<?php
$userid = $_POST["userid"];
$pword = $_POST["pword"];
# session
session_start();
# check that session is valid and set
if(!isset($_SESSION['login']))
{
header('Location: login.php');
}
# check that the required values have been entered
$testin1 = ($userid);
$testin2 = ($pword);
if($testin1 == "")
{
print "<hr><h1> No Username Entered, Please return to the Login page</h1></hr>";
}
elseif ($testin2 == "")
{
print "<hr><h1> No Password Entered, Please return to the Login page</h1></hr>";
}
# Connect to database
$connect = mysql_connect ("localhost","root") or die("Error Connecting to SQLServer");
$db = mysql_select_db ("test");
# query
$query = mysql_query ("select username from login where username = '$userid' and pword = '$pword';");
if($query === FALSE)
{
die(mysql_error());
}
$result = mysql_fetch_array($query);
$record = $result['username'] ;
if ($record != null)
# check if session is operational, if so redirect the user to the correct page
{
$_SESSION['login'] = true;
header( 'Location: index.php' ) ;
}
else if ($record == null)
{
header( 'Location: login.php' );
}
?>
Does anyone know where this is not functioning? It seems to be ‘error free’ however keeps redirecting me back to the login.php page as opposed to the index.php page. any help would be great as i am a relative novice in PHP.
Thanks
It looks like you might possible be outputting data to the user before the
header()is output. You have<HR>s and output (I know that it is only if there is an error) but if you are using those, you could well have<HTML>and the like above the code.If that is the case, then no other header will function.
(Posting as answer as too long for comment – and might be the issue.
Try this code:
I looked through and moved a few things around as well as modifying the logic ever so slightly.