dennismonsewicz Posted February 2, 2009 Share Posted February 2, 2009 Here is my login script: <?php include "includes/header.php"; include "includes/logincheck.php"; if(!empty($_POST['username']) && !empty($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $checklogin = mysql_query("SELECT * FROM users WHERE Username = '".$username."' AND Password = '".$password."'"); if(mysql_num_rows($checklogin) == 1) { $row = mysql_fetch_object($checklogin); $_SESSION['Username'] = $username; $_SESSION['EmailAddress'] = $email; $_SESSION['LoggedIn'] = 1; include "includes/logincheck.php"; } } else { echo '<div class="in forms">'; echo '<form name="login" method="post" action="login.php">'; echo '<p><strong>Username</strong><br />'; echo '<input type="text" name="username" class="box" /></p>'; echo '<p><strong>Password</strong><br />'; echo '<input type="password" name="password" class="box" /></p>'; echo '<p><input name="submit" type="submit" id="submit" tabindex="5" class="com_btn" value="LOGIN" /></p>'; echo '</form>'; echo '</div>'; } include "includes/footer.php"; ?> The header.php has the following code: if(empty($_SESSION['LoggedIn'])) { header("location: login.php"); } else { header("location: index.php"); } I am receiving the redirect loop error in firefox... i reckon i am not seeing why this is happening... any ideas? Quote Link to comment Share on other sites More sharing options...
trq Posted February 2, 2009 Share Posted February 2, 2009 I am receiving the redirect loop error in firefox... Sorry? The error is what exactly? Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted February 2, 2009 Share Posted February 2, 2009 You're redirecting to the login script, which is redirecting to the login script, which is redirecting to the login script, which is... <?php if(!empty($_SESSION['LoggedIn'])) { header("location: index.php"); die(); // Optional, but saves you a little bandwidth. } Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted February 2, 2009 Author Share Posted February 2, 2009 ok your code works but how do you get login.php to show up? Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted February 2, 2009 Share Posted February 2, 2009 What was the file name of the script you just showed us? login.php I assumed. Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted February 2, 2009 Author Share Posted February 2, 2009 yes the bigger block of code was login.php Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted February 2, 2009 Share Posted February 2, 2009 Then login.php should show up... What happens when you visit login.php? Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted February 2, 2009 Author Share Posted February 2, 2009 I get the login form... the included header on the login form is the same header that is being used throughout the site... Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted February 2, 2009 Share Posted February 2, 2009 Well you can't use the same one on login.php that you use throughout the site or you get a permanent redirection loop. I suppose you could do something like check which file is currently being visited (see: $_SERVER['PHP_SELF']) and make sure it's not login.php before redirecting. Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted February 2, 2009 Author Share Posted February 2, 2009 ok i know i have done these before... It was a really long weekend for me.. updated code: login.php <?php include "includes/loginheader.php"; include "includes/logincheck.php"; if(!empty($_POST['username']) && !empty($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $checklogin = mysql_query("SELECT * FROM users WHERE username = '".$username."' AND password = '".$password."'")or die(mysql_error()); if(mysql_num_rows($checklogin) == 1) { $row = mysql_fetch_object($checklogin); $_SESSION['username'] = $username; $_SESSION['loggedin'] = 1; } } else { echo '<div class="in forms">'; echo '<form name="login" method="post" action="login.php">'; echo '<p><strong>Username</strong><br />'; echo '<input type="text" name="username" class="box" /></p>'; echo '<p><strong>Password</strong><br />'; echo '<input type="password" name="password" class="box" /></p>'; echo '<p><input name="submit" type="submit" id="submit" tabindex="5" class="com_btn" value="LOGIN" /></p>'; echo '</form>'; echo '</div>'; } include "includes/footer.php"; ?