Jump to content
Larry Ullman's Book Forums

Recommended Posts

I built a login page from the model in this book, and for some reason, sometimes when I login it redirects me back to index.php and it doesn't log me in. Other times it logs me in just fine. Any idea what could be causing this? Here is my login page code.

 

<?php
$page_title = 'Login to your account';
include ('includes/header.html');
include ('includes/config.inc.php');
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
require (MYSQL);
$trimmed = array_map('trim', $_POST);
if (!empty($trimmed['Email']) && filter_var($trimmed['Email'], FILTER_VALIDATE_EMAIL)){
$e = mysqli_real_escape_string($dbc, $trimmed['Email']);
} else {
$e = FALSE;
echo '<p class="error">You forgot to enter your email address, or the email you entered is invalid.</p>';
}
if (!empty($trimmed['Pass'])){
$p = mysqli_real_escape_string($dbc, $trimmed['Pass']);
} else {
$p = FALSE;
echo '<p class="error">You forgot to enter your password, or the password you entered is invalid.</p>';
}
if ($e && $p){
$q = "SELECT UserID, Fname FROM users WHERE (Email='$e' AND Pass=SHA1('$p')) AND Active IS NULL";
$r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br /> Mysql Error:" . mysqli_error($dbc));
if (@mysqli_num_rows($r) == 1){
$_SESSION = mysqli_fetch_array($r, MYSQLI_ASSOC);
mysqli_free_result($r);
mysqli_close($dbc);
$url = BASE_URL . 'index.php';
ob_end_clean();
header("Location: $url");
exit();
} else {
echo '<p class="error">Either the username and password you entered do not match those we have on file, or you have not yet activated your account.</p>';
}
} else {
echo '<p class="error">Please Try Again</p>';
}
mysqli_close($dbc);
}
 
?>
<div class="text">
<h1>Login</h1>
<p>Your browser must allow cookies in order to log in.</p>
<form action="login.php" method="post">
<fieldset>
<p><b>Email: <input type="text" name="Email" /></b></p>
<p><b>Password: <input type="password" name="Pass" /></b></p>
<input type="submit" name="submit" value="Login!" />
</fieldset>
</form>
</div>
<? include ('includes/footer.html'); ?>
Link to comment
Share on other sites

I am not exactly sure what mean, do I login with a known username and password combination that I know is in the database, and then try and login with a username password combo that doesn't exist in the db. I just tried that and it gave an error. when I login with a good username and password that exists sometimes it logs me in, and when it doesn't it doesn't give an error, it just redirects me back to the index page. 

Link to comment
Share on other sites

I tried the mysql query I am using in my login.php page and it works fine, it returns the data it should. It is SELECT UserID, Fname FROM users WHERE (Email='$e' AND Pass=SHA1('$p')) AND Active IS NULL

So I am guessing the problem isn't there. So where could the problem be.

Like I said I don't get an error message, it just redirects me back to index.php. Sometimes it takes 2 or 3 login attempts before it works.

Link to comment
Share on other sites

I would go through that process--print out query being executed, run it using phpMyAdmin--a few times just to confirm that it reliably always returns the right value. 

 

Next, I'd add echo lines to your code (from the handling login section on) to see what lines do get executed and what ones don't.

Link to comment
Share on other sites

Hi, exactly where do I put echo lines, on my login.php page? if it is on login.php, where on the page do I put them? And what do I echo out, would it be $_SESSION['UserID']

 

I just put an echo $_SESSION['UserID'] on my index.php page and tried to login. It gave me an error message saying UserID undefined index. So it looks like my session variable isn't getting set, the first time I try to login, it always takes about 2 or 3 attempts before I login successfully. What can I do to correct this. 

 

I checked on all my pages and the session_start() is at the top of every page except for the $page_title variable before it.

Link to comment
Share on other sites

 Share

×
×
  • Create New...