I was trying to make a login form which redirects to my index page. But I think the header() function used in the second php script of the admin_login.php is not exactly working and thus if the username and password are correct also then the browser is not redirection to the index.php page. I find that the first hearder() is working properly because when ever after login I reload the browser the page is redirected to the index.php Please help me out how to rearrange the codes to get the desired results. Thanks in advance.
admin_login.php
<?php
session_start();
if(isset($_SESSION["manager"])){
header("location: index.php");
exit();
}
?>
<?php
if(isset($_POST["username"]) && isset($_POST["password"])){
$manager = preg_replace('#[^A-Za-z0-9]#i','',$_POST["username"]);
$password = preg_replace('#[^A-Za-z0-9]#i','',$_POST["password"]);
include("../storescript/connect_to_mysql.php");
$sql = mysql_query("SELECT id FROM admin WHERE username = '$manager' AND password = '$password' LIMIT 1 ");
$existCount = mysql_num_rows($sql);
if($existCount == 1)
{
while($row = mysql_fetch_array($sql)){
$id = $row["id"];
}
$_SESSION["id"] = $id;
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
header("location : index.php");
exit();
}
else
{
echo ("The given information is incorrect. Please <a href='index.php'>click here</a> to try again. ");
exit();
}
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>GROCERY WORLD STORE ADMIN</title>
<link href="../../css/structure/template.css" rel="stylesheet" type="text/css">
<link href="adminpage.css" type="text/css">
<link href="adminpage.css" rel="stylesheet" type="text/css">
</head>
<body>
<!--CONTAINER-->
<div class="Container">
<?php
include_once("../../template_header.html");
?>
<!--CONTENT AREA-->
<div class="Content">
<div style="margin: 10px;" align="left">
<form action="admin_login.php" method="post" name="adminLogin">
<table width="300" border="0">
<tr>
<td>username</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>password</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td><input type="submit" value="Login"></td>
<td><input type="reset" value="Clear"></td>
</tr>
</table>
</form>
</div>
</div>
<!--FOOTER AREA-->
<?php
include_once("../../template_footer.html");
?>
</div>
</body>
</html>
connect_to_mysql.php
<?php
$mysql_host = "myhostname";
$mysql_db = "mystore";
$mysql_user = "mybuilder";
$mysql_pwd = "123";
$conn = mysql_connect("$mysql_host","$mysql_user","$mysql_pwd") or die(mysql_error());//SETING UP CONNECTION WITH SQL DATABASE
mysql_select_db("$mysql_db", $conn) or die("No Database");//SELECTING DATABASE
?>
index.php
<?php
session_start();
if(!isset($_SESSION["manager"])){
header("location: admin_login.php");
exit();
}
$managerID = preg_replace('#[^0-9]#i','',$_SESSION["id"]);
$manager = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["manager"]);
$password = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["password"]);
include("../storescript/connect_to_mysql.php");
$sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1");
$existCount = mysql_num_rows($sql);
if($existCount == 0)
{
echo "Your record is not present in our database.";
exit();
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>GROCERY WORLD STORE ADMIN</title>
<link href="../../css/structure/template.css" rel="stylesheet" type="text/css">
<link href="adminpage.css" type="text/css">
<link href="adminpage.css" rel="stylesheet" type="text/css">
</head>
<body>
<!--CONTAINER-->
<div class="Container">
<?php
include_once("../../template_header.html");
?>
<!--CONTENT AREA-->
<div class="Content">
<div style="margin: 10px;" align="left">
<h3 id="Style1">Hello ADMIN MANAGER. What would you like to do today?</h2>
<p>
<a href="#">Update products</a><br>
<a href="#">Logout</a>
</p>
</div>
</div>
<!--FOOTER AREA-->
<?php
include_once("../../template_footer.html");
?>
</div>
</body>
</html>
if(isset($_SESSION["manager"])){
include("index.php");
exit();
}
$_SESSION["id"] = $id;
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
include("index.php");
exit();
This is probably outputting some spaces or new line. The include will work where the header will not.
?>
<?php
0 comments:
Post a Comment