redirecting

[droidus]

i am having issues redirecting the user when they login.  i copied a lot of my php code from another page that worked, and all i really changed in here was the appearance of the page.  here is my code: http://pastebin.com/6dpZedQS

[Ptsface12]

Hello,

Add this to replace your current header:

<?php
session_start();
if(!session_is_registered(user)){
header("location:../index.php");
}
?>

 

And place this where your file checks if the users details are correct or not:

<?php
ob_start();
$host="localhost"; // Host name 
$username="username"; // Mysql username 
$password="password"; // Mysql password 
$db_name="database name"; // Database name 
$tbl_name="table name"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// Define $user and $pass
$pass=$_POST['password of textbox from index.php']; 
$user=$_POST['username of textbox from index.php'];

// To protect MySQL injection (learn more detail about MySQL injection)
$user = stripslashes($user);
$pass = stripslashes($pass);
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);

$sql="SELECT * FROM $tbl_name WHERE username='$user' and password='$pass'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $user and $pass, table row must be 1 row

if($count==1){
// Register username, password and redirect to file "login_success.php"
session_register("username");
session_register("password"); 
$_SESSION['user'] = $user;
header("location:your success login.php");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>

 

[premiso]

@Ptsface12: http://www.php.net/manual/en/function.session-is-registered.php

 

This function has been DEPRECATED as of PHP 5.3.0. Relying on this feature is highly discouraged.

 

Best not to use stuff that has been deprecated. To fix that in your code:

 

<?php
session_start();
if (!isset($_SESSION['user'])) {
    header("location:../index.php");
}
?>

 

Same with the session_register :

 

if($count==1){
    // Register username, password and redirect to file "login_success.php"
    $_SESSION['user'] = $user;
    $_SESSION['password'] = ''; // this is how you register them now.

    header("location:your success login.php");
}

[Ptsface12]

Thanks, but now everytime I load up a secured page, it sends me back to the login

[droidus]

hm, doesn't do anything when i login.... here is my code

 

<?php
ob_start();

... login info here...
$members = mysql_pconnect($hostname_members, $username_members, $password_members) or trigger_error(mysql_error(),E_USER_ERROR); 

// Define $user and $pass
$pass=$_POST['pword']; 
$user=$_POST['uname'];

// To protect MySQL injection (learn more detail about MySQL injection)
$user = stripslashes($user);
$pass = stripslashes($pass);
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);

$sql="SELECT * FROM members WHERE uname='$user' and pword='$pass'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $user and $pass, table row must be 1 row

if($count==1){
    // Register username, password and redirect to file "login_success.php"
    $_SESSION['user'] = $user;
    $_SESSION['password'] = ''; // this is how you register them now.

    header("location: login.php");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>