2

I am new to PHP, now I am developing a mini forum I have made posts a option, the problem is after login and going to enter a post I can't post, it redirect me back to login page ad force sign-me-out. The code doesn't even have a redirection to login page

<?php
   ini_set('default_charset', 'UTF-8');
   $hostname = "localhost";
   $userDB = "root";
   $password = "";
   $databaseName = "forum";
   $con = mysql_connect($hostname, $userDB, $password) or die("failed to connect");
   mysql_select_db($databaseName, $con) or die("failed to connect with database");
   mysql_query("SET NAMES utf8;");
   $myposts = mysql_real_escape_string($_POST['Post']);
   $query= "insert into post ( posts , date )
       values ('".$myposts."' , now())";

   if(mysql_query($query)===true)
   {
      echo '<meta http-equiv="Refresh" content="0; URL=posts.php" />';
   }
   else 
   { 
      echo "no permission to post"; 
   }
   mysql_close($con);
Chris Forrence
  • 10,042
  • 11
  • 48
  • 64
mohamedrashad
  • 65
  • 11
  • 7
    If you are new to PHP, then start learning about `PDO` now, before wasting your time learning how to use `mysql_*` function which are deprecated. – samayo Dec 30 '13 at 19:41
  • use SESSION variables – jcho360 Dec 30 '13 at 19:42
  • There's nothing in the code you've posted that would redirect you. You obviously have some other code that is doing it. Are you using a framework? – Dave Dec 30 '13 at 19:43
  • 1
    WTH... echo ''; – Rottingham Dec 30 '13 at 19:43
  • agree with @Qǝuoɯᴉs if your new you should also start looking at the best practices, also a good way also for a forum etc look at laravel, Slim PHP etc this will take security etc and help you tons – Simon Davies Dec 30 '13 at 19:47

2 Answers2

0

I agree with @Qǝ uoɯᴉs about learning PDO (docs & tutorial)for php,cause its better than mysql_* functions(even for beginners).

Also use session & cookies for login data

Then about that redirecting I have a few things: There are a few ways to redirect a page in php like

  1. using meta refresh(like you have used)

  2. using javascript like

    <script type="text/javascript">window.top.location="http://www.google.com";</script>'

  3. with php header()

I think everyone would say 3rd one is the most appropriate one. For more information on this please read this question

Community
  • 1
  • 1
Gun2sh
  • 870
  • 12
  • 22
0

Sometimes I do this and works. Check it and tell me if still working.
Change these lines:

if(mysql_query($query)===true)
{
 echo "<script>window.open('redirect.php','_self');</script>";
}
else 
{ 
 echo "No permission to post.<script>window.open('index.php','_self');</script>";
}

Greetings (:

CaptainKnee
  • 139
  • 5