Redirect

[unidox]

Well, I have been working on a cms, and I got the login and main admin page working, so what I am trying to do is make it so if your not logged it, it redirects you to the login page. But the problem is once it gets to the login page, it continues to redirect from the login page to the login page, so its nonstop. How can I fix this...

 

login.php:

 

<?php
$page = "login";
require_once ("inc/db.inc.php");
require_once ("inc/func2.inc.php");
require_once ("req/login.inc.php");
if ($_REQUEST['m']) {
	if ($_REQUEST['m'] == "1") {
		$loginpass = 		$_POST['login_pass'];
		$password = 		md5($loginpass);
		$loginname = 		$_POST['login_name'];
		$checkrows = 		mysql_query ("SELECT * FROM cp_users WHERE username='$loginname' && password='$password'") or die (mysql_error());
		$rowcount = 		mysql_num_rows ($checkrows);
		if ($rowcount == "0") {
				showError("User/Login Error");
				exit;
		}
		if ($rowcount != "0") {
			header ("Location: index.php?page=admin");
			$time = 		date("h:i:a");
			$date = 		date("m/d/Y");
			$last_logged = 	$time . "\n(" . $date . ")";
			$ip = 			getenv ("REMOTE_ADDR");
			MYSQL_QUERY("UPDATE cp_users SET last_logged='$last_logged', cur_ip='$ip' WHERE username='$loginname'") or die (mysql_error());
			while ($mysql=mysql_fetch_array($checkrows)) {
				setcookie("access", $mysql[access],time()+60*60*24*30);
			}
			setcookie ("uniqueid",$loginname,time()+60*60*24*30);
			exit;
		} 
	}		
	elseif ($_REQUEST['m'] == "2") {
		header ("Location: index.php?page=login");
		setcookie ("uniqueid");
		setcookie ("access");
		exit;
	}
}
else {
	if ($_COOKIE['uniqueid'] == "") {
		$checkfields = "login_name&login_pass";
		$errors = "Enter a username&Enter a password!";
		$titles = "Username:&Password:";
		$fields = "login_name&login_pass";
		$type = "text&password";
		$size = "30&30";
		$maxlength = "25&25";
		createJSValid($checkfields,$errors);
		createForm($titles,$fields,$type,$size,$maxlength,'1','','','','1');

	}
	else {
		showError("You are already logged in, <a href=\"" . $_SERVER['PHP_SELF'] . "?page=login&m=2\">logout?</a>");
	}
}
?>

 

Part of the func2.inc.php:

 

<?php
require_once 'config.inc.php';

$islogged = preg_match("/index.php?page=login/", $_SERVER['PHP_SELF']);
if ($islogged == "0") {
	if ($_COOKIE['uniqueid'] == "") {
		header ("Location: index.php?page=login");
		exit;
	}
}


if ((!$_REQUEST['method']) || (!$_COOKIE['uniqueid'])) {
	$access = $_COOKIE['access'];
	if (array_search($page,$levels)) {
		if ($access > $levels[$page]) {
			echo $access . $levels[$page];
			//showError('You do not have access to this page.');
			exit;
		}
	}
}

 

How can I fix this?

[phat_hip_prog]

Pass a $_GET var as a flag? (Simple workaround)

 

[dbo]

Well you're telling it to redirect to the login page... then by including func2... you're again telling it to redirect to the login page... and this cycle obviously continues forever. You're going to have to rethink your approach. Maybe look at a variable that says... have I been here before and if the answer is yes don't do the redirect again... but reset the variable to false so that if they go somewhere else it'll work again.

[thedarkwinter]

maybe do a

 

<?php
//...

if (basename($_SERVER['SCRIPT_NAME']) != "login.php") { header ("Location: index.php?page=login"); }

 

??

[SharkBait]

I would also do all of your updates prior to redirecting the user. I dont know if it matters but just makes a bit more sense to me