESSION['user'])!="")

results True if the $_SESSION['user'] is set, not if it's empty: isset return boolean value, set to True if the variable is set, to False otherwise. An ampty string is evaluated as False . So, when $_SESSION['user'] is not set, the code evaluate if( False != False ) .

Furthermore, you have to end the php script after calling header("Location") :

if( !isset( $_SESSION['user'] ) )
{
    header( "Location: index-user.php" );
    die();
}

(...)