> loginheader.php <?php session_start(); ob_start(); include "includes/sql.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>DennisMonsewicz.com Admin</title> <link rel="stylesheet" type="text/css" href="main.css" /> <script type="text/javascript" src="includes/js/tinymce/tiny_mce.js"></script> <script type="text/javascript"> tinyMCE.init({ // General options mode : "textareas", theme : "advanced", plugins : "safari,spellchecker,pagebreak,style,layer,save,advhr,advimage,advlink,emotions,iespell,inlinepopups,insertdatetime,preview,media,searchreplace,print,contextmenu,paste,directionality,fullscreen,noneditable,visualchars,nonbreaking,xhtmlxtras,template,imagemanager,filemanager", // Theme options theme_advanced_buttons1 : "bold,italic,underline,justifyleft,justifycenter,justifyright,justifyfull, bullist,numlist,outdent,indent,blockquote,link,unlink,cleanup,help,code", theme_advanced_buttons2 : "", theme_advanced_buttons3: "", theme_advanced_toolbar_location : "top", theme_advanced_toolbar_align : "left", theme_advanced_statusbar_location : "bottom", theme_advanced_resizing : true, }); </script> </head> <body> <div class="wrapper"> <h1 class="logo">DennisMonsewicz.com Admin</h1> <p class="txt_right">Logged in as <strong><?php echo $_SESSION['username']; ?> </strong> <span class="v_line"> | </span> <a href="#"> Logout</a></p> <!-- Navigation --> <div class="navigation"> <ul> <li><a href="index.php?action=write" <?php if($action == 'write') { ?> class="active" <?php } elseif($action == "create") { ?> class="active" <?php } ?>>WRITE</a></li> <li><a href="index.php?action=manage" <?php if($action == 'manage') { ?> class="active" <?php } ?>>MANAGE</a></li> <li><a href="index.php?action=settings" <?php if($action == 'settings') { ?> class="active" <?php } ?>>SETTINGS</a></li> </ul> </div> <div class="clear"></div> <div class="content"> header.php <?php session_start(); ob_start(); if(!empty($_SESSION['loggedin'])) { header("location: index.php"); } $action = $_GET['action']; include "includes/sql.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>DennisMonsewicz.com Admin</title> <link rel="stylesheet" type="text/css" href="main.css" /> <script type="text/javascript" src="includes/js/tinymce/tiny_mce.js"></script> <script type="text/javascript"> tinyMCE.init({ // General options mode : "textareas", theme : "advanced", plugins : "safari,spellchecker,pagebreak,style,layer,save,advhr,advimage,advlink,emotions,iespell,inlinepopups,insertdatetime,preview,media,searchreplace,print,contextmenu,paste,directionality,fullscreen,noneditable,visualchars,nonbreaking,xhtmlxtras,template,imagemanager,filemanager", // Theme options theme_advanced_buttons1 : "bold,italic,underline,justifyleft,justifycenter,justifyright,justifyfull, bullist,numlist,outdent,indent,blockquote,link,unlink,cleanup,help,code", theme_advanced_buttons2 : "", theme_advanced_buttons3: "", theme_advanced_toolbar_location : "top", theme_advanced_toolbar_align : "left", theme_advanced_statusbar_location : "bottom", theme_advanced_resizing : true, }); </script> </head> <body> <div class="wrapper"> <h1 class="logo">DennisMonsewicz.com Admin</h1> <p class="txt_right">Logged in as <strong><?php echo $_SESSION['username']; ?> </strong> <span class="v_line"> | </span> <a href="#"> Logout</a></p> <!-- Navigation --> <div class="navigation"> <ul> <li><a href="index.php?action=write" <?php if($action == 'write') { ?> class="active" <?php } elseif($action == "create") { ?> class="active" <?php } ?>>WRITE</a></li> <li><a href="index.php?action=manage" <?php if($action == 'manage') { ?> class="active" <?php } ?>>MANAGE</a></li> <li><a href="index.php?action=settings" <?php if($action == 'settings') { ?> class="active" <?php } ?>>SETTINGS</a></li> </ul> </div> <div class="clear"></div> <div class="content"> I am getting the redirect loop problem when i login Quote Link to comment Share on other sites More sharing options...
