Page 1 of 1
header and session
Posted: Fri Aug 26, 2005 6:04 pm
by ale2121
i'm having trouble getting a header function to point to a new url. I have a session opening right before it. Do both have to be the first info sent? if so, how can I redirect a browser once a session has been opened?
Code: Select all
session_start();
$_SESSION['band_name'] = $row[2];
$_SESSION['first_name'] = $row[1];
$_SESSION['user_id'] = $row[0];
header ("Location: http://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "/signedin.php");
exit();
feyd | 
Posted: Fri Aug 26, 2005 6:09 pm
by feyd
there are some servers that will not include a session cookie setup if a redirection header is used. However, if you server is basically php defaults, then this should help:
Code: Select all
session_start();
$_SESSION['band_name'] = $row[2];
$_SESSION['first_name'] = $row[1];
$_SESSION['user_id'] = $row[0];
header ("Location: http://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "/signedin.php?".session_name().'='.session_id());
exit();
Posted: Fri Aug 26, 2005 6:19 pm
by ale2121
that didn't work. the url changes from ".../login.php" to " .../login.php/signedin.php" and now adds the session id to the end of that, but my signedin.php page is not actually coming up, it just resets the login.php form.
Posted: Fri Aug 26, 2005 6:31 pm
by feyd
that's from the code you posted... so, remove the PHP_SELF reference..
Posted: Fri Aug 26, 2005 6:52 pm
by ale2121
yeah, i knew that was the case, but I'm not sure if it's because it's actually redirecting to the signedin.php, or if the login.php was putting that there. also, i don't know if this is related, but I can't get the password function to work either. it uploads the encrypted format, but when I call it from the login page, the passwords don't match. the whole script is kind of long, but maybe I'm not doing something right overall, so here's the whole thing:
Code: Select all
<?php
if (isset($_POST['submit'])) {
require_once ('mysql_connect.php');
function escape_data($data) {
global $dbc;
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
}
$message = NULL;
if (empty($_POST['username'])) {
$u = FALSE;
$message .= '<p>Please enter your user name.</p>';
} else {
$u = escape_data($_POST['username']);
}
if (empty($_POST['password'])) {
$p = FALSE;
$message .= '<p>Please enter your password</p>';
} else {
$p = escape_data($_POST['password']);
}
if ($u && $p) {
$query = "SELECT username, first_name, band_name FROM users WHERE username = '$u' AND password = '$p' " ;
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);
if ($row) {
session_start();
$_SESSION['band_name'] = $row[2];
$_SESSION['first_name'] = $row[1];
$_SESSION['username'] = $row[0];
header ("Location: http://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "/signedin.php?" . session_name().'='.session_id());
exit();
} else {
$message = '<p>Incorrect user name or password.</p>';
}
mysql_close();
} else {
$message .= '<p>Please try again.</p>';
}
}
if (isset ($message)) {
echo '<font color = "red">', $message, '</font>';
}
?>
<form action = "<?php echo $_SERVER['PHP_SELF']; ?> "method = "POST">
<filedset><legend><font color="#999999">Please sign in.</font></legend>
<p>User Name <input type ="text" name = "username" size = "10" maxlength = "15" value = "<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /></p>
<p>Password <input type ="text" name = "password" size = "10" maxlength = "16" value = "" /></p>
<div align = "left"><input type = "submit" name = "submit" value = "Login!"/></div>
</form>
feyd | you used to terminate your code.[/color]
Posted: Fri Aug 26, 2005 7:10 pm
by feyd
as I said, remove the PHP_SELF reference..
$_SERVER['PHP_SELF']
Posted: Fri Aug 26, 2005 7:27 pm
by ale2121
sorry
this works now