ianhaney Posted December 2, 2015 Share Posted December 2, 2015 Hi I have created a registration php file script and works perfect but can't work out the login script issue I am having Below is the errors I get Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/sites/it-doneright.co.uk/public_html/affiliate-login.php:149) in /home/sites/it-doneright.co.uk/public_html/affiliate-login.php on line 152Warning: Cannot modify header information - headers already sent by (output started at /home/sites/it-doneright.co.uk/public_html/affiliate-login.php:149) in /home/sites/it-doneright.co.uk/public_html/affiliate-login.php on line 153Notice: Undefined index: mail in /home/sites/it-doneright.co.uk/public_html/affiliate-login.php on line 155Notice: Undefined index: pass in /home/sites/it-doneright.co.uk/public_html/affiliate-login.php on line 156 Below is the coding I have <form method="POST" action="affiliate-login.php" class="signup"> <table> <tr> <td> <td colspan="3"> <strong>Affiliate Login</strong> </td> </tr> <tr> <td width="78">E-Mail</td> <td width="6">:</td> <td width="294"><input size="25" name="mail" type="text" placeholder="Your Email Address"></td> </tr> <tr> <td>Password</td><td>:</td> <td><input name="pass" size="25" type="password" placeholder="Your Password"></td> </tr> <tr> <td></td> <td></td> <td><input type="submit" name="Submit" value="Login" id="submit" ></td> </tr> </table> <? session_start(); if($_SESSION['user']!=''){header("Location:affiliate-profile.php");} $dbh=new PDO('mysql:dbname=dbname;host=localhost', 'dbusername', 'dbpassword');/*Change The Credentials to connect to database.*/ $email=$_POST['mail']; $password=$_POST['pass']; if(isset($_POST) && $email!='' && $password!=''){ $sql=$dbh->prepare("SELECT id,password,psalt FROM tablename WHERE username=?"); $sql->execute(array($email)); while($r=$sql->fetch()){ $p=$r['password']; $p_salt=$r['psalt']; $id=$r['id']; } $site_salt="subinsblogsalt";/*Common Salt used for password storing on site. You can't change it. If you want to change it, change it when you register a user.*/ $salted_hash = hash('sha256',$password.$site_salt.$p_salt); if($p==$salted_hash){ $_SESSION['user']=$id; header("Location:affiliate-profile.php"); }else{ echo "<h2>Username/Password is Incorrect.</h2>"; } } ?> </form> Just can't work the issue out, the page just loads back to the affiliate-login.php page again instead of logging in and going to affiliate-profile.php page Quote Link to comment https://forums.phpfreaks.com/topic/299620-php-login-issue/ Share on other sites More sharing options...
Solution Barand Posted December 2, 2015 Solution Share Posted December 2, 2015 session_start() needs be called before any output is sent to the browser. You are currently sending the form fields first. Move the php code above the form code. You are attempting to use the content of $_POST['mail'] and $_POST['pass'] before you check if any data was POSTed. You only retrieve a single record with the query, so why is there a while() loop? When you use header() to redirect, there should be an exit; command following it to prevent the rest of the script from being executed. Use password_hash() and password_verify() Quote Link to comment https://forums.phpfreaks.com/topic/299620-php-login-issue/#findComment-1527430 Share on other sites More sharing options...
cyberRobot Posted December 2, 2015 Share Posted December 2, 2015 session_start() needs to be called before anything is outputted to the screen. Note that there is a bunch of HTML being displayed to the screen before you call the function. Quote Link to comment https://forums.phpfreaks.com/topic/299620-php-login-issue/#findComment-1527431 Share on other sites More sharing options...
ianhaney Posted December 2, 2015 Author Share Posted December 2, 2015 Thank you appreciate it, is all ok now Just got one more little issue now I have logged in but want to redirect the user to affiliate-profile.php?id=theiridnumber but I can't get the id number from the database to display within the url Quote Link to comment https://forums.phpfreaks.com/topic/299620-php-login-issue/#findComment-1527432 Share on other sites More sharing options...
SalientAnimal Posted December 2, 2015 Share Posted December 2, 2015 You need to grab the user's id from your session data and add it to your url. It appears as if you are assigning the user to the id variable, instead of assigning the id variable to id. affiliate-profile.php?id=$id Quote Link to comment https://forums.phpfreaks.com/topic/299620-php-login-issue/#findComment-1527434 Share on other sites More sharing options...
ianhaney Posted December 2, 2015 Author Share Posted December 2, 2015 Sorry my fault, I spotted that shortly after and is perfect now Quote Link to comment https://forums.phpfreaks.com/topic/299620-php-login-issue/#findComment-1527435 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.