[SOLVED] Login-Redirect

[fotohead]

Hi all,

 

I was wondering if someone would be able to help me with a problem. I am not a programmer by any means, so please excuse me if I do not really seem to make sense!  Anyway, I'll start the ball rolling and see where it ends up.

 

I have installed the wonderful Login-Redirect script from http://www.mpdolan.com/downloads.htm.  Everything was going along beautifully until one day I tried to log in and all I saw was a blank screen displaying the following:

 

no_access; if ($username == $banned || $REMOTE_ADDR == $banned) { include ('banned.html'); exit; } } $last_log = last_login(); //updates table with last log as now $sql = "UPDATE $table_name SET last_login = '$last_log' WHERE username = '$_SESSION[user_name]'"; $result = @mysql_query($sql,$connection) or die(mysql_error()); if (($_SESSION[redirect] != "$base_dir/errorlogin.html") && ($log_login == "1")) { include('loglogin.php'); } //redirects the user header("Location:$_SESSION[redirect]"); ?>

 

The page responsible is "redirect.php" and is shown here:

 

<?

//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();

session_start();

//clear session variables
session_unset();


//require the functions file
require ("config.php");
require ("functions.php");

//check to see if cookies are already set, remember me
if ((!$lr_user) || (!$lr_pass))
{

$username = $_POST[username];
$password = $_POST[password];

}else{

$username = $lr_user;
$password = $lr_pass;

}

//if username or password is blank, send to errorlogin.html
if ((!$username) || (!$password)) 
{

header("Location:$base_dir/errorlogin.html");
exit;
}

//sets cookies to remember this computer if the user asks to
if ($_POST[remember] == "Yes")
{
setcookie("lr_user", $username, $duration, "/", $domain);
setcookie("lr_pass", $password, $duration, "/", $domain);
}

if ($_POST[activate] == "Yes")
{
	//make the connection to the database
	$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
	$db = @mysql_select_db($db_name,$connection)or die(mysql_error());

	//build and issue the query
	$sql ="UPDATE $table_name SET verified = '1' WHERE username = '$_POST[username]'";
	$result = @mysql_query($sql,$connection) or die(mysql_error());
}

//sets session variables
sess_vars($base_dir, $server, $dbusername, $dbpassword, $db_name, $table_name, $username, $password);

//check to see if the user has to change their password
if ($_SESSION[pchange] == "1")
{
$_SESSION[redirect] = "$base_dir/pass_change.html";
}

//check to see if the user has activated the account
if ($_SESSION[verified] == "0")
{
$_SESSION[redirect] = "$base_dir/not_activated.html";
}

//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());

//build and issue the query
$sql ="SELECT * FROM banned";
$result = @mysql_query($sql,$connection) or die(mysql_error());

while ($sql = mysql_fetch_object($result)) 
{
$banned = $sql -> no_access;
if ($username == $banned || $REMOTE_ADDR == $banned)
	{
		include ('banned.html');
		exit;
	}
}

$last_log = last_login();

//updates table with last log as now
$sql = "UPDATE $table_name SET last_login = '$last_log' WHERE username = '$_SESSION[user_name]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());

if (($_SESSION[redirect] != "$base_dir/errorlogin.html") && ($log_login == "1"))
{
include('loglogin.php');
}

//redirects the user	
header("Location:$_SESSION[redirect]");

?>

<head><title>Redirect</title></head>

 

I have searched high and low for a solution, and although I dont really know what I am looking for I think it has something to do with a recent upgrade in my ISP's mysql software.  Could that be it? They are currently running v5.0.45.

 

If it's not that - I suppose it has to be some kind of syntax error - maybe an extra blank space somewhere??.............

 

Anyway - I'm stuck. ???  Any help with this would be greatly appreciated.  I just want to e able to access my login areas again!

 

Cheers, John.

[revraz]

Well the problem is right here

 

while ($sql = mysql_fetch_object($result)) 
{
$banned = $sql -> no_access;
if ($username == $banned || $REMOTE_ADDR == $banned)
	{
		include ('banned.html');
		exit;
	}
}

 

But honestly, I can't see why.  Go to your banned table and see if anything looks odd inside there.

[fotohead]

Thanks for the reply...

 

What do you mean by "Go to your banned table and see if anything looks odd inside there."  What am I looking for - as I said, I am very new to PHP and totally new to mysql, so I need things dumbed down a little...

 

Thanks again, John.

[fotohead]

Any takers?

[stelthius]

i think he basicly means double check you havent some how banned your self ? i dunno just a guess

[fotohead]

I have had a snoop around using phpMyAdmin (not that I really know what I am doing) but do not see anything in the banned table.  I dont think it is anything like that - I have just installed a completely fresh version in another directory and I am getting the same problem, which leads me to believe it must be mysql or server related and not the fault of the script itself.

 

Am I barking up the right tree, or just barking mad?

 

 

[revraz]

is there a no_access fieldname in your banned table?

[fotohead]

yes!

 

[fotohead]

There is a warning stating "No index defined" in all four tables (authorize, banned. log_login, and trash). Is this OK?

[fotohead]

Is there anybody able to help with this problem??....

[fotohead]

Righto - problem solved thanks to Damian at Webmatrix.com.au (yes, he IS a legend...)

 

The issue was actually in the .htaccess file within the login folder.

 

There was a setting in there for : php_value short_open_tag Off.

 

Which means the tag <? was disabled and I had to use <?php as the starting tag for php.

 

Thanks to revraz and stelthius for your help.