Home/ Questions/Q 8119261
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-06T04:45:08+00:00

Okay this is definitley an easy question and a stupid one but since I

  • 0

Okay this is definitley an easy question and a stupid one but since I have been developing on localhost i didn’t even realise it was a problem. The header to redirect to members page in the loginscript is not working because it is positioned incorrectly. This did not cause a problem on wamp but is on the live server. The script is included in an html file for reasons too long to tell here. Nothing is echoed in the script until something goes wrong but then the script is stopped. Where should i put the redirect header?

Here is the login script:

<?php 

// Connects to your Database 

include ("database.php");


 //Checks if there is a login cookie

 if(isset($_SESSION['username']))


 //if there is, it logs you in and directes you to the members page

 {  
    echo '<div id="probwarn"><t1><b>You are already logged in! You do not need to do it again.</b></t1></div>';

}


 //if the login form is submitted 

 if (isset($_POST['submit'])) { // if form has been submitted

$flag = 0; // Safety net, if this gets to 1 at any point in the process, we don't upload.

 // makes sure they filled it in

if(!$_POST['username'] | !$_POST['pass']) {

    echo('<div id="probwarn"><t1>You did not fill in a required field.</t1></div>');
$flag = $flag + 1;
    }

// checks it against the database





    $pass = htmlspecialchars(mysql_real_escape_string($_POST['pass']));
    $username = htmlspecialchars(mysql_real_escape_string($_POST['username']));




   $check = mysql_query("SELECT * FROM members WHERE username = '".$username."'")or die(mysql_error());



 //Gives error if user dosen't exist

 $check2 = mysql_num_rows($check);

 if ($check2 == 0) {
if($flag == 0) {
    echo('<div id="probwarn"><t1>You must <a href="register.html">    <b>register</b></a> first.</t1></div>') ;


            }
    $flag = $flag + 1;
    }           

 $check = mysql_query("SELECT * FROM members WHERE username = '".$username."'")or     die(mysql_error());
 $pass = htmlspecialchars(mysql_real_escape_string($_POST['pass']));
    $username = htmlspecialchars(mysql_real_escape_string($_POST['username']));

 while($info = mysql_fetch_array( $check ))     

 {

 $_POST['pass'] = stripslashes($_POST['pass']);

$info['password'] = stripslashes($info['password']);

$_POST['pass'] = md5($_POST['pass']);



 //gives error if the password is wrong

if ($_POST['pass'] != $info['password']) {
 if($flag == 0) {
    echo('<div id="probwarn"><t1>Incorrect password, please try again.</t1>    </div>');
$flag ++;
     } }

   }        





 // if login is ok then we add a cookie 
 if($flag == 0) {
 $pass = htmlspecialchars(mysql_real_escape_string($_POST['pass']));
 $username = htmlspecialchars(mysql_real_escape_string($_POST['username']));



 $_SESSION['username']=$username;
 $_SESSION['password']=$pass;

 //then redirect them to the members area
//THIS IS THE HEADER 
 header("Location: ../members.html");





 } 

 } 

 else 





 // if they are not logged in 

 ?> 
 LOGIN FORM IS USUALLY HERE
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You forgot to exit after setting a Location header. Unless you know exactly what you’re doing, you should ALWAYS put exit (or die()) after a Location header.

    • 0