Forum Moderators: coopster
So i have a table with id, username, password and redirect and people get redirected based on what is under the redirect heading.
If i need to be more specific just ask.
This is what i have at the moment.
<?
session_start(); // start session.
?>
<html>
<head>
<title>Login</title>
<head>
<body>
<?
$dbh=mysql_connect ("localhost", "bloomers", "******") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("bloomers_portal");
?>
<?
if(!isset($username) ¦!isset($password)) {
// escape from php mode.
?>
<form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST">
<p align="center">Members only. Please login to access this document.</p>
<table align="center" border="0">
<tr>
<th>
Username:
</th>
<th>
<input type="text" name="username">
</th>
</tr>
<tr>
<th>
Password:
</th>
<th>
<input type="password" name="password">
</th>
</tr>
<tr>
<th colspan="2" align="right">
<input type="submit" value="Login">
</form>
</th>
</tr>
</table>
</body>
</html>
<?
exit();
}
// If all is well so far.
session_register("username");
session_register("password"); // register username and password as session variables.
// Here you would check the supplied username and password against your database to see if they exist.
// For example, a MySQL Query, your method may differ.
$sql = mysql_query("SELECT password FROM user_table WHERE username = '$username'");
$fetch_em = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);
if($numrows!= "0" & $password == $fetch_em["password"]) {
$valid_user = 1;
}
else {
$valid_user = 0;
}
// If the username exists and pass is correct, don't pop up the login code again.
// If info can't be found or verified....
if (!($valid_user))
{
session_unset(); // Unset session variables.
session_destroy(); // End Session we created earlier.
// escape from php mode.
?>
<form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST">
<p align="center">Incorrect login information, please try again. You must login to access this document.</p>
<table align="center" border="0">
<tr>
<th>
Username:
</th>
<th>
<input type="text" name="username">
</th>
</tr>
<tr>
<th>
Password:
</th>
<th>
<input type="password" name="password">
</th>
</tr>
<tr>
<th colspan="2" align="right">
<input type="submit" value="Login">
</form>
</th>
</tr>
</table>
</body>
</html>
<?
exit();
}
?>
$sql = mysql_query("SELECT password FROM user_table WHERE username = '$username'");
$fetch_em = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);
if($numrows!= "0" & $password == $fetch_em["password"]) {
$valid_user = 1;
}
else {
$valid_user = 0;
}
to this
$sql = mysql_query("SELECT password,redirect FROM user_table WHERE username = '$username'");
$fetch_em = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);
if($numrows!= "0" & $password == $fetch_em["password"]) {
$valid_user = 1;
header("Location: ".$fetch_em["redirect"]);
exit;
}
else {
$valid_user = 0;
}
So, you also SELECT redirect from the sql table, and then if the password matches, you put a header redirect to location "redirect" ( redirect is a column in the user_table )
redirect can be any valid url.
Warning: Cannot modify header information - headers already sent by (output started at /home/bloomers/public_html/login.php:10) in /home/bloomers/public_html/login.php on line 64
Allen
INSIDE the if statement so that if the user is logging in, it doesn't send any html.
<?
$dbh=mysql_connect ("localhost", "bloomers", "******") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("bloomers_portal");
if(!isset($username) �!isset($password)) {
// escape from php mode and show login page
?>
<html>
<head>
<title>Login</title>
<head>
<body>
<form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST">
<p align="center">Members only. Please login to access this document.</p>
<table align="center" border="0">
<tr>
<th>
Username:
</th>
<th>
<input type="text" name="username">
</th>
</tr>
<tr>
<th>
Password:
</th>
<th>
<input type="password" name="password">
</th>
</tr>
<tr>
<th colspan="2" align="right">
<input type="submit" value="Login">
</form>
</th>
</tr>
</table>
</body>
</html>
<?
exit();
}
// If all is well so far.
// Here you would check the supplied username and password against your database to see if they exist.
// For example, a MySQL Query, your method may differ.
$sql = mysql_query("SELECT password,redirect FROM user_table WHERE username = '$username'");
$fetch_em = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);
if($numrows!= "0" & $password == $fetch_em["password"]) {
// correct login
$valid_user = 1;
header("Location: ".$fetch_em["redirect"]);
exit;
}
else {
$valid_user = 0;
}
// If the username exists and pass is correct, don't pop up the login code again.
// If info can't be found or verified....
if (!($valid_user))
{
// escape from php mode and show login error page.
?>
<html>
<head>
<title>Login</title>
<head>
<body>
<form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST">
<p align="center">Incorrect login information, please try again. You must login to access this document.</p>
<table align="center" border="0">
<tr>
<th>
Username:
</th>
<th>
<input type="text" name="username">
</th>
</tr>
<tr>
<th>
Password:
</th>
<th>
<input type="password" name="password">
</th>
</tr>
<tr>
<th colspan="2" align="right">
<input type="submit" value="Login">
</form>
</th>
</tr>
</table>
</body>
</html>
<?
exit();
}
?>
if(!isset($username) �!isset($password)) {
This should read
if(!isset($username) ¦¦!isset($password)) {
if I understand what you are trying to do correctly.
(replace ¦ with pipe)
