Thread: Redirect after login trouble
View Single Post
  #1 (permalink)  
Old 07-01-09, 02:08 PM
WillUK WillUK is offline
Wannabe Coder
  
Join Date: Jan 2009
Location: Beverley, England
Posts: 130
Thanks: 5
Thanked 2 Times in 1 Post
Redirect after login trouble
Hi Guys

I am probably doing something really silly here, but I can't see what exactly it is...
Basically, I want to redirect the user to 'index.php' after the user has logged in to the application....

I know that the connection to SQL is ok, because users can register without any trouble....So it can't be that.

All I can think is that I am perhaps calling the session variable, $_SESSION['customer_id']; , from the wrong place in the script.

What is currently happening is that the login form renders correctly on my VDU, but once the user has entered their details into the form, and clicked 'submit', a white screen appears (i.e. a blank page).

I have used this script a number of times before, and have not experienced this problem until now, so that makes it doubly frustrating....

The SQL format for the table 'customer' is:

customer_id (INT), email (VARCHAR), password (VARCHAR), card_number (BLOB)


PHP Code:

  # Script 7.7 - login.php



if (isset($_POST['submit'])) {

    require_once ('../mysql_connect.php');

    function escape_data ($data) {

        global $dbc;

        if (ini_get('magic_quotes_gpc')) {

            $data stripslashes($data);

        }

        return mysql_real_escape_string($data$dbc);

    }

    $message NULL;

    if (empty($_POST['email'])) {

        $e FALSE;

        $message .= '<p>Please enter an email address</p>';

    } else {

        $e escape_data($_POST['email']);

    }

    if (empty($_POST['password'])) {

        $p FALSE;

        $message .= '<p>Please enter your password</p>';

    } else {

        $p escape_data($_POST['password']);

    }

    

    if ($e && $p) { // If everything's OK.

        $query "SELECT customer_id FROM customer WHERE email= '$e' AND password= '$p' ";        

        $result = @mysql_query ($query);

        $row mysql_fetch_array ($resultMYSQL_NUM); 

        if ($row) { 

                

                // Start the session, register the values & redirect.

                session_start();

                $_SESSION['customer_id'] = $row;

                header ("Location:  http://" $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "./index.php");

                exit();

                

        } else {

            $message '<p>The email and password entered do not match those on file.</p>'
        }

        mysql_close();

    } else {

        $message .= '<p>Please try again.</p>';        

    }

}

$page_title 'Login';

include ("includes/main_body.php");

if (isset($message)) {

    echo '<font color="red">'$message'</font>';
HTML Code:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset><legend>Enter your information in the form below:</legend>
<p><b>Email:</b> <input type="text" name="email" size="25" maxlength="20" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
<p><b>Password:</b> <input type="password" name="password" size="20" maxlength="20" />
</p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
</fieldset>
</form><!-- End of Form -->
PHP Code:

include ("includes/footer.php"); 

Any pointers would be appreciated.

cheers.
Will
Reply With Quote