header question

Nathan__02

i have a login script and whenever i log in i goto index.php and then u go from there but when u go back it always wants to refresh...so i decided to make something that sends it to index.php but ive never used header...please help

<?php
session_start();
include("config.php");
include("style.css");

$username=$_POST['username'];
$password=$_POST['password'];

$query=mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'") or die("mysql error: ".mysql_error());


if (mysql_num_rows($query) > 0) {

    $row=mysql_fetch_array($query);

    session_register('id'); 
    $_SESSION['id'] = $row[id]; 
    session_register('username'); 
    $_SESSION['username'] = $row[username]; 
    session_register('password'); 
    $_SESSION['password'] = $row[password]; 
    session_register('userlevel'); 
    $_SESSION['user_level'] = $row[userlevel]; 

header("Location:'/shelta/index.php'");

} else {
echo("You could not be logged in!");

}

?>

suntra

If you want to redirect someone with header(), you must do something like this :

Header("Location: http://www.server.com/dir/file.extension\n");

Don't put the location between quotes and you must write a complete address with the protocol ([url]http://[/url]). Some browsers accept an address without protocol, but it is not standard... so put a complete URL.

persia

I think you have got your problem solved. I wanted to mention something about security. Try never to use a query like this:
"SELECT * FROM users WHERE username='$username' AND password='password' "

because it is vulnerable to a term called "SQL injection". one can use something like this.

suppose user "admin" is present in the database. a hacker only needs to provide username and password like this:

username="admin"
password=" ' or ''=' "

put this in the query and your query will be like this:
"SELECT * FROM users WHERE username='admin' AND password='' '' or ''='' "
and since it is an OR case and ''='' is always true the hacker can pass the login page.

Good luck