cooldude832 Posted July 26, 2007 Share Posted July 26, 2007 I have built a login script and for some strange reason its forcing me to login twice. Not saying the user/pass is wrong first time, it moves the headers fine, it just show the old page with the login any ideas? here is some relative code: protected.php <?php <?php session_start(); if (!empty($_SESSION['loggedon'])) { $view = "login"; } function selfURL() { $s = empty($_SERVER["HTTPS"]) ? '' : ($_SERVER["HTTPS"] == "on") ? "s" : ""; $protocol = strleft(strtolower($_SERVER["SERVER_PROTOCOL"]), "/").$s; $port = ($_SERVER["SERVER_PORT"] == "80") ? "" : (":".$_SERVER["SERVER_PORT"]); return $protocol."://".$_SERVER['SERVER_NAME'].$port.$_SERVER['REQUEST_URI']; } function strleft($s1, $s2) { return substr($s1, 0, strpos($s1, $s2)); } $url = selfURL(); //down the doc if ($view == "login") { echo "Welcome: ".$firstname." (".$username.")<br /> <ul class='account_links'> <li><a href='user_update.php' alt='update user data'>Update User Information</a></li> <li><a href='user_account.php' alt='account management'>Account Manager</a></li> <li><a href='placead_form.php' alt='place an ad'>Place an Ad</a></li> <li><a href='logout.php?url=".$url."' alt='logout'>Logout</a></li> </ul><br />"; } else { include("login.html"); } ?> this is my login script login.php <?php <?php $start = session_start(); $ob = ob_start(); // Recreation of variables for later encryption uses the $_POST will be replaced with the decrypted source $username = trim($_POST['username']); $password = trim($_POST['password']); $cryptpassword = md5($password); $url = trim($_POST['url']); //Connects to DB require("includes/mysql_include.php"); $table = "users"; $sql="SELECT * FROM $table WHERE Username='$username' and Password='$cryptpassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); $storage= mysql_fetch_array($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1) { // Register $myusername, $mypassword and redirect to file "login_success.php" $_SESSION['loggedon'] = "yes"; $_SESSION['user'] = $username; $_SESSION['firstname'] = $storage['Firstname']; header("location: $url"); } else { echo "Wrong Username or Password"; } ?> any help be great thanks Couple extra notes: if you logout and relogin you only need enter login data once, logout loggsout fine and i've tried refreshing the page after logging in once no good Link to comment https://forums.phpfreaks.com/topic/61895-solved-login-script-forcing-me-to-login-twice/ Share on other sites More sharing options...
micah1701 Posted July 26, 2007 Share Posted July 26, 2007 going out on a limb here but... why do you have $start = session_start(); why not just call session_start(); at the start of the page? I haven't looked through all your code so i don't know if this is relevant but I might guess that the first time you submit the page, it hasn't started the session yet. On reload, the sessios has now been started/continued and it works fine. Would explain why it works after logging out too -- because the session is already working Link to comment https://forums.phpfreaks.com/topic/61895-solved-login-script-forcing-me-to-login-twice/#findComment-308220 Share on other sites More sharing options...
cooldude832 Posted July 26, 2007 Author Share Posted July 26, 2007 no good, yeah i've tried variations of refreshing and so forth, but i'm clueless on this, oh well i'll deal with it Link to comment https://forums.phpfreaks.com/topic/61895-solved-login-script-forcing-me-to-login-twice/#findComment-308223 Share on other sites More sharing options...
dewey_witt Posted July 26, 2007 Share Posted July 26, 2007 What is the need for the trim function in $username? Try removing it. Maybe that will work. Link to comment https://forums.phpfreaks.com/topic/61895-solved-login-script-forcing-me-to-login-twice/#findComment-308339 Share on other sites More sharing options...
ericamcampbell Posted July 26, 2007 Share Posted July 26, 2007 Try something like this - you will have two files one with the login interface & then the php... the action calls the script... LOGIN: <table> <form method="POST" action="login.php"> <tr><td align="center" class="header">Employee Login</td></tr> <tr><td>Username: <input type="text" name="username" size="18" maxlength="50"/></td></tr> <tr><td>Password: <input type="password" name="password" size="18" maxlength="50" /></td></tr> <tr><td align="center"> <input type="submit" value="submit" name="login" /> <input type="reset" value="clear" name="clear" /></td></tr> </form> </table> SCRIPT: <?php //check that the user is calling the page from the login form and not accessing it directly //and redirect back to the login form if necessary if (!isset($_POST['username']) || !isset($_POST['password'])) { header( "Location: index.shtml" ); exit(); } //check that the form fields are not empty, and redirect back to the login page if they are elseif (empty($_POST['username']) || empty($_POST['password'])) { header( "Location: index.shtml" ); exit(); } else{ //Connect to MySQL $db = mysql_connect('localhost', 'root', 'pswd') or die ("Error Connecting to MySQL: " . mysql_error()); //Connect to DB mysql_select_db("transport", $db) or die ('<font color="red"><h1>Could not select the database: </h1></font>' . mysql_error()); //Check for connection If ($db) { echo 'Connected to Database: '; echo $db . "<br />"; } else { echo'<font color="red"><h1>Cannot connect to MySQL Database.</h1></font>'; header("Refresh: 2; URL=index.shtml"); } //add slashes to the username and md5() the password $user = addslashes($_POST['username']); $pass = md5($_POST['password']); //Query database $result = mysql_query("SELECT * FROM transport.users WHERE username='$user' AND password='$pass'", $db) or die ('<font color="red"><h1>Could not select the database: </h1></font>' . mysql_error()); //check that at least one row was returned $rowCheck = mysql_num_rows($result); echo "Returned " . $rowCheck . " number of rows.<br />"; if($rowCheck > 0){ while($row = mysql_fetch_array($result)){ //clear any old sessions if (isset($_SESSION['username']) || isset($_SESSION['password'])){ session_unset(); session_destroy(); $_SESSION['username'] = NULL; $_SESSION['password'] = NULL; unset($_SESSION['username']); unset($_SESSION['password']); } //start the session and register a variable session_start(); $_SESSION['username'] = $user; $_SESSION['password'] = $pass; if (isset($_SESSION['username']) ) { echo "Session started: " . $_SESSION['username'] . '<br />'; } //logged in redirect to internal site header("Refresh: 2; URL=internal.shtml"); echo '<font color="red"><h1>Thank you, ' . $user . ' you are successfully logged in.</h1></font><br />'; } } else { header("Refresh: 2; URL=index.shtml"); //if nothing is returned by the query, unsuccessful login code goes here... echo ('<font color="red"><h1>Incorrect login name or password.</h1></font>'); exit(); } } ?> Link to comment https://forums.phpfreaks.com/topic/61895-solved-login-script-forcing-me-to-login-twice/#findComment-308363 Share on other sites More sharing options...
cooldude832 Posted July 26, 2007 Author Share Posted July 26, 2007 I figured it out my issue was in my url phrasing the url i had for the redirect was an issue and isolved it Link to comment https://forums.phpfreaks.com/topic/61895-solved-login-script-forcing-me-to-login-twice/#findComment-308447 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.