Login redirection not working properly

jstfsklh211 79 Light Poster · 2015-04-13T15:55:55+00:00

post your form

where does $_POST["login"] get set

terrymason 0 Newbie Poster · 2015-04-13T18:00:11+00:00

I find it's easy to troubleshoot by just putting some echo statements in and seeing what's being sent.

    if(isset($_POST["login"])) {

echo "<br />the user_type is ".$user_type;   
echo "<br />the username is ".$username; 

    }

I'm not sure that you need those exit; statements.

UK-1991 0 Posting Whiz · 2015-04-13T18:05:42+00:00

Here is the form

<?php 
    require_once("includes/connection.php");
?>
<!DOCTYPE HTML>
<html>
<head>
<title> Green Gadget - Login</title>
<meta http-equiv="Content-Type" content="text/html;">

    <link type="text/css" rel="stylesheet" href="css/style.css" />
    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css">

</head>

<body>
    <div id="main_page" style="  padding: 152px 0;">
    <p class="heading_login">LOGIN</p>
        <div id="login">
        <form name="login" method="post" action="includes/verify.php">
            <label>
                <p>User Name</p>
                <input type="text" name="user_name" class="txtfield_login" required />
                <div class="clear"></div>
            </label>

            <label>
                <p>Password</p>
                <input type="password" name="password" class="txtfield_login" required />
                <div class="clear"></div>
            </label>

            <input type="submit" class="formbtn_login" value="Login" name="login" />
        </form>
        <div class="clear"></div>
        </div>
    </div>

</body>
</html>

UK-1991 0 Posting Whiz · 2015-04-13T18:24:54+00:00

@terrymason the indormation echoing is correct but dont know why it's not confirming it

lps 71 Posting Pro in Training · 2015-04-14T00:14:41+00:00

Try to review your code

$query = "SELECT * FROM agents";
    $query_confirm = mysqli_query($connection, $query);
    while ($record = mysqli_fetch_assoc($query_confirm)) {
        $id = $record["id"];
        $uname = $record["agent_uname"];
        $user_pass = $record["agent_password"];
        $user_type = $record["user_type"];
    }

From what I see, you select all record from agents table and overwrite the $id,$uname,$user_pass,$user_type for each record. This means these variable will only store the last data from the database. Then your code on if($username == $uname && $password == $user_pass) will return false.

If I am in the case, I will probably change the code into

if(isset($_POST["login"])) {//if not posted, no need to fetch from database
    while ($record = mysqli_fetch_assoc($query_confirm)) {
        $id = $record["id"];
        $uname = $record["agent_uname"];
        $user_pass = $record["agent_password"];
        $user_type = $record["user_type"];
        if($username == $uname  && $password == $user_pass) {
            if($user_type == "Admin") {
                header("Location: ../admin.php?admin=".$id);
                exit;
            } else {
                header("Location: ../home.php?agent=".$id);
                exit;
            }
        } else {
            header("Location: ../login.php");
        }
    }
} else {
    header("Location: ../login.php");
}

slowlearner2010 -1 Newbie Poster · 2015-04-14T02:40:40+00:00

Have you try this?

if(($username == $uname) && ($password == $user_pass))

UK-1991 0 Posting Whiz · 2015-04-14T17:42:35+00:00

@lps , Perfect so this was the big mistake I was doing on I tried to done every form processing within the loop and it did worked thank you once again.