Jump to content


Photo

How to redirect after authentication ??


  • Please log in to reply
18 replies to this topic

#1 ashucool83

ashucool83
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 05 August 2006 - 07:25 PM

<html>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="shortcut icon" href="" />
</head>

<body>
<table width="100%" border="0">
  <tr>
    <td><div align="left"><img src="images/myDesiBook_new_2.jpg" width="481" height="100"></div></td>
  </tr>
</table>

<table  width="100%" border="1">  
    <td width="50%">
	</td>	
    <td width="50%">
	<form action="authenticate.php" method="post" name="login" id="login">
        <p align="left"><em><strong>Please login using your account</strong></em></p>
        <p>Username: 
          <input type="text" name="username">
          <br>
          Password: 
          <input type="password" name="password">
          <br>
          <input type="submit" value="Login">
          <br>
          If new user please <a href="register.php">Register</a>. </p>
        <p>&nbsp;</p>
        <p>&nbsp;</p>
        <p>&nbsp;</p>
        <p>&nbsp;</p>
        <p>&nbsp; </p>
      </form>	
    </td>
</table>

</body>
</html>



<html>
<head>
<title>Library | Login </title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
      
<?php 				
		$db = mysql_connect("localhost", "root", "apurva");
		
	
		if (!$db) 
		{
		   die('Could not connect: ' . mysql_error());
		}
		else
		{
			//echo 'Connected successfully';
		}
		mysql_select_db("sharelib",$db);
        $varUser = $_POST["username"];		
		$varPass = $_POST["password"];		
		$result = mysql_query("SELECT * FROM user_table where email = '".$varUser."' 
		                       and password =PASSWORD('".$varPass."')",$db);

		if($result)
		{					
			
			if($myrow = mysql_fetch_row($result)) 
			{
				 print "Authenticated Successfully";				 				
 				 //$URL="http://localhost/MyLibrary/home.php";
				 //header ('Location: $URL');
				 //header ('Location: http://localhost/MyLibrary/home.php');
			}
			else
			{
				// print "you dont exist";
				 //Trying to redirect to Login Page
				 print "Authentication Failure";				 
				 $URL="http://localhost/MyLibrary/login.php";
 				 header ("Location: $URL");
				 exit;
			}
		}
		else
		{
			print "Oooops DB Syntax Problem!!!";
		}
		
		mysql_close($db);		
		?>

</body>
</html>

In the above code, I am trying to authenticate the user from the userTable inside a mySQL DB. I sucessfully able to authenticate the user, but it does not redirect to the desired page after authenticating the user.  For Wrong Password --> "Login.php" Correct Password --> "Home.php"

Please help me.

#2 ronverdonk

ronverdonk
  • Members
  • PipPipPip
  • Advanced Member
  • 277 posts
  • LocationNetherlands

Posted 05 August 2006 - 07:44 PM

Does it print the Authenticated Successfully message? If not, how do you know that authentication is succcesful? If so you won't redirect because your header statement is commented out and when you uncomment it, you won't  be redirected because headers have already been sent via the print.

RTFM is an almost extinct art form, it should be subsidized.

#3 ashucool83

ashucool83
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 05 August 2006 - 07:47 PM

Yeah, it does print those messages.  I ahve also tried commenting the print statements and just have the headers, it still does not redirect. I just see a blank page instead. :(

#4 ronverdonk

ronverdonk
  • Members
  • PipPipPip
  • Advanced Member
  • 277 posts
  • LocationNetherlands

Posted 05 August 2006 - 07:53 PM

The $url in the header vstatement is within single quotes. That doesn't work. If you want to do it like this the header statement must be within double quotes or the url must be concatenated. Like this:
header ("Location: $URL");
or
header ('Location: '. $URL);

RTFM is an almost extinct art form, it should be subsidized.

#5 ashucool83

ashucool83
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 05 August 2006 - 08:00 PM

I tried this before, as well again after you mentioned it. Still doesnt work  :(
I read some place that HEADER should be the first thing .... but as I am a newbie, didn't quite understand how to do that before performing the authentication logic ???

