Solved

Page after login not working

Posted on 2014-01-20
14
474 Views
Last Modified: 2014-01-24
Hello,

I have a simple login page, authorization page and then the page that I want to display.  However, I am not able to view the 3 rd page.  Here is my code.
This is my 3rd page which is not displaying....
<?php
session_start();

if($_SESSION['logged']){
   
echo "logged";



<html>
<head>
      <title>Test123</title>
      <link rel="stylesheet" href="http://fonts.googleapis.com/css?family=Karla:400,700">
      <link rel="stylesheet" href="css/screen.css" media="screen"/>
      <link rel="stylesheet" href="css/lightbox.css" media="screen"/>
</head>

//some other html stuff
}
?>
*******************************************
Page2- validate_login.php
<?php
ob_start();
$host="localhost"; // Host name
$username="*****"; // Mysql username
$password="*******"; // Mysql password
$db_name="abc"; // Database name
$tbl_name="abcd"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);


$count=mysql_num_rows($result);



if($count==1){
 session_start();
$_SESSION['logged'] = TRUE;
session_register("myusername");
session_register("mypassword");
header("Location: test.php");

exit;
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
************************************************************************
page1/login.php
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="validate_login.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Please Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
0
Comment
Question by:perlwhite
  • 5
  • 4
  • 4
  • +1
14 Comments
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39794848
I don't think I can debug your code, but I can show you the design pattern, which has tested and working code, in this article:
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html
0
 

Author Comment

by:perlwhite
ID: 39794859
OK,  can you give me any hints why I am not able to redirect to the 3rd page.  After login button is pressed, the control goes to the validate_login page and does not move from there.
0
 
LVL 30

Expert Comment

by:Marco Gasi
ID: 39794875
I am not able to view the 3 rd page
What does this mean? You see 'Wrong username or password'? Or a blank page?

Anyway, delete the exit after the call of header: this could fix the issue.
0
 

Author Comment

by:perlwhite
ID: 39794899
I am not able to view the 3 rd page

This means that the page that is supposed to display after validate_login.php is blank.

Anyway, delete the exit after the call of header: this could fix the issue.

Nope, still getting blank page and the header address bar still says- validate_login.php
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39794914
Please post a link to the failing web page, and give us any other information we can use to test, thanks.

Also, please read the article on PHP client authentication.  You're not the first one to try this, and there is a wealth of deep background experience built into the article.  From the code I see in this question, it would be easier for you to start over with a stable platform, rather than try to keep building on this one.

If you're new to PHP, this other article can help you get started on a good footing.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_11769-And-by-the-way-I-am-new-to-PHP.html
0
 
LVL 30

Assisted Solution

by:Marco Gasi
Marco Gasi earned 250 total points
ID: 39794936
There are several things to say: first, if address bar still display validate_login.php simply you don'. be redirected at all. This makes me think you have some error but you don't get any message and this makes me guess you have not the right error_message level set. So,
put fisrt at the top of all your scripts these lines:

<?php
error_reporting(E_ALL);
ini_set_('display_errors', 'On');

Comment out these lines in your production environments, but keep them active when your are in debugging or development environment: they will give you all valid informations to understand what's going wrong.

Secondly, when you run a query be sure to give yourself all needed error info:

<?php
$result=mysql_query($sql) or die("Error: " . mysql_error());

Third, mysql extension is deprecated and it will be removed. Use mysqli (or PDO) extension instead. A good learning resource is another Ray's article: http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html (all Ray's articles are a wonderful learning resource, so I only can suggest you to read them all)
0
 
LVL 7

Expert Comment

by:dimmergeek
ID: 39795314
Not sure if it's a copy/paste error, but you are missing the closing bracket and closing php tag for your if statement on 3rd page:

<?php
session_start();

if($_SESSION['logged']){
    
echo "logged";
}
?>

Open in new window

0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:perlwhite
ID: 39795460
Thanks experts for your comments. What is confusing is the same exact code works on my localhost but not on my production site.
0
 

Author Comment

by:perlwhite
ID: 39795513
dimmergeek,

Yes I have that in my code.
0
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 250 total points
ID: 39795936
I think you may want to learn about these functions.  
http://php.net/manual/en/function.error-log.php
http://php.net/manual/en/function.trigger-error.php

Who is your hosting company for the failing production site?
0
 
LVL 30

Expert Comment

by:Marco Gasi
ID: 39796091
Have you set error_reporting t E_ALL as I suggested in my comment?
If yes, do you receive any message?
If yes, post it here, please.
If not, do it :)
0
 

Author Comment

by:perlwhite
ID: 39807457
I deleted these and it works now, do not know why!

session_register("myusername");
session_register("mypassword");

but this line works -$_SESSION['logged'] = TRUE;
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39807500
@Perlwhite: What was wrong with the responses here?  You didn't answer my questions.  You obviously did not read the online man pages, or you would have known that using session_register() was a serious mistake.  You gave the worst grade anyone can give to a colleague here at Experts-Exchange and you did so without any explanation.

Please explain, thanks.  To assist you, here are the grading guidelines:
http://support.experts-exchange.com/customer/portal/articles/481419
0
 
LVL 30

Expert Comment

by:Marco Gasi
ID: 39807507
Totally agree with Ray: explain why or change grade, please.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to dynamically set the form action using jQuery.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now