[WillUK]

Hi Guys

I am probably doing something really silly here, but I can't see what exactly it is...
Basically, I want to redirect the user to 'index.php' after the user has logged in to the application....

I know that the connection to SQL is ok, because users can register without any trouble....So it can't be that.

All I can think is that I am perhaps calling the session variable, $_SESSION['customer_id']; , from the wrong place in the script.

What is currently happening is that the login form renders correctly on my VDU, but once the user has entered their details into the form, and clicked 'submit', a white screen appears (i.e. a blank page).

I have used this script a number of times before, and have not experienced this problem until now, so that makes it doubly frustrating....

The SQL format for the table 'customer' is:

customer_id (INT), email (VARCHAR), password (VARCHAR), card_number (BLOB)

PHP Code:

  # Script 7.7 - login.php



if (isset($_POST['submit'])) {

    require_once ('../mysql_connect.php');

    function escape_data ($data) {

        global $dbc;

        if (ini_get('magic_quotes_gpc')) {

            $data = stripslashes($data);

        }

        return mysql_real_escape_string($data, $dbc);

    }

    $message = NULL;

    if (empty($_POST['email'])) {

        $e = FALSE;

        $message .= '<p>Please enter an email address</p>';

    } else {

        $e = escape_data($_POST['email']);

    }

    if (empty($_POST['password'])) {

        $p = FALSE;

        $message .= '<p>Please enter your password</p>';

    } else {

        $p = escape_data($_POST['password']);

    }

    

    if ($e && $p) { // If everything's OK.

        $query = "SELECT customer_id FROM customer WHERE email= '$e' AND password= '$p' ";        

        $result = @mysql_query ($query);

        $row = mysql_fetch_array ($result, MYSQL_NUM); 

        if ($row) { 

                

                // Start the session, register the values & redirect.

                session_start();

                $_SESSION['customer_id'] = $row;

                header ("Location:  http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "./index.php");

                exit();

                

        } else {

            $message = '<p>The email and password entered do not match those on file.</p>'; 

        }

        mysql_close();

    } else {

        $message .= '<p>Please try again.</p>';        

    }

}

$page_title = 'Login';

include ("includes/main_body.php");

if (isset($message)) {

    echo '<font color="red">', $message, '</font>';

} 

HTML Code:

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset><legend>Enter your information in the form below:</legend>
<p><b>Email:</b> <input type="text" name="email" size="25" maxlength="20" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
<p><b>Password:</b> <input type="password" name="password" size="20" maxlength="20" />
</p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
</fieldset>
</form><!-- End of Form -->

PHP Code:

include ("includes/footer.php"); 

Any pointers would be appreciated.

cheers.
Will

[wirehopper]

Check the error_log - either use tail /etc/httpd/logs/error_log, or more error_log (for the local log).

[=OTS=G-Man]

I would add some debugging lines also, just to see if your even getting to the redirect.

on a side note. Do you really want to assign $_SESSION['customer_id'] to the array from the results. Because unless im just not reading it write, to access the customer_id from the session you will have to call $_SESSION['customer_id']["customer_id"]

[WillUK]

I appreciate your help, but I still can't get it to work....

I don't know how to use - tail /etc/httpd/logs/error_log, or more error_log (for the local log), But I have added 'error_reporting (E_ALL);'

Also, regarding the array issue: I have now changed the SQL line slightly, setting two $_SESSION keys.

I have also amended the '$row = mysql_fetch_array ' line...I have gotten rid of the reference to MYSQL_NUM and changed to MYSQL_BOTH.

Finally I altered the header/redirection line to include a full directory path.....

BUT, the blank white screen is still persisting. Error reporting will not catch, I'm sure...BECAUSE the screen is not displaying any browser output at all...hence it's a white screen....so even if there are errors, I won't be able to see them.

Here is my up to date script:

PHP Code:

error_reporting (E_ALL);



if (isset($_POST['submit'])) {

    require_once ('../mysql_connect.php');

    function escape_data ($data) {

        global $dbc;

        if (ini_get('magic_quotes_gpc')) {

            $data = stripslashes($data);

        }

        return mysql_real_escape_string($data, $dbc);

    }

    $message = NULL;

    if (empty($_POST['email'])) {

        $e = FALSE;

        $message .= '<p> Please enter your email address </p>';

    } else {

        $e = escape_data($_POST['email']);

    }

    if (empty($_POST['password'])) {

        $p = FALSE;

        $message .= '<p>You forgot to enter your password </p>';

    } else {

        $p = escape_data($_POST['password']);

    }

    

    if ($e && $p) { // If everything's OK.

