sessions problem

amarafzal

Hi All

I got a small problem. Im trying to set up a membership section to my website. Ive got some code that checks the user password and username. Bascially even if i type in the correct pasword the page doesnt redirect. All the if statements beside this bit. Code is as follows:

<?
/ Check User Script /
session_start(); // Start Session

include 'db.php';
// Conver to simple variables
$username = $POST['username'];
$password = $POST['password'];

if((!$username) || (!$password)){
echo "Please enter ALL of the information! <br />";
include 'log_in.htm';
exit();
}

// Convert password to md5 hash
$password = md5($password);

// check if the user info validates the db
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' AND activated='1'");
$login_check = mysql_num_rows($sql);

if($login_check > 0){
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key => $val ){
$$key = stripslashes( $val );
}
// Register some session variables!
session_register('first_name');
$SESSION['first_name'] = $first_name;
session_register('last_name');
$SESSION['last_name'] = $last_name;
session_register('email_address');
$SESSION['email_address'] = $email_address;
session_register('special_user');
$SESSION['user_level'] = $user_level;

	mysql_query("UPDATE users SET last_login=now() WHERE userid='$userid'");

	header("Location: login_success.php");
}

} else {
echo "You could not be logged in! Either the username and password do not match or you have not validated your membership!<br />
Please try again!<br />";
include 'log_in.htm';
}
?>

Im not getting any errors at all, the page appears with all my headers and footers but it supposed to re-direct to login_success.php but it doesnt. Any ideas why?

cahva

You must use absolute url in the header. For example:
header('Location: http://yoursite.com/login_success.php');

amarafzal

thanks for that but it still doesnt work.

any more ideas?

run_GMoney

It's been my experience that you don't need an absolute url address in the header assuming it's in the same directory.

keith73

Have you verified the value of $login_check to make sure that it is returning 1 when you do enter the correct username, password. If it is 0, then your query is not finding that user/pass combination.

keith

just had another thought. Is there HTML code above and below your php code that you posted here?
If so, after logging in, and nothing happens, view the source. If PHP did output an error, it is possible that it is hidden from you because of incomplete or improper HTML code.

mmilano

2 thinks off the top of my head:

header("Location: login_success.php");

i've never used a capitol "L" for location in the header tag.... try lowercase.

second: make sure there is nothing being printed to your browser before the header tags... ( location and session functions ) .. even if there is one blank space before your <? tag, then it will screw up your header functions.

keith73

If it was in the wrong spot, you can delete it. Since you are the poster, click edit and then select the option to delete the post, then re-post it where it should be.

and to answer your question.
in your redirection, include the session name=ID in your redirect command and make sure your script in the store checks for it and uses it to resume the session.

$redirect = "https://oursite.com/store?PHPSESSID=" . session_id();

keith

Roman_Totale

Try putting exit; after your Header statement