creating an admin page problem

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
axelblack
Forum Newbie
Posts: 1
Joined: Mon Apr 11, 2005 4:27 am

creating an admin page problem

Post by axelblack »

I am new with PHP and i want to create an admin page but I guess the header does not work..can someone pls help me with this one...

Code: Select all

<?php
session_start();
include "conn.inc.php";
if (isset($_POST["submit"]))
{
$query = "SELECT username, password, id FROM admin WHERE username =
'" . $_POST["username"] . "' AND password = (password('" . $_POST["password"] .
"'));";
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result);
$admin_level = $row["id"];
if (mysql_num_rows($result) == 1)
{
$_SESSION["admin_logged"] = $_POST["username"];
$_SESSION["admin_password"] = $_POST["password"];
$_SESSION["id"] = $row["id"];
header ("Refresh: 5; URL=" . $_POST["redirect"] . "");
echo "You are being redirected to your original page request!<br>";
echo "(If your browser doesn’t support this, <a href=\"" .
$_POST["redirect"]. "\">click here</a>)";
}
else
{
?>
<html>
<head>
<title>Login</title>
</head>
<body>
Invalid Username and/or Password<br>
<form action="admin_login.php" method="post">
<input type="hidden" name="redirect" value="<?php echo
$_POST["redirect"];
?>">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br><br>
<input type="submit" name="submit" value="Login">
</form>
<?php
}
}
else
{
if ($_SERVER['HTTP_REFERER'] == "" || $_SERVER['HTTP_REFERER'] ==
"http://localhost/magazin/admin1/index.php" || $_SERVER['HTTP_REFERER'] ==
"http://localhost/admin1/")
{
$redirect = "/admin1/index.php";
}
else
{
$redirect = $_GET["redirect"];
}
?>
<html>
<head>
<title>Login</title>
</head>
<body>
Login below by supplying your username/password...<br>
<form action="admin_login.php" method="post">
<input type="hidden" name="redirect" value="<?php echo $redirect; ?>">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br><br>
<input type="submit" name="submit" value="Login">
</form>
</body>
</html>
<?php
}
?>
User avatar
CoderGoblin
DevNet Resident
Posts: 1425
Joined: Tue Mar 16, 2004 10:03 am
Location: Aachen, Germany

Post by CoderGoblin »

Previous Header Problem found with search within this board (always recommended before posting if you have a question).

Rather than

Code: Select all

header ("Refresh: 5; URL=" . $_POST["redirect"] . "");
I would use

Code: Select all

if ($_POST['redirect']) {
  header("Location: ".$_POST['redirect']);
  exit;
} else {
  header("Location: [your index page]");
}
If you are new to php (IMO) try to avoid mixing php and HTML, especially within control structures such as an if/else. It makes code difficult to read/understand and maintain.
Post Reply