Page Not Redirecting Properly When Logged In Causes Jquery Mobile Not To Work

[jarv]

hi, on my site: http://m.slapp.me/

When I login, user: test pass: test

 

it checks the login against the database on a seperate page and then redirects if login successful but the URL stays the same, please help.

 

here is my checking page:

 

<?php
ob_start();
$host="xxx"; // Host name
$username="xxx"; // Mysql username
$password="xxx"; // Mysql password
$db_name="xxx"; // Database name
$tbl_name="xxx"; // Table name


// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['rsUser'];
$mypassword=$_POST['rsPass'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE rsUser='$myusername' and rsPass='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$num_rows = mysql_num_rows($result);
$row = mysql_fetch_array($result);
// If result matched $myusername and $mypassword, table row must be 1 row


if ($num_rows > 0) {
session_start();
$_SESSION['login'] = "1";
$_SESSION['UserID'] = $row['UserID']; 
$rsUser = $row['rsUser'];
header ("Location: http://m.slapp.me/login_success.php?rsUser=$rsUser");
}
else {
$errorMessage = "Invalid Login";
session_start();
$_SESSION['login'] = '';
}

ob_end_flush();
?>

 

 

here is the page I end up on when successful

<?
session_start();
if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
header ("Location: index.php");
}
mysql_connect("xxx", "xxx", "xxx") or die(mysql_error());
mysql_select_db("xxx") or die(mysql_error());

$rsUser = $_REQUEST['rsUser'];
$query1 = mysql_query("SELECT * FROM rstarget INNER JOIN users ON users.UserID=rstarget.UserID WHERE currentTarget = '1'");
$row1 = mysql_fetch_array($query1);

$query3 = mysql_query("SELECT * FROM users WHERE rsUser = '$rsUser'");
$row3 = mysql_fetch_array($query3);

$TargetID = $row1['TargetID'];

$result1 = mysql_query("SELECT * FROM rstargetpictures WHERE TargetID = '$TargetID' AND PictureApproval = '1'");
$msg = $_REQUEST['msg'];
?>
<!DOCTYPE html> 
<html>

<head>
	<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1"> 
<title>Multi-page template</title> 
<link rel="stylesheet" href="http://code.jquery.com/mobile/1.2.0/jquery.mobile-1.2.0.min.css" />
<script src="http://code.jquery.com/jquery-1.8.2.min.js"></script>
<script src="http://code.jquery.com/mobile/1.2.0/jquery.mobile-1.2.0.min.js"></script>
<script type="text/javascript">

 var _gaq = _gaq || [];
 _gaq.push(['_setAccount', 'UA-2434589-28']);
 _gaq.push(['_trackPageview']);

 (function() {
   var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
   ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
   var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
 })();

</script>
<script type="text/javascript">

 var _gaq = _gaq || [];
 _gaq.push(['_setAccount', 'UA-2434589-29']);
 _gaq.push(['_trackPageview']);

 (function() {
   var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
   ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
   var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
 })();

</script>
</head> 


<body> 

<!-- Start of first page: #one -->
<div data-role="page" id="success">

   <header data-role="header"data-theme="b">
       <h1>Slapp.ME</h1>
       <?php
if($_SESSION['UserID'] == '1'){
echo '<a href="#success" data-icon="home" class="ui-btn-right">Admin</a>';
}
?>
   </header><!-- /header -->

<div data-role="content" >	
	Todays target is: <h2><?php echo $row1['TargetName']; ?></h2>
	<p><a href="#add" data-role="button" data-rel="dialog" data-transition="pop">Add Image</a></p>
	<p><a href="#" data-role="button" data-icon="star">Suggest new Target</a></p>	
	<p><a href="#" data-role="button" data-icon="star">View Profile</a></p>
	<p><a href="#" data-role="button" data-icon="star">Logout</a></p>

</div><!-- /content -->

<div data-role="footer" data-theme="d">
	<h4>Page Footer</h4>
</div><!-- /footer -->
</div><!-- /page one -->

<!-- Start of third page: #add -->
<div data-role="page" id="add">

<div data-role="header" data-theme="e">
	<h1>Add Image</h1>
</div><!-- /header -->

<div data-role="content" data-theme="d">	
	<h2>Login to Slapp.ME</h2>
	<div data-role="fieldcontain">
	<form id="login" name="form1" method="post" action="checklogin.php">
		<label for="name">Username:</label>
		<input type="text" name="rsUser" id="name" value=""  />
		<label for="name">Password:</label>
		<input type="password" name="rsPass" id="name" value=""  />
		<br />
		<button value="submit-value" name="submit" data-theme="b" type="submit" class="ui-btn-hidden" aria-disabled="false">Login</button>
	</form>
	</div>		
</div><!-- /content -->

<div data-role="footer">
	<h4>Page Footer</h4>
</div><!-- /footer -->
</div><!-- /page popup -->


</body>

</html>

 

when logged in, the URL shows: http://m.slapp.me/checklogin.php it should be http://m.slapp.me/login_success.php as there is a redirect

[MDCode]

Besides keeping your passwords stored in the database as plain text, I see nothing wrong with your code. Do you have error reporting turned on?

[mrMarcus]

When logged in, the URL shows: http://m.slapp.me/checklogin.php it should be http://m.slapp.me/login_success.php as there is a redirect

 

Are you sure you're successfully logged in? Have you checked if $_SESSION['UserID'] holds the correct value? Or any value at all?

[jarv]

Hmm, not sure, will check later... It looks like I am logged in cos I get to the next page

[jarv]

ok, I have changed it, I now get UNDEFINED when i try and login

 

hi,

 

I am using the tutorial here: http://www.9lessons.info/2009/09/php-login-page-example.html

 

When I try and login:

 

user: test

Pass: test

 

here: http://m.slapp.me

 

I get 'Undefined'

 

Why? Please help...

