Tuesday 4 September 2018

The header of the PHP login page does not work

I was trying to make a login form which redirects to my index page. But I think the header() function used in the second php script of the admin_login.php is not exactly working and thus if the username and password are correct also then the browser is not redirection to the index.php page. I find that the first hearder() is working properly because when ever after login I reload the browser the page is redirected to the index.php Please help me out how to rearrange the codes to get the desired results. Thanks in advance.

admin_login.php

<?php 

    session_start();
    if(isset($_SESSION["manager"])){
        header("location: index.php");
        exit();
    }
?>

<?php 

    if(isset($_POST["username"]) && isset($_POST["password"])){

        $manager = preg_replace('#[^A-Za-z0-9]#i','',$_POST["username"]);
        $password = preg_replace('#[^A-Za-z0-9]#i','',$_POST["password"]);

        include("../storescript/connect_to_mysql.php");

        $sql = mysql_query("SELECT id FROM admin WHERE username = '$manager' AND password = '$password' LIMIT 1 ");

        $existCount = mysql_num_rows($sql);

        if($existCount == 1)
        {
            while($row = mysql_fetch_array($sql)){
                $id = $row["id"];
            }
            $_SESSION["id"] = $id;
            $_SESSION["manager"] = $manager;
            $_SESSION["password"] = $password;

            header("location : index.php");
            exit();
        }
        else
        {
            echo ("The given information is incorrect. Please <a href='index.php'>click here</a> to try again. ");
            exit();
        }
    }

?>

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>GROCERY WORLD STORE ADMIN</title>
<link href="../../css/structure/template.css" rel="stylesheet" type="text/css">
<link href="adminpage.css" type="text/css">
<link href="adminpage.css" rel="stylesheet" type="text/css">
</head>

<body>

    <!--CONTAINER-->
    <div class="Container">

        <?php
            include_once("../../template_header.html");
        ?>

        <!--CONTENT AREA-->
        <div class="Content">

            <div style="margin: 10px;" align="left">

                <form action="admin_login.php" method="post" name="adminLogin">
                    <table width="300" border="0">
  <tr>
    <td>username</td>
    <td><input type="text" name="username"></td>
  </tr>
  <tr>
    <td>password</td>
    <td><input type="password" name="password"></td>
  </tr>
  <tr>
    <td><input type="submit" value="Login"></td>
    <td><input type="reset" value="Clear"></td>
  </tr>
</table>

                </form>

            </div>

        </div>

        <!--FOOTER AREA-->
        <?php
            include_once("../../template_footer.html");
        ?>

    </div>

</body>
</html>

connect_to_mysql.php

<?php
    $mysql_host = "myhostname";
    $mysql_db = "mystore";
    $mysql_user = "mybuilder";
    $mysql_pwd = "123";
    $conn = mysql_connect("$mysql_host","$mysql_user","$mysql_pwd") or die(mysql_error());//SETING UP CONNECTION WITH SQL DATABASE
    mysql_select_db("$mysql_db", $conn) or die("No Database");//SELECTING DATABASE
?>

index.php

<?php 

    session_start();
    if(!isset($_SESSION["manager"])){
        header("location: admin_login.php");
        exit();
    }

    $managerID = preg_replace('#[^0-9]#i','',$_SESSION["id"]);
    $manager = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["manager"]);
    $password = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["password"]);

    include("../storescript/connect_to_mysql.php");

    $sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1");

    $existCount = mysql_num_rows($sql);

    if($existCount == 0)
    {
        echo "Your record is not present in our database.";
        exit();
    }

?>

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>GROCERY WORLD STORE ADMIN</title>
<link href="../../css/structure/template.css" rel="stylesheet" type="text/css">
<link href="adminpage.css" type="text/css">
<link href="adminpage.css" rel="stylesheet" type="text/css">
</head>

<body>

    <!--CONTAINER-->
    <div class="Container">

        <?php
            include_once("../../template_header.html");
        ?>

        <!--CONTENT AREA-->
        <div class="Content">

            <div style="margin: 10px;" align="left">

            <h3 id="Style1">Hello ADMIN MANAGER. What would you like to do today?</h2>
            <p>
            <a href="#">Update products</a><br>
            <a href="#">Logout</a>
            </p>
            </div>

        </div>

        <!--FOOTER AREA-->
        <?php
            include_once("../../template_footer.html");
        ?>

    </div>

</body>
</html>


if(isset($_SESSION["manager"])){
  include("index.php");
  exit();
}

$_SESSION["id"] = $id;
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
include("index.php");
exit();
This is probably outputting some spaces or new line. The include will work where the header will not.
?>

<?php

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)