Member Avatar for Vai

What I am trying to accomplish is:
When a user logs in the username / password is checked
against the database. Once that is done, I need it to load a page.

I am getting an error using the following code.

<?php
require_once('core/db.php');
// Check if login form was submitted
if (isset($_POST['submit']))
{
// Check for a matching username and password in the database
$check = mysql_query("SELECT id,username,password FROM $prefix"."_admin WHERE 
username='" . $_POST ['username'] . "' AND password='" . $_POST['password'] . "'");
if  (mysql_num_rows($check) != 1) 
{
// inform user username or password is incorrect
   echo "Please check the username / password and try again";

} else {

// Retrieve userinfo
$user_info = mysql_fetch_array($check);

// Login was successful set session variables
$_SESSION["userid"] = $user_info['id'];
$_SESSION["username"] = $user_info['username'];
header('location:home.php');
// echo "<a href=home.php?aut=1>ENTER</a>";

}

// Display Login Form

} else {

echo "<html>";
echo "<head><title></title>";
echo "<link rel='stylesheet' type='text/css'  href='inc/style.css' />";
echo "</head>";
echo "<div class='container'>";
echo "<div class='header'><img src='i/heading.jpg' width='755' height='89' alt='header image'></div>";
echo "<div class='title'>Company Name <br /><br />&nbsp;&nbsp;Administration</div>";
echo "<div class='form'>";
echo "<form action=index.php method='post' class='form'>";
echo "<table align='center'>";
echo "<tr>";
echo "<td align='left'>";
echo "<b>Username</b>:<br /><input type='text' name='username'>";
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td>"; 
echo "<b>Password</b>:<br /><input type='password' name='password' >";
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td>";   
echo "<input type='submit' name='submit' value='Submit'>&nbsp;|&nbsp;
      <input type='submit' name='lost_pass' value='Get Password'>";
echo "</tr>";
echo "</table>";
echo "</form>";
echo "</div>";
echo "</body>";
echo "</div>";
echo"  </html>";
}
?>

Here is the code that I use to check the user/pass

<?php
// Check if login form was submitted
if (isset($_POST['submit']))
{
// Check for a matching username and password in the database
$check = mysql_query("SELECT id,username,password FROM $prefix"."_admin WHERE username='" . $_POST['username'] . "' AND password='" . $_POST['password'] . "'");
if  (mysql_num_rows($check) != 1) {
// inform user username or password is incorrect
echo "Incorrect username or password<br>";
} else {
// Retrieve userinfo
$user_info = mysql_fetch_array($check);
// Login was successful set session variables
$_SESSION["userid"] = $user_info['id'];
$_SESSION["username"] = $user_info['username'];
?>

And I am unsure if i need this but it is supposed to make sure a person is logged in before a user is allowed to view the requested page

<?php
session_start();
if(isset($_SESSION['id'])) {
} else {
// user is not logged in
//header("Location: http://localhost/cms/index.php");
exit();
}
?>
  • 4 Contributors
  • 5 Replies
  • 141 Views
  • 2 Days Discussion Span
  • Latest Post Latest Post by nav33n
Member Avatar for ShawnCplus

Put the require after the header, also, you do not need that extremely long list of echoes, this works just as well

<?php
if(Something)
   //blah
else
{
?>
<html>
   <head><title>Test</title></head>
   <body>
       Blah
   </body>
</html>
<?
}
?>
Member Avatar for Abhishek Anand

never print or echo anything after using header. The script containing header, no never print anything. You should write two different pages, one for login form and one for matching records. If username and password is correct then redirect the header on next page after login,with a string " " and store user ID and passwored in session variable for future use. Otherwise redirect header on the login page. with a message "Pleas try again".
Use this statement:
$str1= "";
$str2="please try again.";
if(login success)
{
make session variables.
header("Location:next.php?msg=$str1");
}
else
{
header("Location:login.php?msg=$str2");
}

Thanks,
Abhishek Anand.

Member Avatar for nav33n

never print or echo anything after using header.

After using header ? Are you sure ? You can print anything you want after calling header function. You shouldn't print anything before header. :)

Member Avatar for Abhishek Anand

After using header ? Are you sure ? You can print anything you want after calling header function. You shouldn't print anything before header. :)

you r right, but not completely. We should not print anything befor header. If someone print then it will not redirect.
When header will use to redirect the page, printing anything after the header, what will happen?

Member Avatar for nav33n

you r right, but not completely. We should not print anything befor header. If someone print then it will not redirect.

Yep. Thats what I said.

When header will use to redirect the page, printing anything after the header, what will happen?

Nothing. Since we are calling the header function, the page will be redirected to another page ignoring anything after the header function.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.