session:redirect

[a2zseeker]

Can anyone check to see what's wrong with the following code.  header never worked.  thank.

 

session_start();

//checks cookies to make sure they are logged in

if(isset($_COOKIE['ID_my_site']))

{

$username = $_COOKIE['ID_my_site'];

$pass = $_COOKIE['Key_my_site'];

$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());

while($info = mysql_fetch_array( $check ))

{

 

//if the cookie has the wrong password, they are taken to the login page

if ($pass != $info['password'])

{

header("Location: http://www.yahoo.com");

}

 

//otherwise they are shown the admin area

else

{

header("Location: member4org.html");

 

//echo "Admin Area<p>";

//echo "Your Content<p>";

//echo "<a href=logout.php>Logout</a>";

}

}

}

else

 

//if the cookie does not exist, they are taken to the login screen

{

header('Location: login.php');

}

?>

 

<h2>Search</h2>

<form action="testsearchcode.php" method="post">

<form name="search for" method="post" action="testsearchcode.php">

Search for: <input type="text" name="find" size="20" /> 

<input type="hidden" name="searching" value="yes" />

<input type="submit" name="search" value="search" />

</form>

 

[doni49]

My guess is that the following line is evaluating to TRUE.

if(isset($_COOKIE['ID_my_site']))

 

But the the query doesn't return anything.  In such a case, the header command at the end of the end of the script will not run because the if was true.  Then the other two header statements would not run either because because the while loop would fail.

[a2zseeker]

Thanks for your reply.  I am trying to create a member only page with session for passing sign in info.  How should I modify the script.  Also at the very end is html code, is it okay to be there?

[doni49]

Well you should start with getting the query to work--or make sure that it IS working.