Programming Help

Web Development

Projects

What's Here?

Members: 95,475
Replies: 379,757
Topics: 56,731
Snippets: 1,915
Tutorials: 494
Total Online: 960
Members: 33
Guests: 927

Who's Online?

Dream.In.Code > Programming Help > PHP

Welcome to Dream.In.Code
	Getting PHP Help is Easy! Join 95,475 PHP Programmers for FREE!. Ask your question and get quick answers from Dream.In.Code experts. There are 960 online right now! We're the #1 programming help community on the internet! Registration is fast and FREE... Join Now! Chat LIVE With a PHP Expert Register to Make This Box Go Away!

problem with login

Reply to this topic

Start new topic

problem with login, redirection with successful login not working

smallfatguy	11 May, 2008 - 06:55 PM Post #1
New D.I.C Head Joined: 20 Jun, 2005 Posts: 19	I have a fairly basic login.php page which checks the username and password against a simple database. When successful, it should redirect the user to a members.php page. When I uploaded it to a live server, the code will not redirect. It stays on the login.php page which then just becomes a blank page. This surprised me because it had worked perfectly when I tried with my local apache server at home. In the end I emailed the hosting company to find out if there was anything I needed to do with the code to make it work on their server. In their reply they said I needed to remove any echo/print statements in the script and to include an exit; statement after the header redirection. As you can see in the code below, there are no echo/print statements in the script, and I have included an exit statement as they recommended. But it still does not work on their server. So I have two questions I am hoping to have answered. 1. How to get this page working on their server - any clues at all will be gratefully recieved. 2. Why does it work on the local server, but not on the live server - worth knowing for future reference. CODE <?php require("config.php"); require("dbconnect.php"); // check if there is a login cookie if(isset($_COOKIE['my_ID'])) { // if a valid one exists, it logs you in and directs you to the members page $username = $_COOKIE['my_ID']; $pass = $_COOKIE['my_PASS']; $check = mysql_query("SELECT * FROM tbl_users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } // end if else { header("Location: members.php"); } // end else } // end while } // end if login cookie //if the login form is submitted but there is no login cookie yet if (isset($_POST['submit'])) { // if form has been submitted // make sure the fields are both filled in if(!$_POST['username'] \| !$_POST['pass']) { die('You did not fill in a required field.'); } // end if // check it against the database $check = mysql_query("SELECT * FROM tbl_users WHERE username = '" . $_POST['username'] . "'") or die(mysql_error()); //Give error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database.'); // <a href=add.php>Click Here to Register</a>'); } // end if while($info = mysql_fetch_array( $check )) { //gives error if the password is wrong if ($_POST['pass'] != $info['password']) { die('Incorrect password, please try again.'); } // end if password wrong else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(my_ID, $_POST['username'], $hour); setcookie(my_PASS, $_POST['pass'], $hour); //then redirect them to the members area header("location: members.php"); exit; } // end else } // end while } // end if form submitted ?> <html> <head> </head> <body> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login Page</h1></td></tr> <tr><td>Please type your username and password in the boxes below and click the submit button</td></tr> </table><br /><br /> <table border="0"> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="pass" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> </body> </html> If you feel like commenting on how bad some of the code is, I will not take offence as I am hoping to learn as much as possible here many thanks in advance -------------------- "The same fire that melts the butter hardens the egg" Gordon Allport
	This Post Was Helpful! ^New!

Register for Free to Make This Ad Go Away!

no2pencil	12 May, 2008 - 12:10 AM Post #2
Wet D.I.C. Joined: 10 May, 2007 Posts: 4,044 Thanked 15 times Dream Kudos: 2225 Expert In: Goofing Off My Contributions	QUOTE CODE <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> I think you've forgotten the semi colon to your echo statement. CODE <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> -------------------- If this is all a dream then don't bother waking me.
	This Post Was Helpful! ^New!

