I'm trying to do form authentication. My login form action calls a php file (loginAction.php) that checks the username and password against a mysql database. The problem is whenever I submit the form I get a 404. I can refresh and loginAction.php is found, but the form data is now missing so I get errors. Can anyone help me figure out why I get the 404 everytime on submiting the form but not on a refresh?
Thanks
Login form:
<td valign="top">
<div align="center">
</div>
<form action="http://192.168.0.1/ecps/loginAction.php" method="post" name="cust_login">
<br>
<font size="2" face="Arial,Helvetica,Geneva,Swiss,SunSans-Regular">Please Login<br>
<br>Username: <input type="text" name="email" size="24" border="0"><br>Password: <input type="password" name="password" size="24" border="0"><br>
<br>
</font><input type="submit" name="Submit" value="Submit" border="0"><br>
</form>
<p></p>
</td>
loginAction.php:
<?php
// Check if the information has been filled in
if ($email == '' || $password == '')
{
// No login information - return to login
header('Location: http:\192.168.0.1\ecps\cust_login.php');
}
else
{
// Authenticate user
$hDB = mysql_connect('192.168.0.1', '', '') or
die("Database not available");
mysql_select_db('test', $hD😎;
$sQuery = "
Select * from users
where email = '$email'
And password = password('$password')";
$hResult = mysql_query($sQuery, $hD😎;
if (mysql_num_rows($hResult))
{
// session_start();
header('Location: http:\192.168.0.1\ecps\ecps.php');
// set session variables;
}
else
{
// Not authenticated
header('Location: http:\192.168.0.1\ecps\cust_login.php');
}
}
?>
