I have to Login twice to actully login

[iarp]

Hey,

 

For some reason, my script on http://moha.iarp.ca/login.php stopped working properly and asks me to login twice before getting actully logged in. Can anyone see anything wrong?

 

login.php

<?php # Script 13.8 - login.php
// This is the login page for the site.

// Set the page title and include the HTML header.
$page_title = 'Login';
$YAH_title = 'Login';

include('./includes/header.php');

if (isset($_POST['submitted'])) { // Check if the form has been submitted.

require_once ('./includes/mysql_connect.php'); // Connect to the database.

// Validate the email address.	
if (!empty($_POST['username'])) {
	$un = escape_data($_POST['username']);
} else {
	echo '<p><font color="red" size="+1">You forgot to enter your username!</font></p>';
	$un = FALSE;
}

// Validate the password.
if (!empty($_POST['pass'])) {
	$p = escape_data($_POST['pass']);
} else {
	$p = FALSE;
	echo '<p><font color="red" size="+1">You forgot to enter your password!</font></p>';
}

if ($un && $p) { // If everything's OK.

	// Query the database.
	$query = "SELECT user_id, username, first_name, userlevel, vote_allowed FROM " . DB_USERS . " WHERE (username='$un' AND password=SHA('$p')) AND active IS NULL";		
	$result = mysql_query ($query);

	if (@mysql_num_rows($result) == 1) { // A match was made.

		// Register the values & redirect.
		$row = mysql_fetch_array ($result, MYSQL_NUM); 
		mysql_free_result($result);
		mysql_close(); // Close the database connection.
		$_SESSION['user_id'] = $row[0];
		$_SESSION['first_name'] = $row[2];
		$_SESSION['userlevel'] = $row[3];
		$_SESSION['username'] = $row[1];
		$_SESSION['vote_allowed'] = $row[4];


		// Start defining the URL.
		$url = 'http://' . $_SERVER['HTTP_HOST'];
		// Check for a trailing slash.
		if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
			$url = substr ($url, 0, -1); // Chop off the slash.
		}
		// Add the page.
		$url .= '/admin/';

		ob_end_clean(); // Delete the buffer.
		header("Location: $url");
		exit(); // Quit the script.

	} else { // No match was made.
		echo '<p><font color="red" size="+1">Either the username and password entered do not match those on file or you have not yet activated your account.</font></p>'; 
	}

} else { // If everything wasn't OK.
	echo '<p><font color="red" size="+1">Please try again.</font></p>';		
}

mysql_close(); // Close the database connection.

} // End of SUBMIT conditional.
?>

<h1>Login</h1>
<form action="login.php" method="post" class="contact_login">

<p><label>Username:</label> <input type="text" name="username" size="20" maxlength="40" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?><?php if(isset($_GET['username'])) echo $_GET['username']; ?>" /></p>
<p><label>Password:</label> <input type="password" name="pass" size="20" maxlength="20" value="<?php if(isset($_GET['temppassword'])) echo $_GET['temppassword']; ?>" /></p>
<div align="center">
	<input type="submit" name="submit" value="Login" /><br />
	<small><a href="../forgot_password.php">Forgot Password</a> | <a href="../register.php">Register</a></small>
</div>
<input type="hidden" name="submitted" value="TRUE" />

</form>

<?php
include ('./includes/footer.php');
?>

 

header.php

<?php 
//start output buffering
ob_start();
//start a session
session_name('MOHA');
session_start();
require_once ('session.php');

require_once('/homepages/31/d204952132/htdocs/moha/includes/mysql_connect.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<meta name="Description" content="Unofficial Website for the MOHA" />
<meta name="Keywords" content="MOHA, Minor Oaks Hockey Association, Oakville, Hockey" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title><?php echo siteName(); ?> <?php echo $page_title; ?></title> <!-- ADDS AUTOMATIC PAGE TITLE TO THE TOP BAR OF BROWSERS WITH "MOHA - " FIRST -->

<!-- CSS PAGE -->
<link rel="stylesheet" type="text/css" href="/css/style.css" />
<link rel="stylesheet" type="text/css" href="/css/testmenu.css" />

<!--[if IE]>
<style type="text/css">
#nav ul {display:inline-block;}
#nav ul {display:inline;}
#nav ul li {float:left;}
#nav {text-align:center;}
</style>
<![endif]-->



<?php echo $header; ?>

<!-- JAVASCRIPT SHEETS DON'T EDIT THESE -->
<script type="text/javascript" src="/css/dropdowntabs.js"></script>
<script type="text/javascript" src="/css/chrome.js"></script>
<script type="text/javascript" src="/css/external.js"></script>
<script type="text/javascript" src="/css/popup.js"></script>

</head>

<body>
<a name="top"></a> <!-- ALLOWS A LINK AT THE BOTTOM OF PAGES TO LINK TO THE TOP OF THE PAGE QUICKLY. Used alot on the Code of Conduct page. -->

<div id="container">



<!-- MAIN HEADER -->
<div id="header">
	<h1>MINOR OAKS HOCKEY ASSOCIATION INC</h1>
	<h3>1026 SPEERS ROAD, UNIT 8-9, OAKVILLE, ON L6L 2X4 905-338-9220 FAX 905-338-9677 www.moha.on.ca</h3>
</div>

<!-- TOP NAVIGATION BAR -->
<div id="navigation">
	<?php 
		//include('menu.php'); 
		getMenu();
	?>
</div>

<!-- END TOP NAVIGATION BAR -->

 

mysql_connect.php

<?php #mysql_connect.php

DEFINE ('DB_USER', 'username');
DEFINE ('DB_PASS', 'password');
DEFINE ('DB_HOST', 'host');
DEFINE ('DB_NAME', 'name');

if ($dbc = mysql_connect(DB_HOST, DB_USER, DB_PASS)) {
if (!mysql_select_db(DB_NAME)) {
	trigger_error("Could not select the database!\n<br />MySQL Error: " . mysql_error());
	include ('footer.php');
	exit();
}
} else {
trigger_error("Could not connect to MySQL!\n<br />MySQL Error: " . mysql_error());
include('footer.php');
exit();
}

 

[DeanWhitehouse]

in login.php try having session start at the top.

 

and also add

error_reporting(E_ALL);

to the top of the page and check if there are any errors and add die statements to the querys