Jump to content

Redirect logging in users to different pages


jusjus7

Recommended Posts

You need to enable error reporting at its highest level. In your php.ini file, find the following directives, and set them as below. Then restart Apache, run the script again and see what, if any, errors are reported.

 

error_reporting = -1

display_errors = On

Link to comment
Share on other sites

  • Replies 58
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Have you checked that session is being set?  If not try this.

 if($count==1){
  // Register $UsersID, $U_Password and redirect to file "login_success.php"
  $_SESSION['UsersID']=$result[0];
  $_SESSION['U_YearID']=$result[1];
  if($_SESSION['U_YearID']==1){  
//  header("location:login_success.php");
//	exit;
}
  if($_SESSION['U_YearID']==2){
//  header("location:login_success2.php");
//	exit;
}
  if($_SESSION['U_YearID']==4){
//  header("location:login_success4.php");
//	exit;
}
echo "$_SESSION[u_YearID]";
} else {

  echo "Wrong Username or Password";
}

If you are getting results as expected with values being echoed (1, 2 or 4) then try this code.  Brackets added around IF statements with exit added.

 if($count==1){
  // Register $UsersID, $U_Password and redirect to file "login_success.php"
  $_SESSION['UsersID']=$result[0];
  $_SESSION['U_YearID']=$result[1];
  if($_SESSION['U_YearID']==1){  
  header("location:login_success.php");
exit;
}
  if($_SESSION['U_YearID']==2){
  header("location:login_success2.php");
exit;
}
  if($_SESSION['U_YearID']==4){
  header("location:login_success4.php");
exit;
}
} else {

  echo "Wrong Username or Password";
}

Link to comment
Share on other sites

You need to enable error reporting at its highest level. In your php.ini file, find the following directives, and set them as below. Then restart Apache, run the script again and see what, if any, errors are reported.

 

error_reporting = -1

display_errors = On

 

this is what i have found

 

error_reporting

;  Default Value: E_ALL & ~E_NOTICE

;  Development Value: E_ALL | E_STRICT

;  Production Value: E_ALL & ~E_DEPRECATED

 

is this what i need to change?

Link to comment
Share on other sites

You need to use table fields as in

$sql="SELECT UsersID,U_YearID FROM users WHERE UsersID='$UsersID' and U_Password='$U_Password'";

NOT

$sql="SELECT * FROM users WHERE UsersID='$UsersID' and U_Password='$U_Password'";

 

That is what i am using

 

$sql="SELECT UsersID,U_YearID FROM users WHERE UsersID='$UsersID' and U_Password='$U_Password'";

 

<?php
session_start(); 
ini_set('session.bug_compat_42',0);
ini_set('session.bug_compat_warn',0);
$host="localhost"; // Host name
$username="phpuser"; // username
$password="phpuser"; // password
$db_name="phpsite"; // Database name
$tbl_name="users"; // Table name

// Replace database connect functions depending on database you are using.
mysql_connect("$host", "$username", "$password");
mysql_select_db("$db_name");

//submitting query
// username and password sent from form
//NEVER Remove the mysql_real_escape_string. Else there could be an Sql-Injection!
$UsersID=mysql_real_escape_string($_POST['UsersID']);
$U_Password=mysql_real_escape_string($_POST['U_Password']);

$sql="SELECT UsersID,U_YearID FROM users WHERE UsersID='$UsersID' and U_Password='$U_Password'";
//echo $sql;
$result=mysql_query($sql);

//checking results
// Replace counting function based on database you are using.
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

//Direct Userbased on result
if($count==1){
  // Register $UsersID, $U_Password and redirect to file "login_success.php"
  $_SESSION['UsersID']=$result[0];
  $_SESSION['U_YearID']=$result[1];
  if($_SESSION['U_YearID']==1){  
  header("location:login_success.php");
exit;
}
  if($_SESSION['U_YearID']==2){
  header("location:login_success2.php");
exit;
}
  if($_SESSION['U_YearID']==4){
  header("location:login_success4.php");
exit;
}
} else {

  echo "Wrong Username or Password";
}
?>

Link to comment
Share on other sites

The leading semicolon indicates a comment, so you need to find the line that isn't commented for each of the directives, and set those as above. That should be where you keep those values set while developing.

 

so one of the semicolons is wrongly placed?

Link to comment
Share on other sites

Add error reporting to the top of your page.  Maybe that will shed some light.

<?php
session_start();
error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING); 

 

nope nothing happens it just gives me a blank checklogin.php page :/ could it be the if statements are not properly written?

Link to comment
Share on other sites

Add error reporting to the top of your page.  Maybe that will shed some light.

<?php
session_start();
error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING); 

 

nope nothing happens it just gives me a blank checklogin.php page :/ could it be the if statements are not properly written?

 

as i took off the error reporting thing you said this has come up again :/

 

 

Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively in Unknown on line 0

Link to comment
Share on other sites

The leading semicolon indicates a comment, so you need to find the line that isn't commented for each of the directives, and set those as above. That should be where you keep those values set while developing.

so one of the semicolons is wrongly placed?

 

 

No, not necessarily. If, and only if, there is no line with error_reporting = [some value], without a semicolon preceding it, add the line as above. If there is a line with no semicolon, just change the value. Same goes for display_errors. Then save the file and restart Apache.

 

Link to comment
Share on other sites

How about some simple testing to see if query is working.

