login form question

[amylou]

i have a login form and that works but it does not bring me to where i need to go, i don't get an error when submitting the form, i just get a blank page,here is the code for the login and the page after. any help will be great.

 

 

<head>
<title>Supervisor Log In</title>

<link href="basic.css" rel="stylesheet" type="text/css" />
<link href= "detail.css" rel="stylesheet" type="text/css" />
<link href="links.css" rel="stylesheet" type="text/css"/>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

</head>
<body>
<table border= '0' width= '700'><tr>
<td colspan= '2' align= 'center'> </td></tr>
<tr>
  <td colspan= '2' align= 'center'><b>Supervisor Login</b></td>
  </tr>
  <tr><td colspan= '2' align= 'center'> </td></tr>
  <form name='form1' method='post' action='administration2.php'>
  <tr>
  <td colspan= '2' align= 'center'><b>Enter username and password</b></td>
  </tr>
  <tr>
  <td width= '250' align='right'>User Name:</td>
  <td>
    <input type= 'text' name= 'userID' maxlength= '25'>
	</td>
	</tr>
	<tr>
	  <td width= '250' align='right'>Password:</td>
  <td>
    <input type= 'password' name= 'password' maxlength= '25'>
	</td>
	</tr>
	<tr><td colspan= '2' align= 'center'> </td></tr>
	<tr>
	 <td colspan= '2'>
	 <center>
	    <input type= 'hidden' name='action' value= 'submitted'>
		<input type = "submit" name = "submit" value="LOGIN!!!!">
		</center>
		</td>
		</tr></form>
		</table>

 

<?php
session_name();
session_start();
include'mysqlconnectectsitel.inc.php';
?>
<html>
<head>
<title>Administration</title>
<link href= "basic.css" rel= "stylesheet" type= "text/css" />
<link href= "detail.css" rel= "stylesheet" type= "text/css" />
<link href= "links.css" rel= "stylesheet" type= "text/css"/>
</head>
<body>

<?php
$userID = $_SESSION['idnumber'];


if(isset($_POST['action']))
{
$actions= $_POST['action'];
}
else
{
$actions="";
}

if ( $actions != 'submitted' && !(session_is_registered('userID')) )
{
include ( "${_SERVER['DOCUMENT_ROOT']}/login2.php" );
}
else
{
if(!(session_is_registered('userID')))
{
	// User is loging in.
	$userid = $_POST['userID'];
	$password =  $_POST['password'];

	if(empty($password)) {die("Empty Password.Please <a href='administration2.php'> Click here </a> to login in again.");}

	//query the database for the specified user and extract the cooresponding password

	$sqlquery = "SELECT * FROM login WHERE username= '$userID' ";

	$queryresult= mysql_query($sqlquery) or die("User not found. Please <a href='administration2.php'> Click here </a> to login in again.");
	$rowcount = mysql_num_rows($queryresult);
	if ($rowcount== 0) {die("User not found. Please <a href='administration2.php'> Click here </a> to login in again.");}

	$info = (mysql_fetch_row($queryresult)); 

	$userID = $info[0];
	$username_in_db = $info[1];
	$password_in_db = $info[2];


	if(!(md5($password) ==$password_in_db){die("Invalid password. Please <a href='administration2.php'> Click here </a> to login in again.");}

	//register session variables
	session_register('userID');
	//add to the session superglobal arrary
	$_SESSION['userID']=$userID;
	$_SESSION['isusername']=$isusername_in_db;
	//$_SESSION['isUserAdmin']=$isUserAdmin_in_db;

	if(!(session_is_registered('userID')))
	{
		session_unset();
		session_destroy();
		die("Login unsuccessful. Please <a href='administration2.php'> Click here </a> to try in again.");


	}

}
include ("TimeOff.php");



$actions="";
}
?>
</body></html>		

[lemmin]

Assuming the second code block you posted is administration2.php, There isn't any html or output on success on that page, that I can see. Unless you are expecting output from your include files, it should display a white page. Echo some stuff out or redirect to another page after the main code is done.

[amylou]

yes the second code is the administration2.php. I thought that by having the include("TimeOff.php") would bring me to the page i was looking for.