Home/ Questions/Q 8056537
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T08:44:12+00:00

I have a checklogin.php script that works fine to redirect a user to a

  • 0

I have a checklogin.php script that works fine to redirect a user to a specific page on successful login. I now want to set it to redirect to the original index.php page that redirected the user to the login form. At the top of index.php I include:

<?php
session_start();

$_SESSION['url'] = $_SERVER['REQUEST_URI'];

if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>

I have checked that $_SESSION[‘url’] is getting correctly set on this page.

main_login.php just contains the login form which is processed by checklogin.php:

<form name="form1" method="post" action="checklogin.php">

and $_SESSION[‘url’] is getting correctly set on this page too.

checklogin.php looks like this:

<?php
session_start();

print_r($_SESSION['url']);

ob_start();
$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name=""; // Database name 
$tbl_name=""; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$encrypted_mypassword=md5($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$encrypted_mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:$_SESSION['url']");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>

As you can see I am trying to print $_SESSION[‘url’] at the top of this script but nothing is getting returned.

Could someone help with this?

Thanks,

Nick

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You cannot insert a “complex” variable like $_SESSION[‘url’] inside a litteral string, like the following statement:

    header("location:$_SESSION['url']");

    In my version of PHP (5.3.10), it produces the following error:

    PHP Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE,
    expecting T_STRING or T_VARIABLE or T_NUM_STRING in
    /home/…/test.php on line …

    Indeed, if you want to output a field in an array, you should use concatenation:

    header("Location: " . $_SESSION['url']);

    This may be the source of your problem. Depending on PHP configuration, it may not display the error and just output a blank page, check the php logs to be sure.

    The best practice is to use this whenever you want to output the value of a variable in a string.

    For example, do not use echo "Foo: $foo";, use instead echo "Foo : ". $foo;

    • 0