<?php
session_start(); 
//ini_set('session.bug_compat_42',0);
//ini_set('session.bug_compat_warn',0);
$host="localhost"; // Host name
$username="phpuser"; // username
$password="phpuser"; // password
$db_name="phpsite"; // Database name
$tbl_name="users"; // Table name

// Replace database connect functions depending on database you are using.
mysql_connect("$host", "$username", "$password");
mysql_select_db("$db_name");

//Add isset 
if (isset($_POST['UsersID'])){
//submitting query
// username and password sent from form
//NEVER Remove the mysql_real_escape_string. Else there could be an Sql-Injection!
$UsersID=mysql_real_escape_string($_POST['UsersID']);
$U_Password=mysql_real_escape_string($_POST['U_Password']);

$sql="SELECT UsersID,U_YearID FROM users WHERE UsersID='$UsersID' and U_Password='$U_Password'";
//echo $sql;
$result=mysql_query($sql);

//checking results
// Replace counting function based on database you are using.
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

//Direct Userbased on result
if($count==1){
  // Register $UsersID, $U_Password and redirect to file "login_success.php"
/*
  $_SESSION['UsersID']=$result[0];
  $_SESSION['U_YearID']=$result[1];
  if($_SESSION['U_YearID']==1){  
  header("location:login_success.php");
exit;
}
  if($_SESSION['U_YearID']==2){
  header("location:login_success2.php");
exit;
}
  if($_SESSION['U_YearID']==4){
  header("location:login_success4.php");
exit;
}
*/ 
echo "{$result[1]}"; 
} else {

  echo "Wrong Username or Password";
}
}
?>

Link to comment
Share on other sites

How about some simple testing to see if query is working.

<?php
session_start(); 
//ini_set('session.bug_compat_42',0);
//ini_set('session.bug_compat_warn',0);
$host="localhost"; // Host name
$username="phpuser"; // username
$password="phpuser"; // password
$db_name="phpsite"; // Database name
$tbl_name="users"; // Table name

// Replace database connect functions depending on database you are using.
mysql_connect("$host", "$username", "$password");
mysql_select_db("$db_name");

//Add isset 
if (isset($_POST['UsersID'])){
//submitting query
// username and password sent from form
//NEVER Remove the mysql_real_escape_string. Else there could be an Sql-Injection!
$UsersID=mysql_real_escape_string($_POST['UsersID']);
$U_Password=mysql_real_escape_string($_POST['U_Password']);

$sql="SELECT UsersID,U_YearID FROM users WHERE UsersID='$UsersID' and U_Password='$U_Password'";
//echo $sql;
$result=mysql_query($sql);

//checking results
// Replace counting function based on database you are using.
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

//Direct Userbased on result
if($count==1){
  // Register $UsersID, $U_Password and redirect to file "login_success.php"
/*
  $_SESSION['UsersID']=$result[0];
  $_SESSION['U_YearID']=$result[1];
  if($_SESSION['U_YearID']==1){  
  header("location:login_success.php");
exit;
}
  if($_SESSION['U_YearID']==2){
  header("location:login_success2.php");
exit;
}
  if($_SESSION['U_YearID']==4){
  header("location:login_success4.php");
exit;
}
*/ 
echo "{$result[1]}"; 
} else {

  echo "Wrong Username or Password";
}
}
?>

 

hmm it doesnt seem to be working as i still get a blank page :/ so its the query :s

Link to comment
Share on other sites

And your DB table users has the field called `U_YearID`?

 

yep

# Column Type Collation Attributes Null Default Extra Action

1 UsersID varchar(7) latin1_swedish_ci No None   Change   Drop More

2 U_Password varchar(10) latin1_swedish_ci No None   Change   Drop More

3 U_YearID varchar(1) latin1_swedish_ci No None   Change   Drop More

4 U_FirstName tinytext latin1_swedish_ci No None   Change   Drop More

5 U_LastName tinytext latin1_swedish_ci No None   Change   Drop More

6 CompanyID

Link to comment
Share on other sites

Then that's where the error is, in the checklogin2.php script.

 

yep but i cant seem to figure out where i have been looking at this code all day and nothing seems to look wrong (to me)

 

<?php
session_start();
ini_set('session.bug_compat_42',0);
ini_set('session.bug_compat_warn',0);
$host="localhost"; // Host name
$username="phpuser"; // username
$password="phpuser"; // password
$db_name="phpsite"; // Database name
$tbl_name="users"; // Table name

// Replace database connect functions depending on database you are using.
mysql_connect("$host", "$username", "$password");
mysql_select_db("$db_name");
//submitting query
// username and password sent from form
//NEVER Remove the mysql_real_escape_string. Else there could be an Sql-Injection!
$UsersID=mysql_real_escape_string($_POST['UsersID']);
$U_Password=mysql_real_escape_string($_POST['U_Password']);
$sql="SELECT UsersID,U_YearID FROM users WHERE UsersID='$UsersID' and U_Password='$U_Password'";
//echo $sql;
$result=mysql_query($sql);
//checking results
// Replace counting function based on database you are using.
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
//Direct Userbased on result
if($count==1){
  // Register $UsersID, $U_Password and redirect to file "login_success.php"
  $_SESSION['UsersID']=$result[0];
  $_SESSION['U_YearID']=$result[1];
  if($_SESSION['U_YearID']==1){  
  header("Location:login_success.php");
exit;
}
  if($_SESSION['U_YearID']==2){
  header("Location:login_success2.php");
exit;
}
  if($_SESSION['U_YearID']==4){
  header("Location:login_success4.php");
exit;
}
} else {
   echo "Wrong Username or Password";
}
?>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.