Need Help with a redirect

Seitan

I have a login script that doesn't let me login or redirect. I have no idea what is wrong, im such a noob when it comes to php. Someone please help.

Here is the login form

<?php # login.php
// This is the login page for the site. 

// Include the configuration file for error management and such.
require_once ('../****/config.inc.php');

// Set the page title and include the HTML header.
$page_title = 'Login';
$header = 'Login';

include ('../php/header.php'); 
?>

<p>Your browser must allow cookies in order to log in.</p>
<form action="login2.php"method="post">

   <p><b>User Name:</b><br> <input type="text" name="user_name"
   size="20" maxlength="40" value="<?php if (isset($_POST
   ['user_name'])) echo $_POST['user_name']; ?>" /></p>
   <p><b>Password:</b> <br><input type="password" name="password"
   size="20" maxlength="20" /></p>
   <div align="center"><input type="submit" name="submit"
   value="Login" /></div>
   <input type="hidden" name="submitted" value="TRUE" />

</form>

<a href ="../php/forgot_password.php">Forgot Password?</a>
<?php
include ('../php/footer.php');
?>

and here is the login script

<?php # login.php
// This is the login page for the site. 

// Include the configuration file for error management and such.
require_once ('../****/config.inc.php');

// Set the page title and include the HTML header.
$page_title = 'Login';
$header = 'Login';


if (isset($_POST['submitted'])) { // Check if the form has been submitted.

   require_once ('../****/mysql_connect.php');
   // Connect to the database.

   // Validate the user name address.
   if (!empty($_POST['user_name'])) {
      $u = escape_data($_POST ['user_name']);
   } else {
      echo '<p><font color="red"size="-1">
      You forgot to enter your User Name!
      </font></p>';
      $u = FALSE;
   }

   // Validate the password.
   if (!empty($_POST['password'])) {
      $p = escape_data($_POST ['password']);
   } else {
      $p = FALSE;
      echo '<p><font color="red"size="-1">
      You forgot to enter your password!
      </font></p>';
   } 

   if ($u && $p) { // If everything's OK.

   // Query the database.
   $query = "SELECT user_name FROM users WHERE (user_name='$u' AND password=SHA('$p')) AND active IS NULL";
   $result = mysql_query ($query) or trigger_error
    ("Query: $query\n <br />MySQL Error: " . mysql_error()); 

if (@mysql_num_rows($result) == 1) {
   // A match was made.

  // Register the values & redirect.
  $row = mysql_fetch_array ($result,MYSQL_NUM);
  mysql_free_result($result); mysql_close();
  $_SESSION['user_name'] = $row[1];
  $_SESSION['user_id'] = $row[0];

  ob_end_clean(); // Delete the buffer.
  header('Location: http://www.ourvegankitchen.com');
  exit(); // Quit the script. 
  } else { //No match was made.
    echo '<p><font color="red"size="-1">Either the user name and password entered do not match those
    on file or you have not yet activated your account.</font></p>';
  }

   } else {

  echo '<p><font color="red"size="-1">Please try again.
  </font></p>';
   }
   mysql_close();
} // End of SUBMIT conditional.
include ('../php/header.php'); 
?>

<?php
include ('../php/footer.php');
?>

i have no idea what im doing

HalfaBee

use session_write_close() before redirecting

bradgrafelman

And if that doesn't help, you'll have to give us more troubleshooting information.

What isn't working? What does the query look like? What is MySQL returning?

Seitan

I add that right before the redirect but nothing happened.

So what happens when I try to login, is that the page goes blank. I get a completely blank screen and nothing happens. When I goto the home page again, I am not logged in at all.

bradgrafelman

Is display_errors turned On, and error_reporting set to E_ALL ?