 

here is my, check login page:

 

<?php
session_start();
$host="xxxx"; // Host name
$username="xxxx"; // Mysql username
$password="xxxx"; // Mysql password
$db_name="xxx"; // Database name
$tbl_name="xxxx"; // Table name


// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from Form
$myusername=addslashes($_POST['rsUser']);
$mypassword=addslashes($_POST['rsPass']);

$sql="SELECT * FROM $tbl_name WHERE rsUser='$myusername' and rsPass='$mypassword'";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
$active=$row['active'];
$count=mysql_num_rows($result);


// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
session_register("rsUser");
$_SESSION['login_user']=$myusername;

header("location: http://m.slapp.me/login_success.php?msg=$msg&rsUser=$rsUser");
}
else
{
$error="Your Login Name or Password is invalid";
}
}
?>

 

lock.php

<?php
$host="xxxx"; // Host name
$username="xxxx"; // Mysql username
$password="xxxx"; // Mysql password
$db_name="xxxx"; // Database name
$tbl_name="xxxx"; // Table name


// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
session_start();
$user_check=$_SESSION['login_user'];

$ses_sql=mysql_query("select username from admin where username='$user_check' ");

$row=mysql_fetch_array($ses_sql);

$login_session=$row['username'];

if(!isset($login_session))
{
header("Location: default.php");
}

 

login page

<!DOCTYPE html>
<html>

<head>
   <meta charset="utf-8">
   <meta name="viewport" content="width=device-width, initial-scale=1">
   <title>Slapp.Me - Daily Task System</title>


<link rel="stylesheet"  href="http://m.slapp.Me/demos/css/themes/default/jquery.mobile-1.2.0.css" />
   <link rel="stylesheet" href="http://m.slapp.Me/demos/docs/_assets/css/jqm-docs.css"/>

   <script src="http://m.slapp.Me/demos/js/jquery.js"></script>
   <script src="http://m.slapp.Me/demos/docs/_assets/js/jqm-docs.js"></script>
   <script src="http://m.slapp.Me/demos/js/jquery.mobile-1.2.0.js"></script>

</head>


<body>

<!-- Start of first page: #one -->
<div data-role="page" id="one">

   <header data-role="header" data-theme="b">
    <h1>Slapp.Me</h1>
    <a href="#register" data-icon="info" class="ui-btn-left" data-rel="dialog" data-transition="pop">Register</a>
    <a href="#login" data-icon="gear" class="ui-btn-right" data-rel="dialog" data-transition="pop">Login</a>

   </header><!-- /header -->

   <div data-role="content" >    
       <h2>Welcome to Slapp.Me</h2>

       <p>I have an <code>id</code> of "one" on my page container. I'm first in the source order so I'm shown when the page loads.</p>    

   </div><!-- /content -->

   <div data-role="footer" data-theme="d">
       <h4>Slapp.Me © 2012</h4>
   </div><!-- /footer -->
</div><!-- /page one -->



<!-- Start of third page: #register -->
<div data-role="page" id="register">

   <div data-role="header" data-theme="e">
       <h1>Register</h1>
   </div><!-- /header -->

   <div data-role="content" data-theme="d">    
       <h2>Register to Slapp.Me</h2>
       <div data-role="fieldcontain">
       <form id="registration" name="form1" method="post" action="http://m.slapp.Me/register-script.php">
           <label for="rsUser">Username:</label>
           <input type="text" name="rsUser" id="rsUser" value=""  />
           <br />
           <label for="rsPass">Password:</label>
           <input type="password" name="rsPass" id="rsPass" value=""  />
           <br />
           <label for="rsEmail">Email:</label>
           <input type="text" name="rsEmail" id="rsEmail" value=""  />
           <br />
           <input type="hidden" id="DateJoined" name="DateJoined" tabindex="5" value="<?php echo date("Y-m-d"); ?>" />
           <br />
           <button value="submit-value" name="submit" data-theme="b" type="submit" class="ui-btn-hidden" aria-disabled="false">Register</button>
       </form>
       </div>        
   </div><!-- /content -->

   <div data-role="footer">
       <h4>Page Footer</h4>
   </div><!-- /footer -->
</div><!-- /page popup -->

<!-- Start of third page: #login -->
<div data-role="page" id="login">

   <div data-role="header" data-theme="e">
       <h1>Login</h1>
   </div><!-- /header -->

   <div data-role="content" data-theme="d">    
       <h2>Login to Slapp.Me</h2>
       <div data-role="fieldcontain">
       <form id="login" name="form1" method="post" action="checklogin.php">
   <h1>Login</h1>
    <input id="rsUser" name="rsUser" type="text" placeholder="Username" autofocus required>
    <br />
    <input id="rsPass" name="rsPass" type="password" placeholder="Password" required>
    <br />
    <input type="submit" id="submit" value="Log in">
    <a href="#register" title="Register to Slapp.Me" data-rel="dialog" data-transition="pop">Register</a>
</form>

       </div>        
   </div><!-- /content -->

   <div data-role="footer">
       <h4>Page Footer</h4>
   </div><!-- /footer -->
</div><!-- /page popup -->

</body>
</html>

[MDCode]

Turn error reporting on

[jarv]

error reporting is turned on

[MDCode]

Well. I'm not too sure what error "undefined" means, unless you are setting it to die with undefined

[Adam]

"undefined" sounds like a Javascript error. I'm guessing you have some JS logic bound the form submit event that isn't working correctly and passing "undefined" in the request, instead of the input value you're expecting.