ecabrera Posted May 18, 2012 Share Posted May 18, 2012 ok so when user get there email or password wrong are they just submit with filling anything out they go to login.php?login_failed but it gives me This webpage has a redirect loop Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects. <?php session_start(); $email = $_SESSION['email']; ?> <?php $email = mysql_real_escape_string($_POST['email']); $password = mysql_real_escape_string($_POST['password']); if(!empty($email) && isset($email) &&!empty($password) && isset($password)){ $password = md5("$password"); require "includes/init/db_con.php"; $query = mysql_query("SELECT * FROM users WHERE email = '$email'"); $numrows = mysql_num_rows($query); if($numrows != 0){ $row = mysql_fetch_assoc($query); $dbemail = $row ['email']; $dbpassword = $row ['password']; if($dbemail === $email && $dbpassword === $password){ $_SESSION['email'] = $dbemail; header("location: http://localhost/control/home.php"); }else { header('Location: login.php?login_failed'); } }else { header('Location: login.php?login_failed'); } }else { header('Location: login.php?login_failed'); } ?> <?php require "includes/overall/header.php";?> <?php if($_GET['login_failed']){ echo "Login Box will appear with messages"; } ?> <?php require "includes/overall/footer.php";?> Quote Link to comment Share on other sites More sharing options...
ecabrera Posted May 18, 2012 Author Share Posted May 18, 2012 can Anyone help Quote Link to comment Share on other sites More sharing options...
creata.physics Posted May 18, 2012 Share Posted May 18, 2012 well, your php's logic is kind of weird on one spot. i removed an unnecessary redirect. i also cleaned up your code a bit so it can be read a bit easier. i commented out the redirect that doesn't make sense. if you don't understand it, feel free to ask what you don't understand. <?php session_start(); $email = $_SESSION['email']; $email = mysql_real_escape_string($_POST['email']); $password = mysql_real_escape_string($_POST['password']); if(!empty($email) && isset($email) &&!empty($password) && isset($password)) { $password = md5("$password"); require "includes/init/db_con.php"; $query = mysql_query("SELECT * FROM users WHERE email = '$email'"); $numrows = mysql_num_rows($query); if($numrows != 0) { $row = mysql_fetch_assoc($query); $dbemail = $row ['email']; $dbpassword = $row ['password']; if($dbemail === $email && $dbpassword === $password) { $_SESSION['email'] = $dbemail; header("location: http://localhost/control/home.php"); } else { // Login failed because email or password did not match header('Location: login.php?login_failed'); } } else { // Log in failed because the sessions email did not match a user record? #header('Location: login.php?login_failed'); } } require "includes/overall/header.php"; if($_GET['login_failed']){ echo "Login Box will appear with messages"; } require "includes/overall/footer.php"; Quote Link to comment Share on other sites More sharing options...
ecabrera Posted May 18, 2012 Author Share Posted May 18, 2012 else { // Log in failed because the sessions email did not match a user record? #header('Location: login.php?login_failed'); } id dont get this Quote Link to comment Share on other sites More sharing options...
princeofpersia Posted May 18, 2012 Share Posted May 18, 2012 try this, <?php session_start(); $email = $_SESSION['email']; $email = mysql_real_escape_string($_POST['email']); $password = mysql_real_escape_string($_POST['password']); if(!empty($email) && isset($email) &&!empty($password) && isset($password)) { $password = md5($password); require "includes/init/db_con.php"; $query = mysql_query("SELECT * FROM users WHERE email = '$email'"); $numrows = mysql_num_rows($query); if($numrows != 0) { $row = mysql_fetch_assoc($query); $dbemail = $row ['email']; $dbpassword = $row ['password']; if($dbemail === $email && $dbpassword === $password) { $_SESSION['email'] = $dbemail; header("location: http://localhost/control/home.php"); } else { // Login failed because email or password did not match header('Location: login.php?login_failed'); } } else { // Log in failed because the sessions email did not match a user record? #header('Location: login.php?login_failed'); } } require "includes/overall/header.php"; if($_GET['login_failed']){ echo "Login Box will appear with messages"; } require "includes/overall/footer.php"; The problem was with md5 conversion, this should work Password should be $password = md5($password); and not $password = md5("$password"); I couldnt see anything else wrong, if problem still exist change if($dbemail === $email && $dbpassword === $password) to if($dbemail == $email && $dbpassword == $password) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.