scmeeker Posted June 18, 2010 Share Posted June 18, 2010 I'm creating a very basic user login form. After verifying the username and password, I would like it to go to another page: listtest5.php. It keeps going back to the original login (userlogin.html)even when using a valid username and password. How do I get it to redirect to listtest5.php after a successful login? Thanks for your help! if ((!isset($_POST["username"])) || (!isset($_POST["password"]))) { header("Location: listtest5.php"); exit; } //connect to server and select database $mysqli = mysqli_connect("localhost", "", "", ""); //create and issue the query $sql = "SELECT username, password FROM table WHERE username = '".$_POST["username"]."' AND password = PASSWORD('".$_POST["password"]."')"; $result = mysqli_query($mysqli, $sql) or die(mysqli_error($mysqli)); //get the number of rows in the result set; should be 1 if a match if (mysqli_num_rows($result) == 1) { header("location:listtest5.php"); exit(); //set authorization cookie setcookie("auth", "1", 0, "/", "whereever.com", 0); } else { //redirect back to login form if not authorized header("Location: userlogin.html"); exit; } ?> Quote Link to comment Share on other sites More sharing options...
Alex Posted June 18, 2010 Share Posted June 18, 2010 I'm guessing you have some kind of verification code on listtest5.php that checks if a certain cookie is set and your problem is that you're setting the cookie after you call exit(); so that bit of code will never execute. //set authorization cookie setcookie("auth", "1", 0, "/", "whereever.com", 0); header("location:listtest5.php"); exit(); Quote Link to comment Share on other sites More sharing options...
scmeeker Posted June 18, 2010 Author Share Posted June 18, 2010 I don't have the cookie set up on listtest5.php yet. At this point I'm really trying to get it to redirect to another page of my choice after verification of the username and password. I tried removing the cookie to test that but it still didn't work. Quote Link to comment Share on other sites More sharing options...
Andy-H Posted June 18, 2010 Share Posted June 18, 2010 Probably a stupid question but I'm assuming you used the SQL PASSWORD() function when the user registered to insert their details to your "table" table? and that the field was set to the correct datatype to store the hash? I duno what it should be as I have never seen the SQL PASSWORD() function but read up and it uses sha1 twice. ------------------------------------------------------------------- Prior to MySQL 4.1 ------------------------------------------------------------------- mysql> SELECT PASSWORD('mypass'); +--------------------+ | PASSWORD('mypass') | +--------------------+ | 6f8c114b58f2ce9e | +--------------------+ ------------------------------------------------------------------- As of MySQL 4.1 ------------------------------------------------------------------- mysql> SELECT PASSWORD('mypass'); +-------------------------------------------+ | PASSWORD('mypass') | +-------------------------------------------+ | *6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4 | +-------------------------------------------+ ------------------------------------------------------------------- See http://dev.mysql.com/doc/refman/5.0/en/password-hashing.html Quote Link to comment Share on other sites More sharing options...
Andy-H Posted June 18, 2010 Share Posted June 18, 2010 Also you should really give some kind of error message if the details are incorrect, rather than just redirecting to the login (HTML) page. Quote Link to comment Share on other sites More sharing options...
scmeeker Posted June 18, 2010 Author Share Posted June 18, 2010 Thanks so much for both of you're help but I got it worked out! I ended up getting some different code...that one wasn't working out so well. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.