        

        $query = "SELECT customer_id, email FROM customer WHERE email='$e' AND password='$p' ";        

        $result = @mysql_query ($query);

        $row = mysql_fetch_array ($result, MYSQL_BOTH); 

        if ($row) { 

                

                // Start the session, register the values & redirect.

                session_name ('DWLogin');

                session_start();

                $_SESSION['customer_id'] = $row[0];

                $_SESSION['email'] = $row[1];

                

                ini_set(3600, session.gc_maxlifetime);

    

                //echo 'You have logged in successfully';

                header ("Location:  http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "c:wamp/www/DavidWright/index.php");

                //header("Location:loggedin.php"); 

                //exit();

                

        } else {

            $message = '<p> The email and password combination are incorrect.</p>'; 

        }

        mysql_close();

    } else {

        $message .= '<p>Please try again.</p>';        

    }

}

$page_title = 'Login';

include ('includes/main_body.php'); //Includes the header/body template

if (isset($message)) {

    echo '<font color="red">', $message, '</font>';

} 

HTML Code:

<div class="column_main">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>"method="post">
<fieldset><legend>Enter your information in the form below:</legend>
<p><b>Email address: </b> <input type="text" name="email" size="30" maxlength="30" value= "<?php if(isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
<p><b>Password: </b> <input type="password" name="password" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="login" /></div>
</fieldset>
</form><!--End of Form-->
</div>

PHP Code:

include ('includes/footer.php'); // Include the footer. 

I google searched php and blank white screen...it seems as though it is quite a common issue, but I could still not find a solution....

I really can't understand why this script worked on the previous project I worked on, but not this!
I thought that it might be a SQL issue, so I experimented by querying a different table contaning similar login data (used for another project).....low and behold, the same blank white screen appeared....
This just does not make any sense!! It must be something in the script....

Before you ask: index.php is stored in the same directory as the login.php script....I do have another file named 'index.php', which is stored in the admin side folder within the same directory...But I can't see why that would have effected anything....

[job0107]

The problem is in this line here:

PHP Code:

header ("Location:  http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "c:wamp/www/DavidWright/index.php"); 

$_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) will give you the path to where the file that is running is located.
That will probably look something like this: "localhost/DavidWright".
Now, if the index.php file is located in the "DavidWright" folder, then your header command would look like this:

PHP Code:

header ("Location:  http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php"); 

That will result in a header string like this: "http://localhost/DavidWright/index.php".

Please note that "c:wamp/www/DavidWright/index.php" is an absolute path to the file.
And the "www" directory is usually the default document folder.
So saying "http://localhost/" would be kind of the same as saying "http://wamp/www/".

[WillUK]

Thanks Jerry....but that doesn't seem to have solved the problem...I am still getting a blank white screen....
I wonder if it could be a browser issue....I use Mozilla....I'll see what happens if I change to IE....

[WillUK]

I can confirm that the script does not work on IE either....although I do get some feedback at least...the usual IE output when an error has been encountered:

"
The website cannot display the page
HTTP 500
Most likely causes:
The website is under maintenance.
The website has a programming error.

What you can try:
Refresh the page.

Go back to the previous page.

More information

This error (HTTP 500 Internal Server Error) means that the website you are visiting had a server problem which prevented the webpage from displaying.
For more information about HTTP errors, see Help.

"
If I have to spend another afternoon trying to re-edit and re-run this script I think I'll go crazy....

[Jcbones]

You are suppressing mysql errors, try this:

PHP Code:

<?php
error_reporting (E_ALL);

if (isset($_POST['submit'])) {
    require_once ('../mysql_connect.php');
    function escape_data ($data) {
        global $dbc;
        if (ini_get('magic_quotes_gpc')) {
            $data = stripslashes($data);
        }
        return mysql_real_escape_string($data, $dbc);
    }
    $message = NULL;
    if (empty($_POST['email'])) {
        $e = FALSE;
        $message .= '<p> Please enter your email address </p>';
    } else {
        $e = escape_data($_POST['email']);
    }
    if (empty($_POST['password'])) {
        $p = FALSE;
        $message .= '<p>You forgot to enter your password </p>';
    } else {
        $p = escape_data($_POST['password']);
    }
    
    if ($e && $p) { // If everything's OK.
        
        $query = "SELECT customer_id, email FROM customer WHERE email='$e' AND password='$p' ";        
        $result = mysql_query ($query);
        $row = mysql_fetch_array ($result); 
        if ($row) { 
                
                // Start the session, register the values & redirect.
                session_name ('DWLogin');
                session_start();
                $_SESSION['customer_id'] = $row[0];
                $_SESSION['email'] = $row[1];
                
                ini_set(3600, session.gc_maxlifetime);
    
                //echo 'You have logged in successfully';
                header ("Location:  http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "c:wamp/www/DavidWright/index.php");
                //header("Location:loggedin.php"); 
                //exit();
                
        } else {
            $message = '<p> The email and password combination are incorrect.</p>'; 
        }
        mysql_close();
    } else {
        $message .= '<p>Please try again.</p>';        
    }
}
$page_title = 'Login';
include ('includes/main_body.php'); //Includes the header/body template
if (isset($message)) {
    echo '<font color="red">', $message, '</font>';
}  

?>