redirection worked then all of the sudden stopped working

Muses

When it was working it was taking staff members from the standard login page to the staff area, now it redirects back to the login page and says they aren't logged in.
I haven't changed code any to cause this error.

#index.php

// Set the page title and include the HTML header.
$page_title = 'Staff';
include_once ('incl/header.html');
session_start();

if (isset($_POST['submit'])) { // Check if the form has been submitted.

require_once ('incl/mysql_connect.php'); // Connect to the database.

if (empty($_POST['staff_name'])) { // Validate the username.
	$u = FALSE;
	echo '<p>You forgot to enter your username!</p>';
} else {
	$u = escape_data($_POST['staff_name']);
}

if (empty($_POST['password'])) { // Validate the password.
	$p = FALSE;
	echo '<p>You forgot to enter your password!</p>';
} else {
	$p = escape_data($_POST['password']);
}

if ($u && $p) { // If everything's OK.

	// Query the database.
	$query = "SELECT staff_id, staff_name FROM staff WHERE staff_name='$u' AND password=PASSWORD('$p')";		
	$result = @mysql_query ($query);
	$row = mysql_fetch_array ($result, MYSQL_NUM); 

	if ($row) { // A match was made.

			// Start the session, register the values & redirect.
			$_SESSION['staff_name'] = $row[1];
			$_SESSION['staff_id'] = $row[0];

			ob_end_clean(); // Delete the buffer.
			header ("Location:  [url]http://[/url]" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/staff_index.php");
 // this is were logged in members are supposed to go.
					exit();

	} else { // No match was made.
		echo '<p>The username and password entered do not match those on file.</p>'; 
	}

	mysql_close(); // Close the database connection.

} else { // If everything wasn't OK.
	echo '<p>Please try again.</p>';		
}

} // End of SUBMIT conditional.

// Login form
<form action="<?php echo $SERVER['PHP_SELF']; ?>" method="post">
<p align="justify">Staff Name:<input class=title type="text" name="staff_name" size="20" maxlength="20" value="<?php if (isset($POST['staff_name'])) echo $_POST['staff_name']; ?>" /></p>

<p align="justify">Password:<input class=title type="password" name="password" size="20" maxlength="20" /><br/>
<small>Your browser must allow cookies in order to login.</small></p>
<p align="justify"><input class=head type="submit" name="submit" value="Login" /></form></p>

// Include the HTML footer file.
include_once ('incl/footer.html');

Muses

Originally posted by Muses

header ("Location:  [url]http://[/url]" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/staff_index.php");
 // this is were logged in members are supposed to go.

[/B]

this was/is
header ("Location: [url]http://[/url]" . $SERVER['HTTP_HOST'] . dirname($SERVER['PHP_SELF']) . "/staff_index.php");

bodzan

...is:

This part of code:

header ("Location:  <a href="http://" target="_blank">[url]http://[/url]</a>" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/staff_index.php");
 // this is were logged in members are supposed to go.

has a problem with comments i.e. //'s and the quotes...

Try this way...

header ("Location:  <a href=\"http:\/\/\" target=\"_blank\">http:\/\/</a>" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/staff_index.php");
 // this is were logged in members are supposed to go.

I'm not sure wheher you need escaping the //'s but try it... If it doesn't work just escape the " signs...

Muses

It didn't work either way and it isnt pulling up an error.

Roger_Ramjet

I see the comment but not the session_start()


 // Start the session, register the values & redirect.
                $_SESSION['staff_name'] = $row[1];
                $_SESSION['staff_id'] = $row[0];

So its not going to register the user.

Muses

#index.php

// Set the page title and include the HTML header.
$page_title = 'Staff';
include_once ('incl/header.html');
session_start();

after looking at that, shouldn't the session start be before the header?