unidox Posted July 19, 2007 Share Posted July 19, 2007 Well, I have been working on a cms, and I got the login and main admin page working, so what I am trying to do is make it so if your not logged it, it redirects you to the login page. But the problem is once it gets to the login page, it continues to redirect from the login page to the login page, so its nonstop. How can I fix this... login.php: <?php $page = "login"; require_once ("inc/db.inc.php"); require_once ("inc/func2.inc.php"); require_once ("req/login.inc.php"); if ($_REQUEST['m']) { if ($_REQUEST['m'] == "1") { $loginpass = $_POST['login_pass']; $password = md5($loginpass); $loginname = $_POST['login_name']; $checkrows = mysql_query ("SELECT * FROM cp_users WHERE username='$loginname' && password='$password'") or die (mysql_error()); $rowcount = mysql_num_rows ($checkrows); if ($rowcount == "0") { showError("User/Login Error"); exit; } if ($rowcount != "0") { header ("Location: index.php?page=admin"); $time = date("h:i:a"); $date = date("m/d/Y"); $last_logged = $time . "\n(" . $date . ")"; $ip = getenv ("REMOTE_ADDR"); MYSQL_QUERY("UPDATE cp_users SET last_logged='$last_logged', cur_ip='$ip' WHERE username='$loginname'") or die (mysql_error()); while ($mysql=mysql_fetch_array($checkrows)) { setcookie("access", $mysql[access],time()+60*60*24*30); } setcookie ("uniqueid",$loginname,time()+60*60*24*30); exit; } } elseif ($_REQUEST['m'] == "2") { header ("Location: index.php?page=login"); setcookie ("uniqueid"); setcookie ("access"); exit; } } else { if ($_COOKIE['uniqueid'] == "") { $checkfields = "login_name&login_pass"; $errors = "Enter a username&Enter a password!"; $titles = "Username:&Password:"; $fields = "login_name&login_pass"; $type = "text&password"; $size = "30&30"; $maxlength = "25&25"; createJSValid($checkfields,$errors); createForm($titles,$fields,$type,$size,$maxlength,'1','','','','1'); } else { showError("You are already logged in, <a href=\"" . $_SERVER['PHP_SELF'] . "?page=login&m=2\">logout?</a>"); } } ?> Part of the func2.inc.php: <?php require_once 'config.inc.php'; $islogged = preg_match("/index.php?page=login/", $_SERVER['PHP_SELF']); if ($islogged == "0") { if ($_COOKIE['uniqueid'] == "") { header ("Location: index.php?page=login"); exit; } } if ((!$_REQUEST['method']) || (!$_COOKIE['uniqueid'])) { $access = $_COOKIE['access']; if (array_search($page,$levels)) { if ($access > $levels[$page]) { echo $access . $levels[$page]; //showError('You do not have access to this page.'); exit; } } } How can I fix this? Quote Link to comment Share on other sites More sharing options...
phat_hip_prog Posted July 19, 2007 Share Posted July 19, 2007 Pass a $_GET var as a flag? (Simple workaround) Quote Link to comment Share on other sites More sharing options...
dbo Posted July 19, 2007 Share Posted July 19, 2007 Well you're telling it to redirect to the login page... then by including func2... you're again telling it to redirect to the login page... and this cycle obviously continues forever. You're going to have to rethink your approach. Maybe look at a variable that says... have I been here before and if the answer is yes don't do the redirect again... but reset the variable to false so that if they go somewhere else it'll work again. Quote Link to comment Share on other sites More sharing options...
thedarkwinter Posted July 19, 2007 Share Posted July 19, 2007 maybe do a <?php //... if (basename($_SERVER['SCRIPT_NAME']) != "login.php") { header ("Location: index.php?page=login"); } ?? Quote Link to comment Share on other sites More sharing options...
SharkBait Posted July 19, 2007 Share Posted July 19, 2007 I would also do all of your updates prior to redirecting the user. I dont know if it matters but just makes a bit more sense to me Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.