1

I have a login.php, register.php page.

The register page is working fine, but I have a problem with my login page.

When I log in successfully, it is supposed to redirect me to a page called member.php but instead just stays on the same page and goes no where.

Here is my code for the login.php page where I think the problem may be occuring I have tried replacing header("Location: member.php"); with echo("Success") and it works:

Login.php

<!doctype html>
<html>
    <body>
        <p><a href="register.php">Register</a> | <a href="login.php">Login</a></p>
        <h3>Login Form</h3>
        <form action="" method="POST">
            Username: <input type="text" name="user"><br />
            Password: <input type="password" name="pass"><br /> 
            <input type="submit" value="Login" name="submit" />
        </form>

<?php

if(isset($_POST["submit"])) {
    if(!empty($_POST['user']) && !empty($_POST['pass'])) {
        $user=$_POST['user'];
        $pass=$_POST['pass'];

        $con=mysql_connect('localhost:8889','root','root') or die(mysql_error());
        mysql_select_db('user_registration') or die("cannot select DB");

        $query=mysql_query("SELECT * FROM login WHERE username='".$user."' AND password='".$pass."'");
        $numrows=mysql_num_rows($query);

        if($numrows!=0) {
            while($row=mysql_fetch_assoc($query)) {
                $dbusername=$row['username'];
                $dbpassword=$row['password'];
            }

            if($user == $dbusername && $pass == $dbpassword) {
                session_start();
                $_SESSION['sess_user']=$user;
                header("Location: member.php");
            }

        } else {
            echo "Invalid username or password!";
        }

    } else {
        echo "All fields are required!";
    }
}

?>

    </body>
</html>

member.php

<?php 
session_start();

if(!isset($_SESSION["sess_user"])) {
    header("location:login.php");
} else {

?>
    <!doctype html>
    <html>
        <body>
            <h2>Welcome, <?=$_SESSION['sess_user'];?>! <a href="logout.php">Logout</a></h2>
        </body>
    </html>
<?php } ?>

Database: https://i.stack.imgur.com/Eyfud.png

John Y
  • 14,123
  • 2
  • 48
  • 72
JasperDaDolphin
  • 172
  • 1
  • 9
  • 2
    You can't set a header after any output has been done, move your php code to the top of your `Login.php` file. – Cyclonecode Jul 22 '14 at 23:19
  • move your script processing to the top of the page and set all errors in a variable array for display within the html, not inline as PHP. As Krister said, you can't set header info after anything has been output to the browser without a cheap workaround. – Kai Qing Jul 22 '14 at 23:21
  • thanks you first person to comment and it actually worked thats a first – JasperDaDolphin Jul 22 '14 at 23:21
  • 1
    Turn on error reporting, it helps a LOT on development. This kind mistake should output a big notification. – rlatief Jul 22 '14 at 23:22
  • You need output buffering - http://php.net/manual/en/function.ob-start.php – nettux Jul 22 '14 at 23:23

3 Answers3

1

You can't set headers with header(...) after any html. You can work around this problem with output buffering. Try adding the following to the top of login.php (that is before your doctype declaration)

<?php
ob_start();
?>

http://php.net/manual/en/function.ob-start.php

nettux
  • 5,270
  • 2
  • 23
  • 33
0

You have to send the header("Location: member.php") before any other output. So first check if the user has to be redirected (and do so if yes) and then output everything from <!doctype html> on.

Florian
  • 3,145
  • 1
  • 27
  • 38
0

You can try this. 

if($user == $dbusername && $pass == $dbpassword) 
{
    session_start();
    $_SESSION['sess_user']=$user;
    echo "<script language='javascript'> window.location='member.php'; </script>";
}

member.php

if(!isset($_SESSION["sess_user"])) {
    echo "<script language='javascript'> window.location='login.php'; </script>";
}
Mohit S
  • 13,723
  • 6
  • 34
  • 69