joeyadms	12 May, 2008 - 12:41 AM Post #3
D.I.C Head Joined: 4 May, 2008 Posts: 141 Thanked 6 times Dream Kudos: 600 My Contributions	From reading your post and skimming the code, I think it's best you try a few things before I go dissecting your code. If you moved from one server to another, make sure you DB connection info is updated if needed. Make sure there is no output, or whitespace at the end or beginning of your include files, as best practice, on included files, never put ending php tags ?>, because any space after it is sent to output. If this is the case you cannot modify header data after output is sent. turn on php errors, and try to get some error information, if it is just a white page, most likely cause is a php error. You can try what no2pencil suggested, however, if nothing follows an statement you do not need end delimiters. Also just some suggestions. When querying for login scripts do something like this $query = "SELECT * FROM `table` WHERE username = '$username' AND password = '$password'"; then just use num_rows to determine if it was successful. Make sure you use encryption on passwords in the database, using a salt as well. Do not store password data, or username, or any important info in cookies, use sessions for more secure handling. Make sure you run mysql_real_escape_string($var); on all vars used in sql statements, or you have a real security problem on your hands. Eventually work toward using an db abstraction layer to make things more simple, I've posted a MYSQL one in the snippets on this site. Let's try to get this figured out.
	This Post Was Helpful! ^New!

smallfatguy	12 May, 2008 - 04:29 PM Post #4
New D.I.C Head Joined: 20 Jun, 2005 Posts: 19	many, many thanks for your replies. And I do apologise for my delay in getting back (working full shifts, studying full time, daughter making her first communion, huge time differences - buzz, buzz, buzz, busy bee). no2pencil - tried the semi-colon, but no joy joeyadms - double checked the database connection and outputs. they are all working fine. BUT - looked at my include files and there is *was* loads of white space at the ends. Did as you suggested, and it WORKED. This is great news! Although there are problems with the next few pages, I am sure I can work my way through them. And it will probably be something to do with another include file that I have. I can't tell you how good I feel about this. And I even almost understand the solution So again, I have to say thank you. And - I also appreciate the other suggestions and comments you made. Once the overall site is working (it is a simple quiz, to be used for exam revision for now), I will be including some proper security in the coding. And I will probably print out your db abstraction layer snippet for reference, if you have no objections. -------------------- "The same fire that melts the butter hardens the egg" Gordon Allport
	This Post Was Helpful! ^New!

joeyadms	12 May, 2008 - 04:37 PM Post #5
D.I.C Head Joined: 4 May, 2008 Posts: 141 Thanked 6 times Dream Kudos: 600 My Contributions	Glad to see that you have it working, that whitespace can be tricky, and the abstraction layer is all yours, it's all about learning.
	This Post Was Helpful! ^New!

Fast Reply

Reply to this topic

Start new topic

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 7/5/08 03:40AM

Invision Power Board v2.1.7 © 2008 IPS, Inc.

Licensed to: MediaGroup1

Advertising | Terms of Use | Privacy Policy | About Us | Site Map

Forum Index: Programming Help | C and C++ | Visual Basic | Java | VB.NET | C# | ASP.NET | PHP | ColdFusion | Perl and Python | Ruby | Databases | Other Languages | Game Programming | Software Development | Computer Science | Industry News | Programming Tutorials | C++ Tutorials | Visual Basic Tutorials | Java Tutorials | VB.NET Tutorials | C# Tutorials | PHP Tutorials | Linux Tutorials | ColdFusion Tutorials | Windows Tutorials | HTML/JavaScript Tutorials | CSS Tutorials | Flash Tutorials | Web Promotion Tutorials | Photoshop Tutorials | Software Development Tutorials | Database Tutorials | Other Language Tutorials |

Copyright 2001-2008 MediaGroup1 LLC, All Rights Reserved
A MediaGroup1 LLC Production - Version 6.0.2.1.36

Search^Updated!w00t

Over 509,000 Pages! Advanced Forum Search

Live PHP Help!

PHP Tutorials

Reference Sheets

PHP Snippets

Bye Bye Ads

Free DIC T-Shirt

T-Shirt Example

Related Sites

Monthly Drawing

Partners

Top Contributors

Top 10 Kudos This Month

-->