0

I have this form programmed to log a user in. I have confirmed that it does in fact set a session for a user, but for some reason, it forwards the user to the page to connect to the database. I have this page linked in the code because I obviously need to consult the database to confirm the user has an account, but I don't understand why it goes to this page and then just stays there. Help would be appreciated. Index2.php (set as that right now so users won't see it when they go to the site) is supposed to be set as the redirected page after login. The user is supposed to be able to see the homepage even without logging in, but certain content only appears in the user is logged in.

<?php 

session_start();

    include("db_connect.php");


    if($_SERVER['REQUEST_METHOD'] == "POST")
    {
        //something was posted
        $email = $_POST['email'];
        $password = $_POST['password'];

        if(!empty($email) && !empty($password))
        {

            //read from database
            $query = "select * from users_listers where email = '$email' limit 1";
            $result = mysqli_query($conn, $query);

            if($result)
            {
                if($result && mysqli_num_rows($result) > 0)
                {

                    $user_data = mysqli_fetch_assoc($result);
                    
                    if($user_data['password'] === $password)
                    {

                        $_SESSION['user_lister_id'];
                        header("Location: ../index2.php");
                        die;
                    }
                }
            }
            
            echo "wrong username or password!";
        }else
        {
            echo "wrong username or password!";
        }
    }

?>

Thank you for the help!

  • Unrelated: don't store plain text passwords. PHP has [password_hash](https://www.php.net/manual/en/function.password-hash.php) and [password_verify](https://www.php.net/manual/en/function.password-verify.php) – brombeer Jun 29 '22 at 02:32
  • Are you saying users are being redirected to `db_connect.php`? What does `index2.php` contain? – brombeer Jun 29 '22 at 02:33
  • Index2.php is my homepage. I have it named that right now so it doesn't load when people visit the website. Yes, it would appear they are being redirected to db_connect.php. I know this because after I hit the button to log in, I simply get a white screen that says connection successful in the top left corner, which is how I have the connection page programmed right now. I have it set to redirect to Index.php after a successful login, but for some reason, it doesn't want to go there. Index2.php contains the database connection as well as certain content you must be logged in to see, others not –  Jun 29 '22 at 02:43
  • If you haven't already, turn on error reporting. [How do I get PHP errors to display?](https://stackoverflow.com/questions/1053424/how-do-i-get-php-errors-to-display?rq=1) Don't output anything but errors in `db_connect.php` – brombeer Jun 29 '22 at 02:47

0 Answers0