Hi,
I'd suggest to move the code that does the login stuff to the top of the script and to use header, like in the following example.
This way you can avoid using JavaScript.
Make sure that there's no empty line in front of the php block and that there is no output prior to the header calls.
<?
$strError = "";
if (isset($_POST['action']) && $_POST['action'] == 'login') {
require("./inc/config.php");
$username = $_POST['tUsername'];
$password = $_POST['tPassword'];
$encryptpassword = MD5($password);
$con_user= mysql_connect($host,$user,$pass) or die(mysql_error());
mysql_select_db($db);
$queryuser = "SELECT * FROM users WHERE username='$username' AND userpassword='$encryptpassword'";
//echo $encryptpassword;
$resultuser = mysql_query($queryuser);
$objuser = mysql_fetch_object($resultuser); //Get all objects from that row !
if (mysql_num_rows($resultuser) == 0) {
$strError = "Invalid username or password, please try again";
}
else {
$Login = "1";
$_SESSION['Login'] = $Login;
$_SESSION['userid'] = $objuser->userid;
$_SESSION['username'] = $objuser->username;
$_SESSION['usergroupid'] = $objuser->usergroupid;
$_SESSION['supplier'] = $objuser->supplier;
$sessionid = session_id();
$sessionname = session_name();
mysql_close($con_user); //close user connection
$header = "";
if ($objuser->userlanguage == 'en') {
$header = "Location: us/cdvd.php?$sessionname=$sessionid";
//echo "<script>window.navigate('./us/cdvd.php?$sessionname=$sessionid')</script>";
}
else { //if ($objuser->userlanguage == 'nl') {
$header = "Location: us/cdvd.php?$sessionname=$sessionid";
//echo "<script>window.navigate('./us/cdvd.php?$sessionname=$sessionid')</script>";
}
session_write_close();
header($header);
exit;
}
mysql_close ($con_user); //close user connection
}
?>
<!--do the other stuff including the output of $strError -->
Thomas
