0

I have built a login page for the admin panel,after succesful login the page will redirect to the dashboard.php.When am running in localhost it is working fine,session also working.But when I uploaded in Ipage the page is not redirecting,it is simply reloading the login page. My session code is

    <?php
 session_start();
if(isset($_SESSION['user']) && isset($_SESSION['pass']))
{
header('Location: dashboard.php');
}
?>

The validation code and redirecting code

<?php
   //session_start();

    function login($username, $password)
{


    $query = "SELECT * FROM user WHERE username='$username' AND password='$password'";

   $result = mysql_query($query)or die(mysql_error());
   $num_row = mysql_num_rows($result);

   if( $num_row == 1 )
   {
     while( $row=mysql_fetch_array($result) )
     {
      return true;//$_SESSION['userid'] = $row['userid'];
     }
   } else {
      return false;
   }

  return true;
}
    include("connect.php");

if (isset($_REQUEST['login'])){
    $validLogin = login($_REQUEST['user'], $_REQUEST['pass']);

    if ($validLogin)
    {
        $_SESSION['user'] =$_REQUEST['user'];
        $_SESSION['pass'] = $_REQUEST['pass'];
        header("Location: dashboard.php");
        echo 'hi there';
     } else 
     {
        echo "<font color='white'><h1> Incorrect Details,Entry Prohibited :) </h1></font> ";
     }

}
  ?>
Vicks
  • 107
  • 12
  • Your code is vulnerable to SQL injections; you should read on [how to prevent them in PHP](http://stackoverflow.com/q/60174/53114). – Gumbo Mar 15 '14 at 08:31
  • Is $validLogin true or false? – David Mar 15 '14 at 09:34
  • if($vaildLogin) true then the code executes – Vicks Mar 15 '14 at 09:41
  • Yep I got that, but is it actually true when it's on the server? You could try adding exit($validLogin) after calling login, just to mak sure. Otherwise, are you sure that the session is started on the dashboard page? If not, it might redirect you to the login page... – David Mar 15 '14 at 09:46
  • ya it is true..I even removed sesssion from dashboard and login page it is still not redirecting to the other page – Vicks Mar 15 '14 at 09:47
  • Well yes, if you remove the session, you'll stay on the login page – David Mar 15 '14 at 10:00

4 Answers4

2
<?php
ob_start();
?>

at first of line

if ($validLogin)
{
    $_SESSION['user'] =$_REQUEST['user'];
    $_SESSION['pass'] = $_REQUEST['pass'];
    header("Location: dashboard.php");
    exit;
 } else 
 {
    echo "<font color='white'><h1> Incorrect Details,Entry Prohibited :) </h1></font> ";
 }
Laukik Patel
  • 733
  • 7
  • 18
  • where should i add that code..? after the session php tag or after my validation php tag..? – Vicks Mar 15 '14 at 08:46
  • I have added this code: error_reporting(E_ALL); ini_set("display_errors", 1); no error is showing – Vicks Mar 15 '14 at 08:59
1

You can't do an echo after your header() . Uncomment it and add an exit as shown below.

if ($validLogin)
    {
        $_SESSION['user'] =$_REQUEST['user'];
        $_SESSION['pass'] = $_REQUEST['pass'];
        header("Location: dashboard.php");
        //echo 'hi there'; //<------ Commented this
        exit;// <---- Added exit 
     } else 
     {
        echo "<font color='white'><h1> Incorrect Details,Entry Prohibited :) </h1></font> ";
     }
Shankar Narayana Damodaran
  • 68,075
  • 43
  • 96
  • 126
0

Remove space after Location: and try following code

header("Location:dashboard.php");

Ayaz Shah
  • 435
  • 1
  • 5
  • 24
0

Try using ob_clean

if ($validLogin)
{
    ob_clean();// <---- Added this
    $_SESSION['user'] =$_REQUEST['user'];
    $_SESSION['pass'] = $_REQUEST['pass'];
    header("Location: dashboard.php");
    //echo 'hi there'; //<------ Commented this
    exit;// <---- Added exit 
 } else 
 {
    echo "<font color='white'><h1> Incorrect Details,Entry Prohibited :) </h1></font> ";
 }

Edit: according to your comments on other posts, you disabled the session.. make sure it's enabled, both on login and dashboard page

David
  • 33,444
  • 11
  • 80
  • 118