#6 ronverdonk

ronverdonk
  • Members
  • PipPipPip
  • Advanced Member
  • 277 posts
  • LocationNetherlands

Posted 05 August 2006 - 08:05 PM

It is almost certainly because of the HTML stuff before your PHP code (the META stuff and so on). Take that out. If that doesnot work you better show your code as it is now(!) and not working.

RTFM is an almost extinct art form, it should be subsidized.

#7 ashucool83

ashucool83
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 05 August 2006 - 08:06 PM

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="shortcut icon" href="" />
</head>

<body>
<table width="100%" border="0">
  <tr>
    <td><div align="left"><img src="images/myDesiBook_new_2.jpg" width="481" height="100"></div></td>
  </tr>
</table>

<table  width="100%" border="1">  
    <td width="50%">
	</td>	
    <td width="50%">
	<form action="authenticate.php" method="post" name="login" id="login">
        <p align="left"><em><strong>Please login using your account</strong></em></p>
        <p>Username: 
          <input type="text" name="username">
          <br>
          Password: 
          <input type="password" name="password">
          <br>
          <input type="submit" value="Login">
          <br>
          If new user please <a href="register.php">Register</a>. </p>
        <p>&nbsp;</p>
        <p>&nbsp;</p>
        <p>&nbsp;</p>
        <p>&nbsp;</p>
        <p>&nbsp; </p>
      </form>	
    </td>
</table>

</body>
</html>


    
<?php 	

		$db = mysql_connect("localhost", "root", "apurva");

		if (!$db) 
		{
		   die('Could not connect: ' . mysql_error());
		}
		else
		{
			//echo 'Connected successfully';
		}
		mysql_select_db("sharelib",$db);
        $varUser = $_POST["username"];		
		$varPass = $_POST["password"];		
		$result = mysql_query("SELECT * FROM user_table where email = '".$varUser."' 
		                       and password =PASSWORD('".$varPass."')",$db);

		if($result)
		{					
			
			if($myrow = mysql_fetch_row($result)) 
			{
				 //print "Authenticated Successfully";				 				
 				 $URL="http://localhost/MyLibrary/home.php";
				 //header ('Location: $URL');
				 //header ('Location: http://localhost/MyLibrary/home.php');
				 header ("Location: $URL");
			}
			else
			{
				// print "you dont exist";
				 //Trying to redirect to Login Page
				 //print "Authentication Failure";				 
				 $URL="http://localhost/MyLibrary/login.php";
 				 //header ("Location: $URL");
				 //header ('Location: http://localhost/MyLibrary/login.php');
				 header ("Location: $URL");
				 exit;
			}
		}
		else
		{
			print "Oooops DB Syntax Problem!!!";
		}
		
		mysql_close($db);		
		?>



#8 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 05 August 2006 - 08:11 PM

<?php

header("location: folder/script.php"); // if a folder is one up to script

or

header("location: script.php"); // if script is already in folder

?>

Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#9 ronverdonk

ronverdonk
  • Members
  • PipPipPip
  • Advanced Member
  • 277 posts
  • LocationNetherlands

Posted 05 August 2006 - 08:13 PM

I am sorry for you, but it works on my system. All 3 cases work: successful, not successful and db error.
RTFM is an almost extinct art form, it should be subsidized.

#10 ashucool83

ashucool83
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 05 August 2006 - 08:16 PM

You mean the EXACT same code works in your system ??? ??? Does it redirect to those pages -- home.php if succesful or login.php if failed ?

Code1: Login.php
Code2: Authenticate.php

Based on Code2 it is supposed to redirect to login.php or home.php.

#11 ronverdonk

ronverdonk
  • Members
  • PipPipPip
  • Advanced Member
  • 277 posts
  • LocationNetherlands

Posted 05 August 2006 - 08:22 PM

Yes, I'll post the code exactly as I used it. I onlu changed the db parms and userid/password and I did not use the PASSWORD attrib for the select.
<?php 	

