1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 4:47 am Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Login script is not redirecting & echoing incorrectly

         

Jamier101

12:28 am on Aug 10, 2011 (gmt 0)

10+ Year Member



I've been working with a login script this evening and have it just about function although two little problems keep popping up, the first is a redirect upon a successful login, I have tried adding a 
header[Location:'owners_area.php']
line instead of a refresh but nothing seems to take. The second error is the fact that a the 'Please enter a username and password!' prompt is appear before the user has done anything.

I have pasted the code below minus all the junky html, the bare bones below should give an idea as to how I've laid the page out.

Login.php 
<?php

//error_reporting(E_ALL|E_STRICT);

session_start();

require_once("connections/connection.php"); // Connection to the server
//include("includes/security.php"); //Link to the security file
?>

<html>
<head>
</head>

<body>
<div id="wrapper">
 <div id="container">
 <div id="header">
 <div id="user_box">
  <?php

if(!isset($_SESSION['username']) || (trim($_SESSION['username']) == ''))
echo "<font color='white'>".'You are not logged in.'."</font>"; 
//header("location: access-denied.php"); 
else
{ 
if(isset($_SESSION['username']) && (!empty($_SESSION['username'])))
echo "<font color='white'>" . 'Logged in as '.$_SESSION['username'] . "</font><br>"; 
echo '<input type="button" name="logout" value="Logout" onclick="document.location.href=\'logout.php\'"/>';
}
?>
 </div>
 </div>
<div id="navigation">
  <ul>
   <li><a href="index.php">Home</a></li>
<li><a href="search_villas.php">Search</a></li>
   </ul>
  </div>
 <div id="spacer_horizontal"></div>
 <div id="left_panel"><img src="images/panel.jpg" width="180" height="790" /></div>
 <div id="centre_panel">
 <center>
<form name="login" method="POST" action="<?php $_SERVER['../PHP_SELP'];?>">
 <table width="20%" border="1" align="center">
 <tr>
  <td bgcolor="#FFFFFF">Username</td>
  <td bgcolor="#FFFFFF"><input type="text" name="username"></td>
 </tr>
     <tr>
      <td bgcolor="#FFFFFF">Password</td>
      <td bgcolor="#FFFFFF"><input type="password" name="password"></td>
     </tr>
     <tr>
      <td bgcolor="#FFFFFF">&nbsp;
     </td>
      <td bgcolor="#FFFFFF"><label>
     <input name="submitted" type="hidden" id="submitted" value="1" />
     <input type="submit" name="button" id="button" value="Login" />
      </label></td>
     </tr>
     </table>
    </form>
   </center>
<?php

$username = $_POST['username'];
$password = $_POST['password'];

if ($username&&$password)

{
//$connect = mysql_connect("localhost","root","password") or die ("Couldn't connect");
mysql_select_db("rentals") or die ("Couldn't find database");

$query = mysql_query("SELECT * FROM users WHERE username='$username'");

$numrows = mysql_num_rows($query);

if ($numrows!=0)
{
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}

// Check to see if they match!
if ($username==$dbusername&&$password==$dbpassword)
{
echo "<META HTTP-EQUIV=Refresh CONTENT='0'>";
$_SESSION['username']=$username;
}
else
echo "Incorrect password!";

}

else
die ("The user does not exist!");

}
else
die ("Please enter a username and password!");


?>
 </div>
</div>
</body>
</html>

lostdreamer

7:52 am on Aug 10, 2011 (gmt 0)

10+ Year Member



OK, for problem 1:
You can not use 'HEADER()' after output has started... You'll have to edit your code accordingly


For problem 2: 

if ($username&&$password)
 ....
 ....
else
 die ("Please enter a username and password!");


It seems to do exactly what you want, if there is no username / password, tell the user, I suggest to just remove it, since the average user knows that a login form means they need to insert a username / password ;)

Jamier101

9:58 am on Aug 10, 2011 (gmt 0)

10+ Year Member



It seems to do exactly what you want, if there is no username / password, tell the user, I suggest to just remove it, since the average user knows that a login form means they need to insert a username / password.


That might be the only solution, I was hoping that there would be some way of basically saying:

If the user has not submitted then display nothing but if the user clicks Login without having entered any details then display the message, "Please enter a username and password!".

lostdreamer

10:04 am on Aug 10, 2011 (gmt 0)

10+ Year Member 




...
...

elseif(isSet($_POST['submitted'])
 && ($_POST['username'] == '' || $_POST['password'] == '')) {
 die("Please enter a username and password");
}


Check if there is a 'submitted' var (your hidden field), if it is: the form has been submitted... After that you check if all fields are entered ;)
You could also use $_POST['button'] for this... (the name of your submit button) This way you can remove the hidden field.


Regards,
LostDreamer

Jamier101

7:29 pm on Aug 10, 2011 (gmt 0)

10+ Year Member



Thanks lostdreamer, when I get a minute I will expand on the code so that all the fields are validated individually. I'd drew a complete blank on the message problem :-)
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 4:47 am Apr 28, 2026