alphasil Posted January 17, 2015 Share Posted January 17, 2015 Hi I'm getting this error but i'm sure the file is there, this is my code where i'm having this problem elseif($_POST["page"] == "users_login") { $user_utilizador = trim(strip_tags($_POST['email'])); $user_password = trim(strip_tags($_POST['passwd'])); $encrypted_md5_password = md5($user_password); $validate_user_information = mysql_query("select * from `utilizador` where `utilizador` = '".mysql_real_escape_string($user_utilizador)."' and `password` = '".mysql_real_escape_string($encrypted_md5_password)."'"); echo $validate_user_information; if(mysql_num_rows($validate_user_information) == 1) { $get_user_information = mysql_fetch_array($validate_user_information); $_SESSION["VALID_USER_ID"] = $user_utilizador; $_SESSION["USER_FULLNAME"] = strip_tags($get_user_information["nome"]); echo 'index.php?uid='.$_SESSION["USER_FULLNAME"].'&'; echo 'login_process_completed_successfully=yes'; } else { echo '<br><div class="info">Desculpe, a informação fornecida está errada. Corrije-a por favor. Obrigado.</div><br>'; } } So after the login process it should open the index.php I have try with header(Location: index,php) and the details are displayed in the same page as the login... any help please? Thanks Quote Link to comment https://forums.phpfreaks.com/topic/294012-404-error-after-login/ Share on other sites More sharing options...
ginerjm Posted January 17, 2015 Share Posted January 17, 2015 Do you have php error checking turned on (my sign.)? It might tell you that your header was rejected. An echo of the url is not going to do anything for you. Quote Link to comment https://forums.phpfreaks.com/topic/294012-404-error-after-login/#findComment-1503256 Share on other sites More sharing options...
alphasil Posted January 17, 2015 Author Share Posted January 17, 2015 Thank you for your help Yes i have error display but there is error right now, i don't have the 404 error but another issue I put the header and now the login page and the index page are displayed at same time after login. Why the login page not close? elseif($_POST["page"] == "users_login") { $user_utilizador = trim(strip_tags($_POST['email'])); $user_password = trim(strip_tags($_POST['passwd'])); $encrypted_md5_password = md5($user_password); $validate_user_information = mysql_query("select * from `utilizador` where `utilizador` = '".mysql_real_escape_string($user_utilizador)."' and `password` = '".mysql_real_escape_string($encrypted_md5_password)."'"); if(mysql_num_rows($validate_user_information) == 1) { $get_user_information = mysql_fetch_array($validate_user_information); $user_nome = $get_user_information["nome"]; $_SESSION["VALID_USER_ID"] = $user_utilizador; $_SESSION["USER_FULLNAME"] = $user_nome; header("Location: index.php"); } else { echo '<br><div class="info">Desculpe, a informação fornecida está errada. Corrije-a por favor. Obrigado.</div><br>'; } } Quote Link to comment https://forums.phpfreaks.com/topic/294012-404-error-after-login/#findComment-1503258 Share on other sites More sharing options...
boompa Posted January 17, 2015 Share Posted January 17, 2015 (edited) You should place a exit() call immediately after header(), otherwise the rest of the script continues processing. Also, md5 is not encryption, nor is it safe. Please read this: http://jeremykendall.net/2014/01/04/php-password-hashing-a-dead-simple-implementation/ And you should not be using the mysql functions -- they will being going away in a future version of PHP -- but rather using mysqli or PDO along with prepared statements. Edited January 17, 2015 by boompa Quote Link to comment https://forums.phpfreaks.com/topic/294012-404-error-after-login/#findComment-1503265 Share on other sites More sharing options...
alphasil Posted January 17, 2015 Author Share Posted January 17, 2015 Thank you Done...about the md5 right now i leave it this way...it is just a test. Thanks Quote Link to comment https://forums.phpfreaks.com/topic/294012-404-error-after-login/#findComment-1503272 Share on other sites More sharing options...
ginerjm Posted January 17, 2015 Share Posted January 17, 2015 Why would you apply a function to your hashed password value? Makes no sense. Quote Link to comment https://forums.phpfreaks.com/topic/294012-404-error-after-login/#findComment-1503275 Share on other sites More sharing options...
Masonh928 Posted January 17, 2015 Share Posted January 17, 2015 Also, might consider using a different hashing method. Md5() so outdated and EXTREMELY vulnerable. Quote Link to comment https://forums.phpfreaks.com/topic/294012-404-error-after-login/#findComment-1503278 Share on other sites More sharing options...
alphasil Posted January 18, 2015 Author Share Posted January 18, 2015 Yes i know that but it just a small webite to my school, just to put some records about activities. Many thanks to all Quote Link to comment https://forums.phpfreaks.com/topic/294012-404-error-after-login/#findComment-1503317 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.