Login acess problem..

[bugzy]

It is always redirecting me to login page

 

here are the codes

 

login.php

 

if($check_status == 3)
{
				echo "<span class=\"error_validation\">Your account is banned!</span>";
			}
			else
			{	

				$found_user = mysql_fetch_array($result);

				$_SESSION['member_id'] = $found_user['member_id'];

				me_redirect_to('admin/index.php');

}

 

 

admin/index.php

 

<?php require_once("../includes/session.php"); ?>
<?php require_once("../includes/connection.php"); ?>
<?php require_once("../includes/functions.php"); ?>
<?php confirm_logged_in(); ?>

 

 

function confirm_logged_in

 

 

session_start(); 


function confirm_logged_in()
{
if(!isset($_SESSION['member_id']))
{
	me_redirect_to('/prac/login.php');
}
}

 

 

Any idea guys? 

[xyph]

It looks like it redirects to the index to me.

[bugzy]

^I have already edited the original post.. what do you think?

[ialsoagree]

$found_user = mysql_fetch_array($result);

 

Can we see the mysql you used to generate $result? Copying the all the relevant PHP lines would be ideal.

[Pikachu2000]

I don't see a session_start() in login.php. Without that, it would cause $_SESSION['member_id'] to be unset, and result in being redirected to login.php.

[bugzy]

$found_user = mysql_fetch_array($result);

 

Can we see the mysql you used to generate $result? Copying the all the relevant PHP lines would be ideal.

 

 

$query = "Select member_id,email,status from user where email = '{$email}' AND password = '{$hashed_password}' LIMIT 1";
$result = mysql_query($query,$connection) or die (mysql_error());

 

[xyph]

You have to start the session at the top of login.php as well.

[bugzy]

I don't see a session_start() in login.php. Without that, it would cause $_SESSION['member_id'] to be unset, and result in being redirected to login.php.

 

Sorry I didn't say on my 1st post that

 

<?php require_once("includes/session.php"); ?>

 

is also at the very top of login.php

 

so what do you think guys is the problem

 

 

[Pikachu2000]

Then instead of the allowing the header() call to happen, print_r($_SESSION) and see what exactly is in it.

[ialsoagree]

Do you have any error suppression on?

 

If not, we really need to see more of your PHP. If the error is in the code you've posted, you haven't provided enough context for us to find it.

 

From what we can see of what you posted, there's no reason your code isn't working. We need to see more.

[xyph]

Since you're only showing us a select part of the code, we can only really stab at the answer.

 

If both session.php and functions.php contain session_start(); you should be getting a notice. You should probably turn ALL error reporting on when developing. When things go wrong, comment out redirects and check for errors.

[bugzy]

Ok it seemed like I know where the problem is now but I don't know why it is happening....

 

the problem is on the login form.

 

The code where I think the problem is on base on trial and error

 

		$query = "Select member_id,email,status from user where email = '{$email}' AND password = '{$hashed_password}' LIMIT 1";
		$result = mysql_query($query,$connection) or die (mysql_error());
		$num_user = mysql_num_rows($result);



		if($num_user == 1)
		{

			$time_query = "UPDATE user set last_login=NOW() where email = '{$email}' LIMIT 1";
			$time_result = mysql_query($time_query,$connection) or die (mysql_error());


			$check_status = mysql_result($result,0,'status');


			if($check_status == 3)
			{
				echo "<span class=\"error_validation\">Your account is banned!</span>";
			}
			else
			{	

				$found_user = mysql_fetch_array($result);

				$_SESSION['member_id'] = $found_user['member_id'];


				me_redirect_to('admin/index.php');



			}


		}
		else
		{
			echo "<span class=\"error_validation\">E-mail/Password combination is incorrect.<br>Pls. make sure that your CAPS LOCK is off and try again.</span>";
		}



	}

 

 

 

 

The problem is on these lines

 

$check_status = mysql_result($result,0,'status');


			if($check_status == 3)
			{
				echo "<span class=\"error_validation\">Your account is banned!</span>";
			}

 

 

If I remove it.. The code works fine but if it is there I'm not getting any value on

 

$_SESSION['member_id'] = $found_user['member_id'];

 

and is returning

 

Array ( [member_id] => )

 

 

it's not the IF first statement but this

 

$check_status = mysql_result($result,0,'status');

 

I wonder why it is happening... Anyone? 

[Pikachu2000]

From the manual entry for mysql_result(): Calls to mysql_result() should not be mixed with calls to other functions that deal with the result set.

 

When you call mysql_result(), you advance the internal data pointer to the next record, which doesn't exist because the results set is LIMITed to 1 record (and that's all there should be anyhow). Then when you call mysql_fetch_array(), there is no record for it to act on. You either need to move the pointer back to the first record, which isn't what I"d recommend here, or rearrange your logic so it makes all of its "decisions" on the result set at the same time.

[bugzy]

From the manual entry for mysql_result(): Calls to mysql_result() should not be mixed with calls to other functions that deal with the result set.

 

When you call mysql_result(), you advance the internal data pointer to the next record, which doesn't exist because the results set is LIMITed to 1 record (and that's all there should be anyhow). Then when you call mysql_fetch_array(), there is no record for it to act on. You either need to move the pointer back to the first record, which isn't what I"d recommend here, or rearrange your logic so it makes all of its "decisions" on the result set at the same time.

 

Pikachu2000 thanks you for explaining it clearly!

 

Now instead of me using mysql_result I have use

 

$found_user = mysql_fetch_array($result);

$found_user['status']

 

instead. Thanks guys!