stackoom
  简体   繁体   中英

php login script doesn't redirect

 原文  2013-12-08 08:02:05       php/ redirect/ login

Question

I've wrote a script that reads user and password data correctly, to log into a reserved webpage. The problem is that when you press the login button, it doesn't redirect to the target.php (reserved) page. The form is in a file called login.php. It reads and connect to the db, but stays on this login page: 

<?php


session_start();


function loginform(){

    echo "<form action='' method='POST'>
          Username: <input type = 'text' name='username'>
          Password: <input type = 'text' name='password'>
          <input type = 'submit' name='login' value='Login'>
          </form>

    ";
}

function logoutform(){

    echo "<form action='' method='POST'>
          <input type = 'submit' name='logout' value='Logout'>
          </form>

    ";

}

function login($username, $password){

    $pass = md5($password);

    $con= mysqli(whateverwebsite.com, 'Nameofthetable', 'hashedmd5password') or die (mysql_error());

    mysql_select_db('whateverdb', $con) or die (mysql_error());

    $result = mysql_query(" SELECT * FROM user WHERE username='$username' AND password='$pass' ") or die (mysql_error);

    $count= mysql_num_rows($result);

    if($count==1) {
        $_SESSION['login']=$username;
        header('Location:target.php'); /* this does not work */
    }

    else {
        header('Location:index.php');   /* this does not work */
        echo "Wrong login";
    }

}

function logout(){
    session_destroy();
}

if (isset($_SESSION['login'])) {
    echo "You've logged in";
    logoutform();
}

else{
    echo "Enter with Username and password.";
    loginform();
}

if ($_POST['login']) {
    echo "logging in..."; /* this text "logging in" remains on the screen, instead of going to target.php */

    login($_POST['username'], $_POST['password']);
}

elseif($_POST['logout']){
    echo "Logging out";
    logout();
}

?>

also, Before the html of the target.php page, there is this 

<?php

 session_start();
 echo "Reserved area<br>";

 if (!isset($_SESSION['login'])) {
    exit("you must login <a href='../login.php'>Login<a>");
 }
 else {
    echo "Do the <a href='../login.php'>Logout</a>";
 }

?>

6 answers

solution1
 1  2013-12-08 09:12:26

Something like this always worked for me :
This modification is in your login function . If it works , you can modify else part in similar manner . 

if( $count == 1 )
{
    $_SESSION['login'] = $username;

    echo
'<!DOCTYPE html>
<html>
    <head>
        <title>Your website title</title>
        <meta http-equiv="refresh" content="3;url=target.php">
        <meta charset="UTF-8">
    </head>
    <body>
        Logging in . Please wait ...
    </body>
</html>';

}

solution2
 0  2013-12-08 08:05:00

You can use the header() function to send a new HTTP header, but this must be sent to the browser before any HTML or text (so before the declaration, for example).

alternative: 

function Redirect($url, $permanent = false)
{
    header('Location: ' . $url, true, $permanent ? 301 : 302);

    exit();
}

Redirect('http://www.google.com/', false);

UPDATE: if this does not worked use this: 

echo "<meta http-equiv='refresh' content='0;url=index.php' />";

instead of using header

solution3
 0  2013-12-08 08:18:47

Before using header() you shouldn't echo anything.

So, check the $_POST['login'] first, and don't use echo before login()

solution4
 0  2013-12-08 08:20:06

Another method: 

<?php
    echo "<script type='text/javascript'>window.location='page.php';</script>";
    //or
    echo "<meta http-equiv='refresh' content='0;url=page.php' />";
?>

solution5
 0  2013-12-08 09:22:46

//TRY this here 

 if($count==1) {
        $_SESSION['login']=$username;
        header('Location:target.php'); /* this will work now*/
        //TRY
         exit(); 
    }

Note : mysql_* deprecated use mysqli_ your code is highly vulnerable

a logic Flaw - your code is highly vulnerable 

  $result = mysql_query(" SELECT * FROM user WHERE username='$username' AND    password='$pass' ") or die (mysql_error);
  $count= mysql_num_rows($result);

let $username="A%" like some thing its easy to have $count>1 and logged in this

solution6
 0  2013-12-08 17:22:07

I think this function may be the culprit. It doesn't display anything, why it doesn't get called? 

if (isset($_SESSION['login'])) {
    echo "You've logged in";
    logoutform();
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question php login doesn't redirect Htaccess doesn't redirect request to php script Login script doesn't work - PHP Php & MySQL login script doesn't react php session() doesn't work in login script PHP Login form doesn't redirect to another page AJAX validation script doesn't execute before login PHP script Redirect loop on login script PHP login form doesn't redirect php login script doesn't do anything (Dreamweaver generated)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM