Hi Guys
I am probably doing something really silly here, but I can't see what exactly it is...
Basically, I want to redirect the user to 'index.php' after the user has logged in to the application....
I know that the connection to SQL is ok, because users can register without any trouble....So it can't be that.
All I can think is that I am perhaps calling the session variable, $_SESSION['customer_id']; , from the wrong place in the script.
What is currently happening is that the login form renders correctly on my VDU, but once the user has entered their details into the form, and clicked 'submit', a white screen appears (i.e. a blank page).
I have used this script a number of times before, and have not experienced this problem until now, so that makes it doubly frustrating....
The SQL format for the table 'customer' is:
customer_id (INT), email (VARCHAR), password (VARCHAR), card_number (BLOB)
PHP Code:
# Script 7.7 - login.php
if (isset($_POST['submit'])) {
require_once ('../mysql_connect.php');
function escape_data ($data) {
global $dbc;
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
}
$message = NULL;
if (empty($_POST['email'])) {
$e = FALSE;
$message .= '<p>Please enter an email address</p>';
} else {
$e = escape_data($_POST['email']);
}
if (empty($_POST['password'])) {
$p = FALSE;
$message .= '<p>Please enter your password</p>';
} else {
$p = escape_data($_POST['password']);
}
if ($e && $p) { // If everything's OK.
$query = "SELECT customer_id FROM customer WHERE email= '$e' AND password= '$p' ";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);
if ($row) {
// Start the session, register the values & redirect.
session_start();
$_SESSION['customer_id'] = $row;
header ("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "./index.php");
exit();
} else {
$message = '<p>The email and password entered do not match those on file.</p>';
}
mysql_close();
} else {
$message .= '<p>Please try again.</p>';
}
}
$page_title = 'Login';
include ("includes/main_body.php");
if (isset($message)) {
echo '<font color="red">', $message, '</font>';
}
HTML Code:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset><legend>Enter your information in the form below:</legend>
<p><b>Email:</b> <input type="text" name="email" size="25" maxlength="20" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
<p><b>Password:</b> <input type="password" name="password" size="20" maxlength="20" />
</p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
</fieldset>
</form><!-- End of Form -->
PHP Code:
include ("includes/footer.php");
Any pointers would be appreciated.
cheers.
Will
Threaded Mode
