Problem with userid and password verification and redirection

Discussion in 'PHP' started by Titanite, Jun 26, 2006.

0
  1. #1
    Hello,

    This script just doesn't work. Can someone advise me on what went wrong?

    Titanite

    _____________________________________

    --------- login.php ------------

    <form method="POST" action="login_verification.php">

    <?

    $pagetitle = "Login";

    if ($message == "invalid") {
    print ("The user name and password you have entered do not match what is on file.\n");
    }
    print ("<form method=POST action=\"login_verification.php\">\n");
    print ("<p>Username: <input type=text name=userid size=50><br>\n");
    print ("Password: <input type=password name=pwd size=50></p>\n");
    print ("<p><input type=submit value=Submit><input type=reset></p>\n");

    ?>

    </form>


    --------- login_verification.php ------------

    <?

    if (!empty($HTTP_GET_VARS)) while(list($name, $value) = each($HTTP_GET_VARS))
    $$name = $value;
    if (!empty($HTTP_POST_VARS)) while(list($name, $value) = each($HTTP_POST_VARS))
    $$name = $value;

    $userid=$_POST['userid'];s
    include "../fukitol.php";
    $link = mysql_connect("localhost",$username,$password);
    if (! $link)
    die("Couldn't connect to MySQL");
    mysql_select_db($db , $link)
    or die("Couldn't open $db: ".mysql_error());

    $query="SELECT * FROM congress5 WHERE userid='$userid'";
    $result=mysql_query($query);
    ?>

    <?
    if ((userid == '$userid') && (pwd == '$pwd')) {
    header ("Location: http://(full url )/formindex.php?userid=$userid");
    exit;
    } else {
    header ("Location: http://(full url )/login.php?message=invalid");
    exit;
    }
    ?>
    Edit/Delete Message
     
    Titanite, Jun 26, 2006 IP
  2. mad4

    mad4 Peon

    Messages:
    6,986
    Likes Received:
    493
    Best Answers:
    0
    Trophy Points:
    0
    #2
    What error do you get?
     
    mad4, Jun 26, 2006 IP
  3. vishwaa

    vishwaa Well-Known Member

    Messages:
    271
    Likes Received:
    12
    Best Answers:
    0
    Trophy Points:
    138
    #3
    I would do the authentication in this way.

    <?php
$query = "SELECT 1 AS AUTH FROM congress5 WHERE userid='$userid' AND pwd='$pwd'";
$result = mysql_query($query,$link);
$row = mysql_fetch_array($result,MYSQL_ASSOC);

if($row['AUTH']) {
    header ("Location: http://(full url )/formindex.php?userid=$userid");
    exit;
} 
else {
    header ("Location: http://(full url )/login.php?message=invalid");
    exit;
}
?>
    PHP:
     
    vishwaa, Jun 26, 2006 IP
  4. Titanite

    Titanite Peon

    Messages:
    11
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Hi Vishwaa!
    Thanks! It works!!

    However, I conclude that header () does not work for me!!

    I have entered the wrong userid and password on login.php: nothing happens when it is supposed to redirect to Google.
    I entered the right one: the information gets printed out.

    So, the if-else works, so does the authentification. Which leads me to conclude that the header () does not work. I have tried entered the full server path and the full URL, but nothing works.

    :(



    ________________________________

    login_verification.php

    This is what I have modified for login_verification.php:


    <html>
    <head>
    <link rel="stylesheet" type="text/css" href="../../css/style.css">
    <title>Login Verification</title>
    </head>
    <body>

    <h3>Login Verification</h3>

    <?

    $userid=$_POST['userid'];
    include "../fukitol.php";
    $link = mysql_connect("localhost",$username,$password);
    if (! $link)
    die("Couldn't connect to MySQL");
    mysql_select_db($db , $link)
    or die("Couldn't open $db: ".mysql_error());

    $query = "SELECT 1 AS AUTH FROM congress5 WHERE userid='$userid' AND pwd='$pwd'";
    $result = mysql_query($query, $link);
    $row = mysql_fetch_array($result, MYSQL_ASSOC);

    $query="SELECT * FROM congress5 WHERE userid='$userid'";
    $result=mysql_query($query);
    $num = mysql_num_rows($result);
    $i=0;
    while ($i < $num) {
    $organisationname = mysql_result($result,$i,"organisationname");
    ++$i;
    }


    if($row['AUTH']) {
    print ("Your userid is $userid. Your organisation is $organisationname.");
    exit;
    }
    else {
    header ("Location: http://www.google.com");
    exit;
    }

    ?>


    </body>
    </html>


    ________________________________

    login.php

    This is my login.php.


    <html>
    <head>
    <link rel="stylesheet" type="text/css" href="style.css">
    </head>
    <body>
    <h3>Login</h3>
    <p>Enter your username and password.</p>

    <form method="POST" action="login_verification.php">

    <?

    $pagetitle = "Login";

    if ($message == "invalid") {
    print ("The user name and password you have entered do not match what is on file.\n");
    }
    print ("<form method=POST action=\"login_verification.php\">\n");
    print ("<p>Username: <input type=text name=userid size=50><br>\n");
    print ("Password: <input type=password name=pwd size=50></p>\n");
    print ("<p><input type=submit value=Submit><input type=reset></p>\n");

    ?>

    </form>

    </body>
    </html>
     
    Titanite, Jun 27, 2006 IP
  5. vishwaa

    vishwaa Well-Known Member

    Messages:
    271
    Likes Received:
    12
    Best Answers:
    0
    Trophy Points:
    138
    #5
    strip off all the html tags in login_verification.php and test the code.

    your layout should be like

    <?php
    ...
    ...
    ?>
     
    vishwaa, Jun 27, 2006 IP
  6. Titanite

    Titanite Peon

    Messages:
    11
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #6
    I have done that on both php pages, still nothing happens. No redirection........ :(((
     
    Titanite, Jun 27, 2006 IP