uniflare Posted February 2, 2009 Share Posted February 2, 2009 logincheck.php? Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted February 2, 2009 Author Share Posted February 2, 2009 that isn't a "check" its just a div tag...the naming scheme for that individual page is bad on my part. not important to the script Quote Link to comment Share on other sites More sharing options...
uniflare Posted February 2, 2009 Share Posted February 2, 2009 That code looks fine now, make sure you clear your cache etc. by following login.php code start->finish there is no "header" fuction being used at all so it if you really are visiting login.php then magical things are happening - the only explanation being the stored web cache. Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted February 2, 2009 Author Share Posted February 2, 2009 ok i have adjusted the code a little... everything is on one page <?php require_once "includes/header.php"; ?> <?php if(!empty($_SESSION)) { if(!empty($_POST['username']) && !empty($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $checklogin = mysql_query("SELECT * FROM users WHERE username = '".$username."' AND password = '".$password."'")or die(mysql_error()); if(mysql_num_rows($checklogin) == 1) { $row = mysql_fetch_object($checklogin); $_SESSION['username'] = $username; $_SESSION['loggedin'] = 1; switch($action) { case "write": echo '<div class="in forms">'; echo '<form id="form1" name="form1" method="post" action="index.php?action=create">'; echo '<p><strong>TITLE</strong><br />'; echo '<input type="text" name="title" class="box" /></p>'; echo '<p><strong>STORY</strong><br />'; echo '<textarea name="story" rows="5" cols="30" ></textarea></p> '; echo '<p><input name="submit" type="submit" id="submit" tabindex="5" class="com_btn" value="UPDATE" /></p>'; echo '</form>'; echo '</div>'; break; case "create": echo '<div class="in">'; echo '<p>This is a test</p>'; echo '</div>'; break; default: echo '<div class="in">'; echo '<p>This is a test</p>'; echo '</div>'; break; } } } else { echo '<div class="in forms">'; echo '<form name="login" method="post" action="login.php">'; echo '<p><strong>Username</strong><br />'; echo '<input type="text" name="username" class="box" /></p>'; echo '<p><strong>Password</strong><br />'; echo '<input type="password" name="password" class="box" /></p>'; echo '<p><input name="submit" type="submit" id="submit" tabindex="5" class="com_btn" value="LOGIN" /></p>'; echo '</form>'; echo '</div>'; } } ?> <?php require_once "includes/footer.php"; ?> But when you click on one of the navigational items it displays the login form Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted February 2, 2009 Author Share Posted February 2, 2009 adjusted code a little bit more <?php require_once "includes/header.php"; ?> <?php if(!empty($_SESSION['loggedin'])) { if(!empty($_POST['username']) && !empty($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $checklogin = mysql_query("SELECT * FROM users WHERE username = '".$username."' AND password = '".$password."'")or die(mysql_error()); if(mysql_num_rows($checklogin) == 1) { $row = mysql_fetch_object($checklogin); $_SESSION['username'] = $username; $_SESSION['loggedin'] = 1; } require "switch.php"; } } else { echo '<div class="in forms">'; echo '<form name="login" method="post" action="login.php">'; echo '<p><strong>Username</strong><br />'; echo '<input type="text" name="username" class="box" /></p>'; echo '<p><strong>Password</strong><br />'; echo '<input type="password" name="password" class="box" /></p>'; echo '<p><input name="submit" type="submit" id="submit" tabindex="5" class="com_btn" value="LOGIN" /></p>'; echo '</form>'; echo '</div>'; } ?> <?php require_once "includes/footer.php"; ?> Now when you click on a navigational item you only see the header and footer but no middle content... no "action" switch.php <?php switch($action) { case "write": echo '<div class="in forms">'; echo '<form id="form1" name="form1" method="post" action="index.php?action=create">'; echo '<p><strong>TITLE</strong><br />'; echo '<input type="text" name="title" class="box" /></p>'; echo '<p><strong>STORY</strong><br />'; echo '<textarea name="story" rows="5" cols="30" ></textarea></p> '; echo '<p><input name="submit" type="submit" id="submit" tabindex="5" class="com_btn" value="UPDATE" /></p>'; echo '</form>'; echo '</div>'; break; case "create": echo '<div class="in">'; echo '<p>This is a test</p>'; echo '</div>'; break; default: echo '<div class="in">'; echo '<p>This is a test</p>'; echo '</div>'; break; } ?> Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted February 2, 2009 Author Share Posted February 2, 2009 i think i almost have it all figured out but when you click on the logout button you receive the following: Warning: Cannot modify header information - headers logout.php <?php session_start(); session_unset(); session_destroy(); ob_end_flush(); header("location: index.php"); ?> Quote Link to comment Share on other sites More sharing options...
