Jump to content

Login form LooP??


r2ks

Recommended Posts

Ok i am a Total newbie at all this i have a Site working on i uploaded and here is what is going on the Login form i sign into it takes me to the page i want to go to. Here is the Kicker ( when i Close the Browser and Go back to the Site i should get the Login form it takes me directly to the Page no signing in at all ) i have tried everything..( Clear Cache in browser, delete cookies ) help !!!

 

<?php
if ($_SESSION["admin"] == 0)
   
Header("Location: sponser.php");
else 
{
  //redirect to Guest area 
  Header("Location: admin.php");
   }
?>
<?php
include ('conn.php');
session_start();

//$pass5= md5($password);

//TEST TO SEE IF THE ENCRYPTED PASSWORD MATCHES IN THE DB, WHICH IT DON'T!
//echo $password2;
if(isset($_GET['op']) and $_GET['op'] == 'login')

{
if (!$_POST["username"] || !$_POST["password"])
  {
  die("You need to provide a username and password. Please Hit the Back Button");
  }

// Create query
  $q = "SELECT * FROM `users` "
  ."WHERE `username`='".$_POST["username"]."' "
   ."AND `password`='".md5 ($_POST["password"])."' "
    ."LIMIT 1 ";

// Run query
$r = mysql_query($q);

if ( $obj = mysql_fetch_object($r) )
  {
  // Login good, create session variables
  $_SESSION["valid_id"] = $obj->id;
  $_SESSION["valid_user"] = $_POST["username"];
  $_SESSION["valid_time"] = time();
  $_SESSION["admin"] = $obj->admin; 
  



  // Redirect to member page


  }
else
  {
  // Login not successful
  die("Sorry, could not log you in. Wrong login information.<a href=\"index.php\">PLEASE Sign Back in</a>");
     
   }
   }
else
{
//If all went right the Web form appears and users can log in
echo "<form action=\"?op=login\" method=\"POST\">";
echo "Username: <input name=\"username\" size=\"15\"><br />";
echo "Password: <input type=\"password\" name=\"password\" size=\"15\"><br />";
echo "<input type=\"submit\" value=\"Login\">";
echo "</form>";
  
}

?>


Link to comment
Share on other sites

Ok I will Reply back to my self LOL

here is what i have done changed the website Directory by one letter and it worked i got the Login page again, Logged in and it did it again. it continues to bring me to the Page i can not move away from the Page i typed in the URL and index.php foward me right to the sponser.php page .

 

I have tried

session_unset();

session_destroy();

 

Nothing can anyone explain what is going on with this.

Link to comment
Share on other sites

This code, regardless of whether the SESSION admin is set or not redirects you.

 

<?php
if ($_SESSION["admin"] == 0)
   
Header("Location: sponser.php");
else 
{
  //redirect to Guest area 
  Header("Location: admin.php");
   }
?>

 

It checks if the SESSION 'admin' is 0, and if it is, go to sponser.php. However, the else says that no matter what the value of 'admin' is (even if it is not set), go to admin.php.

 

You need to check that all 4 sessions are set before even attempting a redirect.

Link to comment
Share on other sites

Thanks so Much it Make so much since here is what i did ???

if ($_SESSION["admin"] = 0)
{   
Header("Location: sponser.php");
}
else 
if ($_SESSION["admin"] = 1)
{
//redirect to Guest area 
Header("Location: admin.php");
exit();
}

if i click on logout on the sponser.php page it Just Loops me Back to the Sponser.php page it should bring me back to index.php

 

if i remove this info it works ???   

 

Link to comment
Share on other sites

if ($_SESSION["admin"] == 0)
{   
Header("Location: sponser.php");
}
else
if ($_SESSION["admin"] == 1)
{
//redirect to Guest area
Header("Location: admin.php");
exit();

I did place error checking on

ini_set ("display_errors", "1");

error_reporting(E_ALL);

and i get this

Notice: Undefined variable: _SESSION in /home/realityt/public_html/eventtracker/index.php on line 4

 

Warning: Cannot modify header information - headers already sent by (output started at /home/realityt/public_html/eventtracker/index.php:4) in /home/realityt/public_html/eventtracker/index.php on line 6

 

Link to comment
Share on other sites

<?php
if ($_SESSION["admin"] == 0)
{   
Header("Location: sponser.php");
}
else
if ($_SESSION["admin"] == 1)
{
//redirect to Guest area
Header("Location: admin.php");
exit();

?>

 

This is the Problem where in the Code is the Problem anyone it just keeps looping me back to the sponser.php page  ???

