PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
<html>
<head>
<title>The Playhouse Company Admin System</title>
</head>
<body>
<p align="center">
<?php
include("Login.inc");
$cxn = mysqli_connect($host, $user, $password, $dbname)
or die ("Couldn't connect to server.");
$sql = "SELECT * FROM user
WHERE username='$_POST[username]'";
$result = mysqli_query($cxn,$sql)
or die("Couldn't execute query.");
$num = mysqli_num_rows($result);
if ($num > 0) // login name was found
{
$sql = "SELECT * FROM user
WHERE username='$_POST[username]'
AND password=('$_POST[password]')";
$result2 = mysqli_query($cxn,$sql)
or die("Couldn't execute query 2.");
$num2 = mysqli_num_rows($result2);
if ($num2 > 0) // password is correct
{
$_SESSION['auth']="yes";
$username=$_POST['username'];
$_SESSION['username'] = $username;
header("Location: index.php");
}
else // password is not correct
{
$message="The Login Name, '$_POST[username]'
exists, but you have not entered the
correct password! Please try again.<br>";
include("login_form.inc");
}
}
elseif ($num == 0) // login name not found
{
$message = "The Login Name you entered does not
exist! Please try again.<br>";
include("login_form.inc");
}
?>
</p>
</body>
</html>
However it is bringing up the following error message:
"Warning: Cannot modify header information - headers already sent by (output started at C:\AppServ\www\theplayhousecompany\Login.php:7) in C:\AppServ\www\theplayhousecompany\Login.php on line 31"
What do you mean?
Sorry i don't really understand as if i put it before <html> then it displays 'header("Location: index.php")' on the logon page rather than displaying the index.php page if the logon details are correct
frosty16 wrote:What do you mean?
Sorry i don't really understand as if i put it before <html> then it displays 'header("Location: index.php")' on the logon page rather than displaying the index.php page if the logon details are correct
The Login.inc contains a header(), but before including that script/page, (and by that calling that function) you are sending html and that youre not allowed to do.
All header() calls should come first att all times in scripts.
Basically what i am trying to do is if the login details are correct then display the page called index.php. I'm not even sure if header(Location: index.php") is the correct thing to use for this.
The login.inc does indeed not contain any header(), it comes further down in the script. What you need to do tho, is to do all checks before the <html> is shown. An (simplified) example;
<?php
include("Login.inc");
$cxn = mysqli_connect($host, $user, $password, $dbname)
or die ("Couldn't connect to server.");
$sql = "SELECT * FROM user
WHERE username='$_POST[username]'";
$result = mysqli_query($cxn,$sql)
or die("Couldn't execute query.");
$num = mysqli_num_rows($result);
if ($num > 0) // login name was found
{
$sql = "SELECT * FROM user
WHERE username='$_POST[username]'
AND password=('$_POST[password]')";
$result2 = mysqli_query($cxn,$sql)
or die("Couldn't execute query 2.");
$num2 = mysqli_num_rows($result2);
if ($num2 > 0) // password is correct
{
$_SESSION['auth']="yes";
$username=$_POST['username'];
$_SESSION['username'] = $username;
header("Location: index.php");
}
else // password is not correct
{
$message="The Login Name, '$_POST[username]'
exists, but you have not entered the
correct password! Please try again.<br>";
include("login_form.inc");
}
}
elseif ($num == 0) // login name not found
{
$message = "The Login Name you entered does not
exist! Please try again.<br>";
include("login_form.inc");
}
?>
<html>
<head>
<title>The Playhouse Company Admin System</title>
</head>
<body>
<p align="center">
</p>
</body>
</html>
Header("Location: Login.php") is on line 25 now i believe.
Is that correct as that till isnt working.
frosty
Last edited by frosty16 on Sat Jan 26, 2008 10:36 am, edited 1 time in total.
<?php
error_reporting(E_ALL);
include("Login.inc");
$cxn = mysqli_connect($host, $user, $password, $dbname) or die ("Couldn't connect to server.");
$sql = "SELECT * FROM user WHERE username='$_POST[username]'";
$result = mysqli_query($cxn,$sql) or die("Couldn't execute query.");
$num = mysqli_num_rows($result);
if ($num > 0) {
// login name was found
$sql = "SELECT * FROM user WHERE username='$_POST[username]' AND password=('$_POST[password]')";
$result2 = mysqli_query($cxn,$sql) or die("Couldn't execute query 2.");
$num2 = mysqli_num_rows($result2);
if ($num2 > 0) {
// password is correct
$_SESSION['auth']="yes";
$username=$_POST['username'];
$_SESSION['username'] = $username;
header("Location: index.php");
} else {
// password is not correct
$message="The Login Name, '$_POST[username]' exists, but you have not entered the correct password! Please try again.<br>";
$page = "login_form.inc";
}
} elseif ($num == 0) {
// login name not found
$message = "The Login Name you entered does not exist! Please try again.<br>";
$page = "login_form.inc";
}
?>
<html>
<head>
<title>The Playhouse Company Admin System</title>
</head>
<body>
<p align="center">
<?php
if (!empty($page)) {
require $page;
}
?>
</p>
</body>
</html>
What I did was to assign pages to variables instead of includes() as it now producing bad html. I later use them in the actual page. I also added error_reporting at the top to help you understand any errors.