Page is a not externally linkable
- Code, Content, and Presentation
-- PHP Server Side Scripting
---- http referer and php header

Mr_Cat - 7:07 pm on Feb 10, 2012 (gmt 0)


Ok, here it is, still not working, grrr.

new verify -


// let's call the database connection

// done

session_start();

$user_check = $_SESSION['login_user'];
$_SESSION['referer'] = $_SERVER['HTTP_REFERER'];

$ses_query = mysql_query("SELECT member_name, member_ID, member_email FROM members WHERE member_name = '$user_check' ");

$row = mysql_fetch_array($ses_query);

$member_name = $row['member_name'];
$member_ID = $row['member_ID'];
$member_email = $row['member_email'];

if(!isset($member_name))
{
header("Location: http://www.website.com/login/login.php");
}

// they're safe
?>

now the new login -


<?php

// let's call the database connection

// done

session_start();

if($_SERVER["REQUEST_METHOD"] == "POST"){

// username and password sent from Form

$myusername = addslashes($_POST['username']);
$mypassword = addslashes($_POST['password']);

$query = "SELECT member_ID FROM members WHERE member_name = '$myusername' and member_pw = '$mypassword'";
$result = mysql_query($query);
$row = mysql_fetch_array($result);

$count = mysql_num_rows($result);
$member_ID = $row['member_ID'];


// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
session_register("myusername");
$_SESSION['login_user'] = $myusername;


header("location: " . $_SESSION['referer']);
} // end if
else{

$error = "Your Login Name or Password is invalid";
} // end else
} // end if

?>

// login form here

What does this code do? It sends me to the base directory list of website.com/login (don't even talk to me about security yet please :)

...but I don't know why?

Also tried:


if($count==1){
session_register("myusername");
$_SESSION['login_user'] = $myusername;
$_SESSION['referer'] = $_SERVER['HTTP_REFERER'];

header("location: " . $_SESSION['referer']);

...which just reproduces the login script/form/page every time even with correct details entered several times.

This is really frustrating me because the whole system is rubbish without that tiny tweak. I know it'll be something small I'll kick myself about later but what the .. is it?

Thread source:: http://www.webmasterworld.com/php/4416217.htm
Brought to you by WebmasterWorld: http://www.webmasterworld.com