0

I have a PHP function login in index.php, now what I want to do is after login success I want the page keep redirect into index.php, because I have settle the home page in index.php.

It's like a twitter and facebook.

$login=mysql_query("SELECT username, email, password FROM t_users WHERE (username='$username' OR email='$username') AND password='$password'");
        $found=mysql_num_rows($login);
        $r=mysql_fetch_array($login);

        if ($found > 0)
        {
            session_register("username");
            session_register("password");

            $_SESSION[username]     = $r[username];
            $_SESSION[password]     = $r[password];

            date_default_timezone_set("Asia/Jakarta");
            $date_log = date("j-F-Y, G:i ");

            mysql_query("update t_users set date_logged_in='$date_log' WHERE username='$_SESSION[username]'");
            header('location:index.php');
        }
        else
        {
            echo "<div class='error_log'><p class='error'>Invalid username/email and password.</p></div>";
        }

Any idea ? Thanks for helps.

user1793122
  • 53
  • 4
  • 1
    Do you escape your database input? Did you know array keys ought to be quoted? If you have a problem with your code, please specify it. – mario Nov 15 '12 at 04:20
  • 1
    Regardless of your issue always use `exit;` after the `header()` function when you're redirecting the user - to avoid remaining code from being executed. – inhan Nov 15 '12 at 04:20
  • 1
    you should use PDO or msqli to handle your sql. Right now your mysql looks completely open to injection. also look into CSRF (another vulnerability probably in your code) – Jacob Nov 15 '12 at 04:49

1 Answers1

0

You can redirect after your login process using header("location:../index.php");

remember that you have to use the correct path, in this example I assumed that you have a folder which you have this login process and your index is at another sub folder, if your file are in the same directory/folder you dont need ../ just put index.php after location:

amirali shahinpour
  • 189
  • 2
  • 13