User Auth and Redirect
Moderator: General Moderators
User Auth and Redirect
Hi!
I am trying to do a log-in script for clients to check out their under development web page. Here is the url: http://clients.sirrusdigital.com but it doesn;t redirect. i don't even know if it is authing the user. here is the code.
<?php
include("conf.php");
if($submit) {
$mysql = mysql_connect ("$host","$user", "$pass");
mysql_select_db("$db",$mysql);
$url = mysql_query("SELECT url FROM clients WHERE (usr = $username)");
$result=mysql_query("select * from clients where usr='$username'",$mysql) or die ("cant do it");
while ($row=mysql_fetch_array($result)) {
if ($row["pass"]==$password) {
header (" Location: http://$url ");
}
}
}
?>
if you want to test the script go to http://clients.sirrusdigital.com and enter test for the username and test for the password. It should redirect to google.com.
All help is greatly appreciated.
I am trying to do a log-in script for clients to check out their under development web page. Here is the url: http://clients.sirrusdigital.com but it doesn;t redirect. i don't even know if it is authing the user. here is the code.
<?php
include("conf.php");
if($submit) {
$mysql = mysql_connect ("$host","$user", "$pass");
mysql_select_db("$db",$mysql);
$url = mysql_query("SELECT url FROM clients WHERE (usr = $username)");
$result=mysql_query("select * from clients where usr='$username'",$mysql) or die ("cant do it");
while ($row=mysql_fetch_array($result)) {
if ($row["pass"]==$password) {
header (" Location: http://$url ");
}
}
}
?>
if you want to test the script go to http://clients.sirrusdigital.com and enter test for the username and test for the password. It should redirect to google.com.
All help is greatly appreciated.
Echo out the variables you are expecting to be used:
echo $username
echo $password
echo $url
echo $submit
echo $row['pass']
and see if what is being returned is what you are expecting.
is ?username=username being passed into $username
or do you need to initialize it with $username=$HTTP_POST_VARS['username']
echo $username
echo $password
echo $url
echo $submit
echo $row['pass']
and see if what is being returned is what you are expecting.
is ?username=username being passed into $username
or do you need to initialize it with $username=$HTTP_POST_VARS['username']
I read it and it helped but why won't this code work?
<?php
include("conf.php");
if($submit) {
$mysql = mysql_connect ("$host","$user", "$pass");
mysql_select_db("$db",$mysql);
$url = mysql_query(" SELECT url FROM clients WHERE usr = $_POST['username']; ");
$result=mysql_query("select * from clients where usr= $_POST['username']; ") or die ("cant do it");
while ($row=mysql_fetch_array($result)) {
if ($row["pass"]==$_POST['password']) {
header (" Location: $url ");
}
}
}
?>
<?php
include("conf.php");
if($submit) {
$mysql = mysql_connect ("$host","$user", "$pass");
mysql_select_db("$db",$mysql);
$url = mysql_query(" SELECT url FROM clients WHERE usr = $_POST['username']; ");
$result=mysql_query("select * from clients where usr= $_POST['username']; ") or die ("cant do it");
while ($row=mysql_fetch_array($result)) {
if ($row["pass"]==$_POST['password']) {
header (" Location: $url ");
}
}
}
?>
You're already in a string literal, so you must no open another for accessing the array. Try$url = mysql_query(" SELECT url FROM clients WHERE usr = $_POST['username']; ");
Code: Select all
$url = mysql_query("SELECT url FROM clients WHERE usr=$_POSTїusername]");
// or
mysql_query("SELECT url FROM clients WHERE usr={$_POSTї'username']}");
// or
$url = mysql_query('SELECT url FROM clients WHERE usr='.$_POSTї'username']);While developing it might be useful to increase error_reporting to E_ALL in php.ini
unless you set display_errors=on you have to look into the (web-)server's error.log to see error descriptions.
btw: why don't you catch only records from mysql where username and password match. Then there is no need for the while-loop
It stilll doesn't work but I did something wrong. The error message is:
Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/sirrusdi/public_html/clients/index.php on line 15
And here is my code....
<?php
include("conf.php");
if($submit) {
$mysql = mysql_connect ("$host","$user", "$pass");
mysql_select_db("$db",$mysql);
$url=mysql_query("SELECT url FROM clients WHERE usr=$_POST[username]");
$result = mysql_query("SELECT * FROM clients WHERE usr=$_POST['username']") or die ("cant do it");
while ($row=mysql_fetch_array($result)) {
if ($row["pass"]==$_POST['password']) {
header (" Location: $url");
}
}
}
echo $mysql;
?>
And can you show me the code you were talking about?
You guys can tell I am new to this. All help is great!
Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/sirrusdi/public_html/clients/index.php on line 15
And here is my code....
<?php
include("conf.php");
if($submit) {
$mysql = mysql_connect ("$host","$user", "$pass");
mysql_select_db("$db",$mysql);
$url=mysql_query("SELECT url FROM clients WHERE usr=$_POST[username]");
$result = mysql_query("SELECT * FROM clients WHERE usr=$_POST['username']") or die ("cant do it");
while ($row=mysql_fetch_array($result)) {
if ($row["pass"]==$_POST['password']) {
header (" Location: $url");
}
}
}
echo $mysql;
?>
And can you show me the code you were talking about?
You guys can tell I am new to this. All help is great!
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK