[SOLVED] Need help with logic.

rnintulsa · August 1, 2008

Ok, I have been studying trying to learn where I go wrong here. I am new to programming and php.

Here is my latest coding for this login. I had to take out

the header which would have redirected the user to his page when successfully logged in.

My problem is:

How do I redirect after authentication without getting the header error message?

I have read akitchen's page on the subject, but don't know enough to get all the verbage.

I do understand the concept however.

My knowledge of php is very limited, and so please explain any suggestions.

<?php
error_reporting(E_ALL);
session_start( );

// if username and password are set and not empty then proceed with the rest of the process
if( isset( $_POST[ 'username' ] ) && isset( $_POST[ 'password' ] ) && $_POST[ 'username' ] != '' && $_POST[ 'password' ] != '' )
{		
$link = mysql_connect( 'host', 'username', 'password' );	

$db_selected = mysql_select_db('dbname', $link);

$username = mysql_real_escape_string($_POST['username'], $link);
$password = mysql_real_escape_string($_POST['password'], $link);

if (!$db_selected) 
{
	echo"Connection to the database failed. Please try again later." ;			
	exit;
}

//checks for username and password in db table.
$results = mysql_query("select * from users where username='" . $username . "' and password = '" . $password . "'" ,$link ) or die(mysql_error());
$num_rows = mysql_num_rows($results);

//greater than zero		
if( $num_rows  > 0 )
{
	$_SESSION['username'] = $username;  

}

}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>	
<title>KDesign</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<link type="text/css" rel="stylesheet" href="css/kdesign.css"/>
</head>
<body>	
<div id="container">

	<div id="header">
		<img src="images/logo_sm.gif">

		<div id="d_by_d">
			<p>
			Design by Design
			</p>
		</div>

		<p>
			ADDRESS<br><br>				
			PHONE <br><br>
			<a href="mailto:BLABLA?subject=KDesigns">[email protected]</a><br>
		</p>
	</div>

		<div id="top_nav">
			<a href="index.html">HOME</a>    <span class="rd_bld">|</span>    
			<a href="services.htm">SERVICES</a>    <span class="rd_bld">|</span>    
			<a href="portfolio.htm">PORTFOLIO</a>    <span class="rd_bld">|</span>    
			<a href="contact.htm">CONTACT</a>    <span class="rd_bld">|</span>    
			<a href="login.php"><span class="rd_bld">CLIENT ENTRANCE</span></a>
		</div>


				<div id="2col_left_nav">
					<img src="images/Clients/ImageClient.jpg" height="250" width="250"><br><br>
				</div>

					<div id="2col_content">
						<br><br>

								<?php

									include( 'sessions.php' );
									show_statement( );

									if (isset($_SESSION['username'])) 
									{ 
										echo '<br />';
										echo 'Logged in as '.$_SESSION['username'].'';		
										echo '<br /><a href="logout.php">Log out</a><br />';
									}
									else
									{
										echo 'Please login to view your company files.<br />';
									}
								?>
						</body>
						</html>


						<form action="login2.php" method="post">
							<p>
								Name:				
									<input type="text" name="username"/>
							</p>
							<p>
								Password:				
									<input type="password" name="password"/>
							</p>
							<p>
								<input type="submit" value="Log In"/>
							</p>


					</form>
					</div>


</div><!--end container div-->

		<div id="copyright">
			© 2008 KDesigns   All Rights Reserved.
		</div>

</body>
</html>

My sessions page:

<?php

function set_statement( $statement )
{
	$_SESSION[ 'show_statement' ] = $statement;
}

function show_statement( )
{
	if( isset( $_SESSION[ 'show_statement' ] ) && $_SESSION[ 'show_statement' ] != '' )
	{
		echo '<p id="statement">' . $_SESSION[ 'show_statement' ] . '</p>';

		unset( $_SESSION[ 'show_statement' ] );
	}
}
?>

DB table

create table users (
  id int not null auto_increment,
  username varchar( 50 ) not null,
  password varchar( 100 ) not null,
  authority varchar( 10 ) not null default 'user', 
  primary key(id)
)

Do you see what I mean? Is this logical?

Is it done simply?

I need this basic login to be sound so that I can then expand what it does.

Thank you for looking.

rnintulsa · August 1, 2008

Would this be better if I sent the form page to a page that runs the php login script?

I will work on that while I see if anyone replies.

Thanks.

lemmin · August 1, 2008

Check if they are logged in at the top of the page, not in the middle.

rnintulsa · August 1, 2008

My question may seem off because I really don't know, but to me it looks like I have checked that in both the top

and the middle. Am I correct? So you are saying remove the

if (isset

from the middle of the page?

Thank you.

JD* · August 1, 2008

Do the following:

echo "<script type=\"text/javascript\">window.location=\"wherewegoonsuccess\"</script>";

change the location and put it at the bottom of your success code.

rnintulsa · August 1, 2008

Where is the bottom of my success code?

Here?

if( $num_rows  > 0 )
{
	$_SESSION['username'] = $username;  
	PUT THE LINE HERE? (THIS IS WHERE I HAD THE HEADER)
}

Thanks JD* for your help.

lemmin · August 1, 2008

Your code is set up to display text on the current page insted of redirecting. If you don't want to show anything, and redirect the user instead, if he/she is not logged in, then just put the header here:

if( $num_rows  > 0 )
{
	$_SESSION['username'] = $username;  

}
else
	header("Location: login.php");

You don't need the check in the middle of the page after you do that.

EDIT:

If you had the header where you just said or where I suggested, there shouldn't be a problem. Make sure you don't have any whitespaces above your <?php tag.

rnintulsa · August 1, 2008

Thanks Lemmin. Acutally what I wanted was for it to redirect if they were logged in correctly.

Which makes the looping to the same page kind of silly.

So I have tried this, and it works. (so far)

Is this a better way?

Check it out.

First page is just a form with action to the php run_login.php page

run_login.php page:

<?php
error_reporting(E_ALL);
session_start( );

// if username and password are set and not empty then proceed with the rest of the process
if( isset( $_POST[ 'username' ] ) && isset( $_POST[ 'password' ] ) && $_POST[ 'username' ] != '' && $_POST[ 'password' ] != '' )
{		
//$link = mysql_connect( 'host', 'username', 'password' );

//$db_selected = mysql_select_db('dbname', $link);

$username = mysql_real_escape_string($_POST['username'], $link);
$password = mysql_real_escape_string($_POST['password'], $link);

if (!$db_selected) 
{
	echo"Connection to the database failed. Please try again later." ;			
	exit;
}

//checks for username and password in db table.
$results = mysql_query("select * from users where username='" . $username . "' and password = '" . $password . "'" ,$link ) or die(mysql_error());
$num_rows = mysql_num_rows($results);

//greater than zero		
if( $num_rows  > 0 )
{
	$_SESSION['username'] = $username;  
	//redirect
	header('Location:orion.php');  		
}

}
?>

This actually works and redirects. (Why does it work now? this way when it wouldn't when it was all on one page looping around?)

Sign In

[SOLVED] Need help with logic.

Recommended Posts

rnintulsa

Link to comment

Share on other sites

rnintulsa

Link to comment

Share on other sites

lemmin

Link to comment

Share on other sites

rnintulsa

Link to comment

Share on other sites

JD*

Link to comment

Share on other sites

rnintulsa

Link to comment

Share on other sites

lemmin

Link to comment

Share on other sites

rnintulsa

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information