Hi,
I'm adapting some code for a web-shopping application. This particular problem occurs when a user tries to log into the application.
When implemented on the server I get the following errors:
Notice: Array to string conversion in /www/htdocs/pinsand/mymarket/login.php on line 26
Warning: Cannot modify header information - headers already sent by (output started at /www/htdocs/pinsand/mymarket/login.php:26) in /www/htdocs/pinsand/mymarket/login.php on line 33
Here is the concerning php code:
<?
include("application.php");
/ form has been submitted, check if it the user login information is correct /
if (match_referer() && isset($POST)) {
$user = verify_login($POST["username"], $_POST["password"]);
if ($user) {
$USER["user"] = $user;
$USER["ip"] = $_SERVER["REMOTE_ADDR"];
/* if wantsurl is set, that means we came from a page that required
* log in, so let's go back there. otherwise go back to the main page */
$goto = empty($USER["wantsurl"]) ? $CFG->wwwroot : $USER["wantsurl"];
header("Location: $goto");
die;
} else {
$errormsg = "Invalid login, please try again";
$frm["username"] = $_POST["username"];
}
}
include("$CFG->templatedir/login_form.php");
/***************************************************************************
FUNCTIONS
***************************************************************************/
function verify_login($username, $password) {
/ verify the username and password. if it is a valid login, return an array
with the username, firstname, lastname, and email address of the user*/
if (empty($username) || empty($password)) return false;
$qid = db_query("
SELECT username, firstname, lastname, email, priv, phone, address
FROM users
WHERE username = '$username' AND password = '" . md5($password) . "'
");
return db_fetch_array($qid);
}
?>
Any ideas what might be wrong?
p.s. When a user uses a wrong password the code handles it correctly.
