How do I resolve forbidden access problem in XAMPP
Question
I've been trying to implement the following shopping cart website on xampp. The link for the page is : http://www.w3programmers.com/build-a-shopping-cart-with-php-part-1/
However when I try running my login page I get the following error:-
Here's the tab that opens when I try to login:
Here's the login code :-
<?php
session_start();
require("config.php");
if(isset($_SESSION['SESS_LOGGEDIN']) == TRUE) {
header("Location:".$config_basedir);
}
if($_POST['submit'])
{
$loginsql = "SELECT * FROM logins WHERE username = '" . $_POST['userBox']. "' AND password = '" . $_POST['passBox'] . "'";
$loginres = mysql_query($loginsql);
$numrows = mysql_num_rows($loginres);
if($numrows == 1)
{
$loginrow = mysql_fetch_assoc($loginres);
session_register("SESS_LOGGEDIN");
session_register("SESS_USERNAME");
session_register("SESS_USERID");
$_SESSION['SESS_LOGGEDIN'] = 1;
$_SESSION['SESS_USERNAME'] = $loginrow['username'];
$_SESSION['SESS_USERID'] = $loginrow['id'];
$ordersql = "SELECT id FROM rides WHERE customer_id = " . $_SESSION['SESS_USERID'] . " AND status < 2";
$orderres = mysql_query($ordersql);
$orderrow = mysql_fetch_assoc($orderres);
session_register("SESS_ORDERNUM"); $_SESSION['SESS_ORDERNUM'] = $orderrow['id'];
header("Location:".$config_basedir);
}
else {
header("Location:http://" .$_SERVER['HTTP_HOST']. $_SERVER['SCRIPT_NAME'] . "?error=1");
}
}
else {
require("header.php");
?>
<h1>Customer Login</h1>
Please enter your username and password to log into the websites. If you do not have an account, you can get one for free by <a href="register.php">registering</a>.
<?php
if(isset($_GET['error'])) {
echo "<strong>Incorrect username/password</strong>";
}
?>
<form action="<?php $_SERVER['SCRIPT_NAME']; ?><br />" method="POST">
<table>
<tbody>
<tr>
<td>Username</td>
<td><input type="textbox" name="userBox" /></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="passBox" /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submit" value="Log in" /></td>
</tr>
</tbody>
</table>
</form>
<?php
}
require("footer.php");
?>
And here's the header code:-
<?php
session_start();
if(isset($_SESSION['SESS_CHANGEID'])==TRUE){
session_unset();
session_regenerate_id();
}
require("config.php");
$db = mysql_connect($dbhost, $dbuser, $dbpassword);
mysql_select_db($dbdatabase, $db);
?>
<head>
<title><?php echo $config_sitename; ?></title>
<meta charset="utf-8"/>
<link rel="stylesheet" type="text/css" href="../stylesheet.css">
</head>
<body>
<div id="header">
<h1><?php echo $config_sitename; ?></h1>
</div>
<div id="menu">
<a href="<?php echo $congif_basedir; ?>">Home</a>
<a href="<?php echo $congif_basedir; ?>">View Rides</a>
</div>
<div id="container">
<div id="bar">
<?php
require("bar.php");
echo "<hr>";
if(isset($_SESSION['SESS_LOGGEDIN'])==True){
echo "Logged in as <strong>".$_SESSION['SESS_USERNAME']."</strong>[<a href='".$congif_basedir."logout.php'>logout</a>]";
}else{
echo "<a href='".$config_basedir."login.php'>Login</a>";
}
?>
</div>
<div id="main">
I suspect it's something to do with the header function, though I'm not really sure.
1 answers
solution1
0 2018-10-14 15:56:10
May I ask you to put here code from config.php? Or at least tell what value of $config_basedir?
Updated : $config_basedir should be URL in this format: http://localhost/ . 'some folders' . 'file name with extension' http://localhost/ . 'some folders' . 'file name with extension' http://localhost/ . 'some folders' . 'file name with extension' , for example, like this: http://localhost/sites/shop/index.php .
If a file or folder of the file is located in the same or child directory your URL can be just: file 'file_name or folder/file_name . For example just index.php or folder/folder/index.php .
An extension like .php | .html .php | .html may not be mandatory depending on your server settings. That is, you can indicate the URL like this: folder/index or index ; 'index' - is a file name in this case.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.