Link to comment
Share on other sites

Oh my bad. If I remember correctly, you need to start sessions at the start of any session related code.

 

<?php

session_start();

if ($_SESSION["admin"] == 0) {   
header("Location: sponser.php");
} else if ($_SESSION["admin"] == 1) {
// Redirect to Guest area
header("Location: admin.php");
exit();
}

?>

Link to comment
Share on other sites

Here is my whole login.php Page and it still is not working all it does is bring me to Sponsor.php Totally bypasses the Login screen.. ??? if i Remove the First PHP code login screen Comes up. ANY ONE Please HELP I am so lost with This  ???

 

<?php
session_start();

if ($_SESSION["admin"] == 0) {   
header("Location: sponser.php");
} else if ($_SESSION["admin"] == 1) {
// Redirect to Guest area
header("Location: admin.php");
exit();
}

?>

<?php
ini_set ("display_errors", "1");
error_reporting(E_ALL);
?>



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Pledge Site</title>
<link rel="stylesheet" type="text/css" href="fw-2-1-col/main.css" />
<style type="text/css">
<!--
.style1 {font-size: 24px}
.style2 {
font: bold 18px;
color: #000000;
font-size: medium;
}
.style3 {
font-size: 36px;
font-family: Galliard, Lorrenne;
}
-->
</style>
</head>

<body>

   <!-- Begin Wrapper -->
<div id="wrapper">
   
         <!-- Begin Header -->
<div class="style1" id="header">

	       Welcome to Event Tracker  Web Site </div>
<!-- End Header -->

	 <!-- Begin Content -->
	 <div id="content">
	   <div id="Content1">
	     <p class="style2">Hello and Welcome to the Event Tracker web site this site is used for tracking Participants and Sponsors of Events that your Organization my put on. Please Login below if you do not have a Login ID Please call the Event organizer and get your login info.</p>
	     <p> </p>
	     <p> </p>
	   </div>
	   <div id="content2">
	     <div id="lock"><img src="images/lock.jpg" alt="" width="78" height="74" id="lock2" /><span class="style3">Login </span></div>
<p align="left"> </p>
<?php
include ('conn.php');




//$pass5= md5($password);
//TEST TO SEE IF THE ENCRYPTED PASSWORD MATCHES IN THE DB, WHICH IT DON'T!
//echo $password2;
if(isset($_GET['op']) and $_GET['op'] == 'login')
{
if (!$_POST["username"] || !$_POST["password"])
  {
  die("You need to provide a username and password. Please Hit the Back Button");
  }
// Create query
  $q = "SELECT * FROM `users` "
  ."WHERE `username`='".$_POST["username"]."' "
   ."AND `password`='".md5 ($_POST["password"])."' "
    ."LIMIT 1 ";
// Run query
$r = mysql_query($q);
if ( $obj = mysql_fetch_row($r) )
  {
  // Login good, create session variables
$_SESSION["valid_id"] = $obj->id;
  $_SESSION["valid_user"] = $_POST["username"];
  $_SESSION["valid_time"] = time();
  $_SESSION["admin"] = $obj->admin; 
  // Redirect to member page


  }
else
  {
  // Login not successful
  die("Sorry, could not log you in. Wrong login information.<a href=\"index.php\">PLEASE Sign Back in</a>");
   }
   }
else
{
//If all went right the Web form appears and users can log in
echo "<form action=\"?op=login\" method=\"POST\">";
echo "Username: <input name=\"username\" size=\"15\"><br />";
echo "Password: <input type=\"password\" name=\"password\" size=\"15\"><br />";
echo "<input type=\"submit\" value=\"Login\">";
echo "</form>";
}

?>
<p align="left"> </p>
	     <p align="left"><br />
	     </p>
	   </div>
	 </div>
<!-- End Content -->

	 <!-- Begin Footer -->
	 <div class="style2" id="footer"></div>
 <!-- End Footer -->

</div>
<!-- End Wrapper -->

</body>

Link to comment
Share on other sites

echo $_SESSION['admin'] just before the if/else if to make sure that it's the value you're expecting.