		$db = mysql_connect("localhost", "ronverdonk", "ronnie09");

		if (!$db) 
		{
		   die('Could not connect: ' . mysql_error());
		}
		else
		{
			//echo 'Connected successfully';
		}
		mysql_select_db("vwso",$db);
        $varUser = "ronverdonk";
        $varPass = "ronnie09";
		$result = mysql_query("SELECT * FROM authorized_users where userid = '".$varUser."'
		               and passwd='".$varPass."'");
		                      

		if($result)
		{					
			
			if($myrow = mysql_fetch_row($result)) 
			{
				 //print "Authenticated Successfully";				 				
 				 $URL="http://localhost/MyLibrary/home.php";
				 //header ('Location: $URL');
				 //header ('Location: http://localhost/MyLibrary/home.php');
				 header ("Location: $URL");
			}
			else
			{
				// print "you dont exist";
				 //Trying to redirect to Login Page
				 //print "Authentication Failure";				 
				 $URL="http://localhost/MyLibrary/login.php";
 				 //header ("Location: $URL");
				 //header ('Location: http://localhost/MyLibrary/login.php');
				 header ("Location: $URL");
				 exit;
			}
		}
		else
		{
			print "Oooops DB Syntax Problem!!!";
		}
		
		mysql_close($db);		
		?>

RTFM is an almost extinct art form, it should be subsidized.

#12 ashucool83

ashucool83
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 05 August 2006 - 08:29 PM

hahah ... I copied your code and editted back to what I needed. Works like a baby!!! I still have no clue  ???

#13 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 05 August 2006 - 08:32 PM

your database is this as posted from the first post have you seleted it sharelib
Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#14 ronverdonk

ronverdonk
  • Members
  • PipPipPip
  • Advanced Member
  • 277 posts
  • LocationNetherlands

Posted 05 August 2006 - 08:33 PM

You can see what I took out. Did you still use the PASSWORD(pw) in the select statement?

RTFM is an almost extinct art form, it should be subsidized.

#15 ashucool83

ashucool83
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 05 August 2006 - 08:35 PM

<?php 	

		$db = mysql_connect("localhost", "root", "apurva");		

		if (!$db) 
		{
		   die('Could not connect: ' . mysql_error());
		}
		else
		{
			//echo 'Connected successfully';
		}

		mysql_select_db("sharelib",$db);
        $varUser = $_POST["username"];		
		$varPass = $_POST["password"];
		$result = mysql_query("SELECT * FROM user_table where email = '".$varUser."'		          
					   and password =PASSWORD('".$varPass."')",$db);
		                      

		if($result)
		{					
			
			if($myrow = mysql_fetch_row($result)) 
			{
				 //print "Authenticated Successfully";				 				
 				 $URL="http://localhost/MyLibrary/home.php";
				 //header ('Location: $URL');
				 //header ('Location: http://localhost/MyLibrary/home.php');
				 header ("Location: $URL");
			}
			else
			{
				// print "you dont exist";
				 //Trying to redirect to Login Page
				 //print "Authentication Failure";				 
				 $URL="http://localhost/MyLibrary/login.php";
 				 //header ("Location: $URL");
				 //header ('Location: http://localhost/MyLibrary/login.php');
				 header ("Location: $URL");
				 exit;
			}
		}
		else
		{
			print "Oooops DB Syntax Problem!!!";
		}
		
		mysql_close($db);		
		?>

Working Code!!!  Very weird!!!

Thanks folks :D

#16 ashucool83

ashucool83
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 05 August 2006 - 08:40 PM

Now that I can go to my home.php page .... do I need to write a cookie to keep my session only for user'A' and not user 'B' cause currently if I type

http://localhost/MyLibrary/home.php

I can still reach the page without the authentication. How do you guys suggest fixing this ?

Thanks

#17 ronverdonk

ronverdonk
  • Members
  • PipPipPip
  • Advanced Member
  • 277 posts
  • LocationNetherlands

Posted 05 August 2006 - 08:40 PM

That is a different story. After authentication you need to save your session in the $_SESSION array. At each page (after the session_start) you verify that the $_SESSION variables are still intact. If not, redirect visitor to the login.php page.
RTFM is an almost extinct art form, it should be subsidized.

#18 ashucool83

ashucool83
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 05 August 2006 - 08:50 PM

Thanks ... will read about that and if more questions will post it over here!!!  ;D

#19 ronverdonk

ronverdonk
  • Members
  • PipPipPip
  • Advanced Member
  • 277 posts
  • LocationNetherlands

Posted 05 August 2006 - 08:52 PM

See the tutorial about session handling at the zend website:

http://www.zend.com/...tut/session.php
RTFM is an almost extinct art form, it should be subsidized.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users