Simple Login Script: Problems with header(Location)
Posted: Fri Feb 20, 2009 10:39 am
Hello,
I'm writing a simple login verification script and everytime I run the file I'm getting 404 not found. I'm not sure if ../ is allowed in the location header.
I would appreciate any feedback or help.
Thanks
I'm writing a simple login verification script and everytime I run the file I'm getting 404 not found. I'm not sure if ../ is allowed in the location header.
I would appreciate any feedback or help.
Thanks
Code: Select all
<?php
session_start();
//Get user input.
$userName = $_POST['userName'];
$userPassword = $_POST['userPassword'];
//Database connection
$dbc=mysql_connect ("localhost", "my_username","my_password") or die('Cannot connect to the database because: ' . mysql_error());
$Link = mysql_select_db ("my_database");
$query = 'SELECT user_name,password FROM users '
. ' WHERE user_name = \''.$userName.'\' AND password = \''.$userPassword.'\'';
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result))
{
$user_name = $row['user_name'];
$password = $row['password'];
}
//Log in OK?
if ( $userName == $user_name && $userPassword == $password) {
$_SESSION['logged in'] = 'ok';
$_SESSION['user name'] = $userName;
header([color=#FF4040]'../Location: userloggedin/index.php'[/color]);
exit();
}
//Jump to bad login.
header([color=#FF0000]'Location: ../index.php'[/color]);
exit();
?>