clayton47

I put all my php code above the html and now things are a bit cleaner and functioning as they should!

Christian - I read through your thread. But I didnt pick up on anything to help me out... Hmmmmmmm

My apologies Lily if I were taking your wrong! You know how sometimes on forums context can be taken wrong. I figured you were poking fun at me for being a noob in php and making very amateur mistakes! There will be plenty more to come.... I have a ways to go just like anyone getting familiar with programming! Christian I will read your thread now. Thanks for pointing that out to me!

I will try implementing what was mentioned. Mannnn White_lily is trying to blow me out of the water cause Im a noob.... Well I did read about using die() and figured I would apply what I read was good measure. Guess he/she ended up looking like a Jack Wagon for trying to bust my chops! Thanks to you all for chiming in. I have a lot to learn. I will follow up soon!

Here is my login page, without the header(). But I tried to insert it just after the opening php tag - <?php //allow sessions to be passed so we can see if the user is logged in session_start(); //connect to the database so we can check, edit, or insert data to our users table $con = mysql_connect('localhost', 'root', 'root') or die(mysql_error()); $db = mysql_select_db('tournaments', $con) or die(mysql_error()); //include out functions file giving us access to the protect() function made earlier include "functions.php"; ?> <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <link rel="stylesheet" type="text/css" href="style.css"> <title>untitled</title> </head> <body> <?php //If the user has submitted the form if($_POST['submit']){ //protect the posted value then store them to variables $username = protect($_POST['username']); $password = protect($_POST['password']); //Check if the username or password boxes were not filled in if(!$username || !$password){ //if not display an error message echo "<center>You need to fill in a <b>Username</b> and a <b>Password</b>!</center>"; }else{ //if the were continue checking //select all rows from the table where the username matches the one entered by the user $res = mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."'"); $num = mysql_num_rows($res); //check if there was not a match if($num == 0){ //if not display an error message echo "<center>The <b>Username</b> you supplied does not exist!</center>"; }else{ //if there was a match continue checking //select all rows where the username and password match the ones submitted by the user $res = mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."' AND `password` = '".$password."'"); $num = mysql_num_rows($res); //check if there was not a match if($num == 0){ //if not display error message echo "<center>The <b>Password</b> you supplied does not match the one for that username!</center>"; }else{ //if there was continue checking //split all fields fom the correct row into an associative array $row = mysql_fetch_assoc($res); //check to see if the user has not activated their account yet if($row['active'] != 1){ //if not display error message echo "<center>You have not yet <b>Activated</b> your account!</center>"; }else{ //if they have log them in //set the login session storing there id - we use this to see if they are logged in or not $_SESSION['uid'] = $row['id']; //show message echo "<center>You have successfully logged in!</center>"; //set the session username to call their name when logged in $_SESSION['user_name'] = $row['username']; echo $_SESSION['user_name']; //update the online field to 50 seconds into the future $time = date('U')+50; mysql_query("UPDATE `users` SET `online` = '".$time."' WHERE `id` = '".$_SESSION['uid']."'"); } } } } } ?> <form action="login.php" method="post"> <div id="border"> <?php include("menu.php"); ?> <table border="0" cellpadding="2" cellspacing="0"> <tbody><tr> <td>Username:</td> <td><input name="username" type="text"></td> </tr> <tr> <td>Password:</td> <td><input name="password" type="password"></td> </tr> <tr> <td colspan="2" align="center"><input name="submit" value="Login" type="submit"></td> </tr> <tr> <td colspan="2" align="center"><a href="register.php">Register</a> | <a href="forgot.php">Forgot Pass</a></td> </tr> </tbody></table> </div> </form> </body> </html>

Ahhhh I see. I put it at the top of the page and it worked. So I started to go through the motions with the few pages I have and upon logging in I want it to redirect to another page. But it keeps giving me an error saying I need to be logged in. So this is tricky, how do I manipulate the session token to allow the person to login and be redirected. I tried putting the session before the header() and vs versus. No luck....

Also if I turn on errors in the php.ini file will it show me anything in this type of situation?

How would I call it if its at the top of the page? I realize now that you cant have anything before the header(). Even with a quick google search I didnt find an explanation explaining the logic behind it being at the top and how to call it.

I read through the forum to check for possible similar situations. I also dont have a header error. The redirect works when put in a page that has nothing else in it. Ive checked for white space or I thought I did correctly, you may find I over looked something. I am pretty green with php, and have put some things together from some online php tutorials. Just trying to get a grasp and make what I would consider a simple app. Very open to criticism for my lack of knowledge. Would any one be willing to steer me in the right direction? I dont mind reading if you want me to work for it. I would like to get a good understanding of whats going on and not have someone *do the work for me if you know what I mean. Here is a page of code, I have a few that I want redirects on after form submissions. - <?php //allow sessions to be passed so we can see if the user is logged in session_start(); //connect to the database so we can check, edit, or insert data to our users table $con = mysql_connect('localhost', 'root', 'root') or die(mysql_error()); $db = mysql_select_db('tournaments', $con) or die(mysql_error()); //include out functions file giving us access to the protect() function made earlier include "./functions.php"; ?> <html> <head> <title>Login with Users Online Tutorial</title> <link rel="stylesheet" type="text/css" href="style.css" /> </head> <body> <?php //check if the login session does no exist if(!$_SESSION['uid']){ //if it doesn't display an error message echo "<center>You need to be logged in to log out!</center>"; }else{ //if it does continue checking //update to set this users online field to the current time mysql_query("UPDATE `users` SET `online` = '".date('U')."' WHERE `id` = '".$_SESSION['uid']."'"); //destroy all sessions canceling the login session session_destroy(); //display success message echo "<center>You have successfully logged out!</center>"; //redirect them to the usersonline page header('Location: login.php'); die (); } ?> </body> </html>