chandler Posted September 15, 2010 Share Posted September 15, 2010 Hi, I have a url redirect set up on my site, when I use this I am unable to login, if I use the original Domain name it works fine, thanks for your help. Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/ Share on other sites More sharing options...
chintansshah Posted September 15, 2010 Share Posted September 15, 2010 Hey, Could provide code for better understanding? Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/#findComment-1111270 Share on other sites More sharing options...
chandler Posted September 15, 2010 Author Share Posted September 15, 2010 yes sorry, I think this is all of the login system. <?php session_start(); ob_start(); if (!isset($_SESSION["valid_user"])) { header('Location:/index.php?action=login'); } $theuser=$_SESSION["valid_user"]; ///////////////////////////////// Language Changer - start if (!$_SESSION['lang_ice']) { $_SESSION['lang_en'] = true; $_SESSION['lang_ice'] = false; } if (isset($_GET['lang'])) { if ($_GET['lang'] == "en") { $_SESSION['lang_en'] = true; $_SESSION['lang_ice'] = false; } if ($_GET['lang'] == "ice") { $_SESSION['lang_en'] = false; $_SESSION['lang_ice'] = true; } } if($_SESSION['lang_ice'] == true) { require_once '../langs/ice.php'; } if($_SESSION['lang_en'] == true) { require_once '../langs/en.php'; } /////////////////////////// Language Changer - end ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> </head> <body> <? if (!$_SESSION["valid_user"]) { echo "<li><a href=\"/main/?action=login\">$login</a></li><li><a href=\"/main/?action=register\">$register</a></li>"; } else { echo "<li><a href=\"/Users/profile.php?action=viewprofile\">$theuser</a></li><li><a href=\"/main/?logout\">$logout</a></li>"; } if ( $theuser == "admin" ) { echo "<li><a href='/admin/'>Admin Area</a>"; } ?> <?php //require("../requires/head.php"); require("../requires/config.php"); if(isset($_GET['action'])) { $action=addslashes($_GET['action']); } if(!isset($_GET['action'])) { header("Location:main.php"); } if(isset($_GET['logout'])) { session_unset(); session_destroy(); echo "Goodbye"; ?> <meta http-equiv="refresh" content="2;url=main.php" /> <?php } if(isset($_SESSION["valid_user"])) { echo "Welcome"; } if(isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $password = md5($password); $query = mysql_query("SELECT * FROM guest_users WHERE us_nm = '$username' AND us_pw = '$password'") or die(mysql_error()); if(mysql_num_rows($query) == 0) { echo "Username and Password combination not recognised.<br>"; } else { $_SESSION["valid_user"] = $username; header("Location:main.php"); } } if ( $action == "login" ) { echo "$index2[0]"; ?> <br><br> <center> <form action="" method="post"> <table border="0" cellspacing="0" cellpadding="0" width="150"> <tr> <td width="60"><?php echo $index2[1];?>:</font></td> <td width="90"><center><input type="text" name="username"></center></td> </tr> <tr> <td colspan="2" height="6"> </td> </tr> <tr> <td width="60"><?php echo $index2[2];?>:</font></td> <td width="90"><center><input type="password" name="password"></center></td> </tr> <tr> <td colspan="2" height=\"6"><br><input type="Submit" name="submit" value="<?php echo $index2[3];?>"></td> </tr> </table> </form> </center> <?php } if ( $action == "register" ) { $username=mysql_real_escape_string($_POST['username']); $email=mysql_real_escape_string($_POST['email']); $myname=mysql_real_escape_string($_POST['myname']); $myweb=mysql_real_escape_string($_POST['myweb']); $location=mysql_real_escape_string($_POST['location']); echo " <form action='' method=\"post\" enctype=\"multipart/form-data\"> <table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"570\"> <tr> <td width=\"120\">$index2[1]:</td> <td width=\"*\"><input type=\"text\" name=\"username\" value=\"$username\" class=\"itxt\"></td> </tr> <tr> <td colspan=\"2\" height=\"4\"> </td> </tr> <tr> <td width=\"120\">$index2[2]:</td> <td width=\"*\"><input type=\"password\" name=\"password\" class=\"itxt\"></td> </tr> <tr> <td colspan=\"2\" height=\"4\"> </td> </tr> <tr> <td width=\"120\">$email_ent:</td> <td width=\"*\"><input type=\"text\" name=\"email\" value=\"$email\" class=\"itxt\"></td> </tr> <tr> <td colspan=\"2\" height=\"10\"> </td> </tr> <tr> <td width=\"120\">$index2[10]:</td> <td width=\"*\"><input type=\"text\" name=\"myname\" value=\"$myname\" class=\"itxt\"></td> </tr> <tr> <td colspan=\"2\" height=\"4\"> </td> </tr> <tr> <td width=\"120\">$index2[7]:</td> <td width=\"*\"><input type=\"text\" name=\"myweb\" value=\"$myweb\" class=\"itxt\"></td> </tr> <tr> <td colspan=\"2\" height=\"4\"> </td> </tr> <tr> <td width=\"120\">$index2[8]:</td> <td width=\"*\"><input type=\"text\" name=\"location\" value=\"$location\" class=\"itxt\"></td> </tr> <tr> <td colspan=\"2\" height=\"4\"> </td> </tr> <tr> <td width=\"120\">$index2[9]:</td> <td width=\"*\" valign=\"top\"><input type=\"file\" size=\"15\" name=\"uploadfile\"></td> </tr> <tr> <td colspan=\"2\" height=\"8\"> </td> </tr> <tr> <td colspan=\"2\" height=\"4\"> <input type=\"Submit\" value=\"Submit\" name='submit_reg'> </td> </tr> </table> </form>"; } if (isset($_POST['submit_reg'])) { $upload=$_FILES['uploadfile']; $username=mysql_real_escape_string($_POST['username']); $pass_word=mysql_real_escape_string($_POST['password']); $password=mysql_real_escape_string(md5($_POST['password'])); $email=mysql_real_escape_string($_POST['email']); $myname=mysql_real_escape_string($_POST['myname']); $myweb=mysql_real_escape_string($_POST['myweb']); $location=mysql_real_escape_string($_POST['location']); $tava=basename($_FILES['uploadfile']['name']); $target_path = "../images/uploads/"; $target_path = $target_path . basename( $_FILES['uploadfile']['name']); move_uploaded_file($_FILES['uploadfile']['tmp_name'], $target_path); if(strlen($username) >= 7) { echo "Username Too long. 7 or less characters.