Jump to content
Larry Ullman's Book Forums

Php Re-Direct


Recommended Posts

Hi,

 

I am trying to do a re-direct based on the user's Email and Password, but for some reason I keep getting 404 errors, I have included a copy of the code below, I did try echo-ing out the variables but still got the error 404 problem.

The login form is on the index page and then when the user processes the form it goes to a script called login. If the Email and password are found

then the user should be re-directed to their page called 'home.php'.

 

<?php
require_once ('../functions/config.inc.php');
include ('../includes/header.html');

if($_SERVER['REQUEST_METHOD'] == 'POST') {

$login_errors = array();

require(MySQL);

		if(filter_var($_POST['userEmail'], FILTER_VALIDATE_EMAIL)) {
			$e = mysqli_real_escape_string ($dbc, $_POST['userEmail']);
		} else {
			$login_errors['userEmail'] = 'Please enter a valid Email address';
		}

		if(!empty($_POST['userPassword']) ) {
			$p = mysqli_real_escape_string ($dbc, $_POST['userPassword']);
		} else {
			$login_errors['userPassword'] = 'Please enter a password';
		}

			if(empty($login_errors)) {

				$q = "SELECT userID,userName FROM tbl_Users WHERE (eMail='$e' AND userPassword='" . get_password_hash($p) . "' AND userActivate IS NULL)";
				$r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

					if(mysqli_num_rows($r) == 1) {

						$row = mysqli_fetch_array($r, MYSQLI_NUM);

						$_SESSION['userID'] = $row[0];
						$_SESSION['eMail'] = $row[1];

						//$_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);
						//$token = md5(uniqid(rand(), true));
						//$_SESSION['token'] = $token;

						$url = BASE_URL . 'Members/home.php';
						//ob_end_clean();
						header("Location: $url");
						exit();

			  		} else {
						$login_errors['login'] = 'The email address and password do not match those on file.';

			   		}
			 } 
	}

include ('../includes/footer.html');
?>

 

Regards

 

PHP 5, MYSQL 5, CSS, HTML5

Link to comment
Share on other sites

Does this directory exist on your site --> BASE_URL . 'Members/home.php';

 

You have a capital M in members. Is the folder named Members OR members. In unix/linux based filesystems names are case sensitive, though depends how the server is setup.

I would echo that out the BASE_URL may not have the trailing slash so that may also be the cause of the 404 error.

  • Upvote 1
Link to comment
Share on other sites

Also what version of PHP 5 are you using? 5.2 or 5.3 ?

 

Hi Terry,

 

I am using 5.2, I did change the file name and took out BASE_URL and just used the full

url instead. I am still getting problems though. Like I can log in with the right username and password but then

if someone enters a wrong username and password the screen just outputs the header information.

 

<?php
require ('../functions/config.inc.php');
include ('../includes/header.php');

require(MySQL);

$log_errors = array();

if ($_SERVER['REQUEST_METHOD'] == 'POST') {

	if (preg_match ('/^[A-Z0-9]{2,30}$/i', $_POST['userName'])) {
		$u = mysqli_real_escape_string($dbc, $_POST['userName']);
	} else {
		$log_errors['userName'] = 'Please enter a Username';
	}

	if (!empty($_POST['userPassword'])) {
		$p = mysqli_real_escape_string($dbc, $_POST['userPassword']);
	} else {
		$log_errors['userPassword'] = 'Please Enter Password';
	}

		if(empty($log_errors)) {

			$q = "SELECT userID,eMail,userName, DATE_FORMAT(dateAccountCreated, '%e %b %Y - %T %p') AS userJoined
			      FROM tbl_Users 
				  WHERE (userName='$u' AND userPassword='" . get_password_hash($p) . "') AND userActivate IS NULL";
			$r = mysqli_query($dbc, $q);

					if (mysqli_num_rows($r) == 1) { // A match was made.

						// Get the data:
						$row = mysqli_fetch_array ($r, MYSQLI_NUM); 

						//Store the data in a session:
						$_SESSION['userID'] = $row[0];
						$_SESSION['eMail'] = $row[1];
						$_SESSION['userName'] = $row[2];
						$_SESSION['userJoined'] = $row[3];


						$_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);
						$token = md5(uniqid(rand(), true));
						$_SESSION['token'] = $token;

						$url = 'http://<hidden>/members/myDashboard.php';
						ob_end_clean();
						header("Location: $url");
						exit;

				    } else { // No match was made. I did originally have error messages here. But they didn't display anything
						$url = 'http://<hidden>/index.php';
						ob_end_clean();
						header("Location: $url");
						exit;
			}

		}
} //END SERVER REQUEST
?>

Link to comment
Share on other sites

Is the redirect actually occurring?

 

You are calling headers.php at the top of this file you embedded above, unless ob_end_clean function counteracts the headers already called error you may not be redirecting in the failure ELSE statement.

 

What is in your index.php file? The file you are redirecting to.

 

 

 

FYI: I would suggest naming files with lowercase letters 100%, some servers have problems with camel case names plus how many pages on sites out there do you see camel case names in url?

  • Upvote 1
Link to comment
Share on other sites

Is the redirect actually occurring?

 

You are calling headers.php at the top of this file you embedded above, unless ob_end_clean function counteracts the headers already called error you may not be redirecting in the failure ELSE statement.

 

What is in your index.php file? The file you are redirecting to.

 

 

 

FYI: I would suggest naming files with lowercase letters 100%, some servers have problems with camel case names plus how many pages on sites out there do you see camel case names in url?

 

Hi,

 

I have changed my files to a lower case file standard. Also my script should re-direct to

 

$url = 'http://<hidden>/members/myDashboard.php'; 
ob_end_clean(); 
header("Location: $url"); 
exit; 

 

if it is successful but doesn't even if it the username and password were right. Also in my index file I have at the top:

 

include('../functions/config.inc.php');
include('../includes/header.php');

 

Would I need an ob_start() in the top of the header file ?

 

Just to let you know I re-did the scripts today and they seem to function properly as far as I know, my site is no where near complete yet.

 

Thanks for all your help.

 

Kind Regards

Link to comment
Share on other sites

 Share

×
×
  • Create New...