-3

I want to pass a variable in header .if the variable is exist than give an alert. but its not working login.php

<?php
include "db.php";
$user=$_POST['t1'];
$pass=$_POST['t2'];
$result=mysql_query("select * from registor where username='$user'")or die(mysql_error());
$row=mysql_fetch_row($result);
if($user=='' || $pass==''){
header("location:account.php?wrong");
}
?>

account.php

<?php
if(isset($_GET['wrong']))
{
?>
<script>alert(Please enter detials !!);</script>
<?php
}
if(isset($_GET['user']))
{
?>
<script>alert(Now, Login Please !!);</script><?php
}
?>
user2831560
  • 9
  • 2
  • 2
    **Danger**: You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are also **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Dec 12 '13 at 10:12
  • 1
    Look at the code delivered to the browser. Is it the code you expect? Look at your browser's JavaScript error console. What does it say? Don't just chuck a pile of PHP up and say "it does't work". – Quentin Dec 12 '13 at 10:13

2 Answers2

6

You need quotes around strings :

<script>alert("Now, Login Please !!");</script><?php

But you should have seen the error in the console. Whenever you have something not working client side, always look at the console first.

Denys Séguret
  • 372,613
  • 87
  • 782
  • 758
0

You're actually passing nothing in your header. Make it like this and it'll work:

header("location:account.php?wrong=wrong");

and use single or double qoutes in your alert message:

<?php
if(isset($_GET['wrong']))
{
?>
<script>alert('Please enter detials !!');</script>
<?php
}
if(isset($_GET['user']))
{
?>
<script>alert('Now, Login Please !!');</script><?php
}
?>
Sayed
  • 601
  • 6
  • 21