<?php
session_start();
echo $_SESSION['admin'];die(); // this is so it quits here and doesn't redirect you before you have a chance to see what the value is. 
if ($_SESSION["admin"] == 0) {   
header("Location: sponser.php");
} else if ($_SESSION["admin"] == 1) {
// Redirect to Guest area
header("Location: admin.php");
exit();
}

?>

<?php
ini_set ("display_errors", "1");
error_reporting(E_ALL);
?>

Link to comment
Share on other sites

Thank you so MUCH for helping me with this i have spent all day trying to figure this out.

 

Here are the Results

Array ( [valid_id] => [valid_user] => 2222 [valid_time] => 1244746613 [admin] => ) 

 

Could you be so Kind to Look at my login script and Rip it apart for Me

Any one Please

 

<?php
session_start();
print_r ($_SESSION);die(); // this is so it quits here and doesn't redirect you before you have a chance to see what the value is. 
if ($_SESSION["admin"] == 0) {   
header("Location: sponser.php");
} else if ($_SESSION["admin"] == 1) {
// Redirect to Guest area
header("Location: admin.php");
exit();
}

?>

<?php
ini_set ("display_errors", "1");
error_reporting(E_ALL);
?>
?>



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Pledge Site</title>
<link rel="stylesheet" type="text/css" href="fw-2-1-col/main.css" />
<style type="text/css">
<!--
.style1 {font-size: 24px}
.style2 {
font: bold 18px;
color: #000000;
font-size: medium;
}
.style3 {
font-size: 36px;
font-family: Galliard, Lorrenne;
}
-->
</style>
</head>

<body>

   <!-- Begin Wrapper -->
<div id="wrapper">
   
         <!-- Begin Header -->
<div class="style1" id="header">

	       Welcome to Event Tracker  Web Site </div>
<!-- End Header -->

	 <!-- Begin Content -->
	 <div id="content">
	   <div id="Content1">
	     <p class="style2">Hello and Welcome to the Event Tracker web site this site is used for tracking Participants and Sponsors of Events that your Organization my put on. Please Login below if you do not have a Login ID Please call the Event organizer and get your login info.</p>
	     <p> </p>
	     <p> </p>
	   </div>
	   <div id="content2">
	     <div id="lock"><img src="images/lock.jpg" alt="" width="78" height="74" id="lock2" /><span class="style3">Login </span></div>
<p align="left"> </p>
<?php
include ('conn.php');
//include ('function.php');
//$pass5= md5($password);
//TEST TO SEE IF THE ENCRYPTED PASSWORD MATCHES IN THE DB, WHICH IT DON'T!
//echo $password2;
if(isset($_GET['op']) and $_GET['op'] == 'login')
{
if (!$_POST["username"] || !$_POST["password"])
  {
  die("You need to provide a username and password. Please Hit the Back Button");
  }
// Create query
  $q = "SELECT * FROM `users` "
  ."WHERE `username`='".$_POST["username"]."' "
   ."AND `password`='".md5 ($_POST["password"])."' "
    ."LIMIT 1 ";
// Run query
$r = mysql_query($q);
if ( $obj = mysql_fetch_row($r) )
  {
  // Login good, create session variables
$_SESSION["valid_id"] = $obj->id;
  $_SESSION["valid_user"] = $_POST["username"];
  $_SESSION["valid_time"] = time();
  $_SESSION["admin"] = $obj->admin; 
  // Redirect to member page

  }
else
  {
  // Login not successful
  die("Sorry, could not log you in. Wrong login information.<a href=\"index.php\">PLEASE Sign Back in</a>");
   }
   }
else
{
//If all went right the Web form appears and users can log in
echo "<form action=\"?op=login\" method=\"POST\">";
echo "Username: <input name=\"username\" size=\"15\"><br />";
echo "Password: <input type=\"password\" name=\"password\" size=\"15\"><br />";
echo "<input type=\"submit\" value=\"Login\">";
echo "</form>";
}

?>
<p align="left"> </p>
	     <p align="left"><br />
	     </p>
	   </div>
	 </div>
<!-- End Content -->

	 <!-- Begin Footer -->
	 <div class="style2" id="footer"></div>
 <!-- End Footer -->

</div>
<!-- End Wrapper -->

</body>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.