uniflare Posted February 2, 2009 Share Posted February 2, 2009 Headers already sent; means the server has "Connected" with the client and the browser is now awaiting html/page code. ob_end_flush(); // i believe this is your culprit: http://uk2.php.net/ob_end_flush This function will send the contents of the topmost output buffer (if any) and turn this output buffer off. If you want to further process the buffer's contents you have to call ob_get_contents() before ob_end_flush() as the buffer contents are discarded after ob_end_flush() is called. So this function literally sends all the "captured" data to the browser. Any headers or functions that require headers (ie, cookies), MUST be called before any output (which is why you are using Output Buffering.) Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted February 3, 2009 Author Share Posted February 3, 2009 well i got it working like this <?php session_start(); session_unset(); session_destroy(); ob_end_flush(); echo '<META http-equiv="refresh" content="0;URL=index.php">'; ?> but now when you click on a navigational item you get the login form index.php <?php require_once "includes/header.php"; ?> <?php if($_POST) { if(!empty($_POST['username']) && !empty($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $checklogin = mysql_query("SELECT * FROM users WHERE username = '$username' AND password = '$password'")or die(mysql_error()); if(mysql_num_rows($checklogin) == 1) { $row = mysql_fetch_object($checklogin); $_SESSION['username'] = $username; $_SESSION['loggedin'] = 1; } require "switch.php"; } } else { echo '<div class="in forms">'; echo '<form name="login" method="post" action="index.php">'; echo '<p><strong>Username</strong><br />'; echo '<input type="text" name="username" class="box" /></p>'; echo '<p><strong>Password</strong><br />'; echo '<input type="password" name="password" class="box" /></p>'; echo '<p><input name="submit" type="submit" id="submit" tabindex="5" class="com_btn" value="LOGIN" /></p>'; echo '</form>'; echo '</div>'; } ?> <?php require_once "includes/footer.php"; ?> Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted February 3, 2009 Author Share Posted February 3, 2009 i think i have figured it all out fixed code: <?php require_once "includes/header.php"; ?> <?php if(!empty($_POST['username']) && !empty($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $checklogin = mysql_query("SELECT * FROM users WHERE username = '$username' AND password = '$password'")or die(mysql_error()); if(mysql_num_rows($checklogin) == 1) { $row = mysql_fetch_object($checklogin); $_SESSION['username'] = $username; $_SESSION['loggedin'] = 1; } } if(!empty($_SESSION['username'])) { require_once "switch.php"; } else { echo '<div class="in forms">'; echo '<form name="login" method="post" action="index.php">'; echo '<p><strong>Username</strong><br />'; echo '<input type="text" name="username" class="box" /></p>'; echo '<p><strong>Password</strong><br />'; echo '<input type="password" name="password" class="box" /></p>'; echo '<p><input name="submit" type="submit" id="submit" tabindex="5" class="com_btn" value="LOGIN" /></p>'; echo '</form>'; echo '</div>'; } ?> <?php require_once "includes/footer.php"; ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.