Login Form Woes

[k_stewart]

Just a heads up - this is my first PHP project, so I literally have little to no idea what I'm doing. For some reason, this script keeps returning me to the main login page, which it should only do if the session is not registered. Everything was working absolutely fine until I tried adding in a portion that would forward a specific user to a specific page. I'm not sure if the scripting is wrong, my testing system is wrong or outdated, etc. According to the phpdev I'm using on my computer, I'm running Apache/1.3.27 <WIN32> PHP/4.2.3.

 

Check Login Script (login and password collected from previous "main login" HTML page):

 

<?php

$host="localhost";
$login=""; 
$password="";
$db_name="thedatabasename";
$tbl_name="thetablename";

mysql_connect("$host", "$login", "$password")or die("We're sorry, but an error occured while attempting to connect. Please try again later.");
mysql_select_db("$db_name")or die("We're sorry, but we could not connect with the requested database. Please try again later.");

$mylogin=$_POST['mylogin'];
$mypassword=$_POST['mypassword'];

$sql="SELECT * FROM $tbl_name WHERE login='$mylogin' and password='$mypassword'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){

// Register $mylogin, $mypassword and redirect to file "login_success.php"
$_SESSION['mylogin'] = $mylogin;
$_SESSION['mypassword'] = md5($mypassword);
header("Location:login_success.php");
}
else {
header("location:incorrect.html");
}

?>

 

Once that script is passed, here is the "login success" page that is called and should forward different users to different pages. If someone tries to access this page unregistered, it should forward them back to the login page. I'm not sure, but I believe this is where my problem lies. No matter what, it's taking me back to the login page:

 

<?php
session_start();

if(isset($_SESSION['mylogin']) && isset($_SESSION['mypassword'])){
$mylogin = $_SESSION['mylogin'];
} else {
// not logged in, so back to login page
header("location:login.html");
}

if ($mylogin == 'john'){
echo "John is logged in.";

header("location:john.html");

} elseif ($mylogin == 'jane'){
echo "Jane is logged in.";

header("location:jane.html");

}

else {
echo "Unable to authenticate user.";
}

?>

 

If anyone has any suggestions as to what might be causing this problem, it would be greatly appreciated. Thanks so much in advance.

[per1os]

Are you sure you have the Case correct?

 

Jane is different than jane. Make sure in the DB you are not using Jane and out in the script you are using a jane. That will always return false as Jane does not equal jane due to the captiol J.

[k_stewart]

Are you sure you have the Case correct?

 

Jane is different than jane. Make sure in the DB you are not using Jane and out in the script you are using a jane. That will always return false as Jane does not equal jane due to the captiol J.

 

Thanks for the suggestion. I checked out the DB and the login names were lowercase. Just in case, I also tried logging in as both names, each with both cases, but to no avail. Actually, I don't even know if that was necessary, but I'm desperate here. Any other possible flaws with the script?

[Malachi Constant]

I don't see a session_start() in the login module.  You still need to start the session before you can assign session variables.  Let us know if that doesn't work.

 

Best.

[k_stewart]

I don't see a session_start() in the login module.  You still need to start the session before you can assign session variables.  Let us know if that doesn't work.

 

Best.

 

Wow. I'm going to go ahead and give you guys my address so you can come over and punch me in the face for missing that. Travel fare is included.

 

Seriously, thanks so much. You got me out of quite a pinch.