<br>"; } else { $query=mysql_query("SELECT * FROM guest_users WHERE us_ml='$email' AND us_nm = '$username'"); $result=mysql_num_rows($query); if ($result == 0) { $one = "INSERT INTO guest_users VALUES('','$username','$password','$email','$myname','$tava','$myweb','$location')"; $two = mysql_query($one) or die("Error: Information has not been added to the users database"); $subject = "Registration"; $message = "Congratulations on registering with us. These are the details you have registered with:\n Name:".$myname."\n Username:". $username."\n Password:".$pass_word."\n Website:".$myweb."\n Location:".$location; $from = "@gmail.com"; $headers = "From: $from"; mail($email,$subject,$message,$headers); echo "<center>Now You are registered!</center>"; require_once "../requires/feet.php"; exit(); } else { echo "Username and email already in use.<br>"; } } } require("../requires/feet.php"); ?> Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/#findComment-1111272 Share on other sites More sharing options...
rwwd Posted September 15, 2010 Share Posted September 15, 2010 Hi there, not sure what your issue is, but having a quick read of your code, you can eliminate a little bit just by doing this before you assign all the $_POST data:- $_POST = array_map('mysql_real_escape_string', $_POST); $_POST = array_map('strip_tags', $_POST); This will then use the function (using the callback feature) and apply it directly to all of the elements within the $_POST array, and as you are 'overwriting' it, after this call you can then refer to $_POST directly or assign to a var, but this time safe in the knowledge that you have already sanitised the user submitted detail. Also, you might want to place exit's after all of the header() calls, this will make your script stop operating after the header call, this is always a handy thing to do.. Hope this makes sense anyway.. Cheers, Rw Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/#findComment-1111276 Share on other sites More sharing options...
chandler Posted September 15, 2010 Author Share Posted September 15, 2010 Thanks, the problem is I have a domain like www.111exampleurl111.net.16.net, so I have a url redirect set up on this like www.myname.com but when this is used it is not possible to login to the site only when I use www.111exampleurl111.net.16.net, I am able to login. Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/#findComment-1111279 Share on other sites More sharing options...
chintansshah Posted September 15, 2010 Share Posted September 15, 2010 Hey, It is best practice to write exit(); after each header() function. Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/#findComment-1111281 Share on other sites More sharing options...
chandler Posted September 15, 2010 Author Share Posted September 15, 2010 ok thanks, like this? header('Location: main.php'); exit; Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/#findComment-1111282 Share on other sites More sharing options...
chandler Posted September 15, 2010 Author Share Posted September 15, 2010 seems to work now after adding that, great many thanks Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/#findComment-1111283 Share on other sites More sharing options...
rwwd Posted September 15, 2010 Share Posted September 15, 2010 Cool! It's a good idea to place the exit; there after the header() as this stops the script from executing code further down the chain, as php will parse the entire document unless told to stop by using exit; Did/have you tried the array_map() at all? Just suggesting a way to condense your code a little, always nice to streamline and make more efficient. Rw Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/#findComment-1111286 Share on other sites More sharing options...
chintansshah Posted September 15, 2010 Share Posted September 15, 2010 Your welcome, Chandler... Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/#findComment-1111292 Share on other sites More sharing options...
chandler Posted September 15, 2010 Author Share Posted September 15, 2010 I will give it a go, im a complete noob at php. thanks for all your help Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/#findComment-1111298 Share on other sites More sharing options...
rwwd Posted September 15, 2010 Share Posted September 15, 2010 The Exit Function Have a read of this, some quite useful examples there. Link to comment https://forums.phpfreaks.com/topic/213462-url-redirect-messes-up-login-system/#findComment-1111300 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.