I am trying to make a login page using php.
index.php contain form for "login" and "password" which will be check by "process.php"
My intention is: if the login or password is incorrect, an alert box will pop up telling the user the case, and redirect back to index.php
Here is the code for process.php
<?php
session_start();
include('db.php');
if(isset($_POST['submit'])) :
// Username and password sent from signup form
// Remove all HTML-tags and PHP-tags
$username = strip_tags($_POST['username']);
$password = strip_tags($_POST['password']);
// Make the query a wee-bit safer
$query = sprintf("SELECT ID FROM users WHERE username = '%s' AND user_password = '%s' LIMIT 1;", mysql_real_escape_string($username), mysql_real_escape_string($password));
$result = mysql_query($query);
if(1 != mysql_num_rows($result)) :
// MySQL returned zero rows (or there's something wrong with the query)
echo "<script>alert('Wrong login or password')</script>";
header('Location: index.php');
else :
// We found the row that we were looking for
$row = mysql_fetch_assoc($result);
// Register the user ID for further use
$_SESSION['member_ID'] = $row['ID'];
header('Location: members-only.php');
endif;
endif;
?>
I got the error message in "cannot modify header information". From the php textbox that I got, I know that the error was caused because I put "echo" code before "header"
Is there anyway to achieve what I want to do without putting anything before the header?
Thanks!