is ur page redirect on desire location?
if it redirected on desire location than just avoid this notice type error for it just add this line to your top of the coding page
<?php error_reporting (E_ALL ^ E_NOTICE); ?>its remove all your notice type error
no it does not redirect. It stays on the checkuser.php and outputs the error
“Notice: Undefined variable: _SESSION in C:\Program Files (x86)\EasyPHP-5.3.8.1\www\Sample\checkuser.php on line 3”
please past your all code here. and just tell me from where you getting the
$user=$_SESSION[‘username’];
[php]<?php
$username = $_SESSION[‘username’];
//connect to db
$connect = mysql_connect(‘’,’*****’,'’);
mysql_select_db(’********’);
$get = mysql_query(“SELECT * FROM users where user_level= ‘0’ AND user_level= ‘1’”);// calling two field is throw an ambiguity
while($row = mysql_fetch_array($get))
{
$admin = $row[‘user_level’];
if ($admin == 0)
{
header(“Location: user-area.php”);
}
elseif ($admin == 1)
{
header(“Location: admin-page.php”);
}
}
?>
[/php]
it’s actually $username …I forgot to mention that. sorry…and it’s from the login form here:
[code]
Username:
Password:
Is any field inside your table user which contain the username… if any field than tell me the field name of the user table
in the users table that I have set up…there is a field labeled ‘username’ that contains all the usernames for that table. Would that mess up the code in php for the session in the checkuser.php ?
this is ur login.php page where just change ur field name and table name
<?php error_reporting (E_ALL ^ E_NOTICE); session_start(); ?> Username: }
header("location:test.php");
}}
?>
this is ur checkuser.php
<?php error_reporting (E_ALL ^ E_NOTICE); ?> <?php session_start(); echo $_SESSION['username'];//$user = $_SESSION['username']; //connect to db $connect = mysql_connect("localhost","root",""); mysql_select_db("crm"); $get = mysql_query("SELECT * FROM agentregistration WHERE AgentEmail='".$_SESSION['username']."'") or die(mysql_error()); while($row = mysql_fetch_array($get)) { $admin = $row['status']; if ($admin == 0) { header("Location: user-area.php"); } elseif ($admin == 1) { header("Location: admin-page.php"); } else { echo "this is invalid status"; } } ?>this is ur login.php page where just change ur field name and table name
<?php error_reporting (E_ALL ^ E_NOTICE); session_start(); ?> Username: }
header("location:checkuser.php ");
}}
?>
when I do all that and then log in again…it redirects me to the login form…and there isn’t a redirect to the form…why is this?
becz when login will be successful than the form is automatically redirect to checkuser.php
i write the code for this login .php see the last line
header("location:checkuser.php ");
and on checkuser.php its checking for the
user_level
if user_level=0 than its redirect to user-area.php
and if user_level=1 than its direct to admin-page.php
… so check the all thing which u want to redirect
or if u have still facing problem than plz send me ur all coding files wrap it in zip folder i will check it on my personal email id
are u using md5 when entering the password into the table at the time of registration…if u r using md5 at the time of registration than its working
if u r not using md5 for encrypt the pasword at the time of register user than use this login.php
<?php error_reporting (E_ALL ^ E_NOTICE); session_start(); ?>$user=$_POST[‘username’];
$pass=$_POST[‘password’];
mysql_connect(“127.0.0.1”,“root”,"");
mysql_select_db(“member”);
if($_POST[‘Submit’]){
$select=“SELECT * FROM USERS where username=’”.$user."’ && password=’".$pass."’";
$msq=mysql_query($select);
if(mysql_num_rows($msq)>0)
{
while($row=mysql_fetch_array($msq))
{
$username=$row[‘users’];
$_SESSION[‘username’]=$username;
echo $_SESSION[‘username’];
}
header("location: checkuser.php");
}}
?>
I am using md5 for registration…all the passwords in the database are md5’d but I still get redirected to the login page when I put in my username and password that is clearly in the database so nothing should be wrong…
Does the query succeed?
You could try checking with:
[php]$select=“SELECT * FROM USERS where username=’”.$user."’ && password=’".$pass."’";
$msq=mysql_query($select);
if($msq == false) {
echo mysql_error();
}[/php]
Also, you should always sanitize your user input before putting it into an SQL statement:
[php]$user=mysql_real_escape_string($_POST[‘username’]);
$pass=mysql_real_escape_string($_POST[‘password’]);[/php]
In addition to that - as you’re only expecting one record result - you don’t need the while statement:
[php] if(mysql_num_rows($msq)>0)
{
while($row=mysql_fetch_array($msq))
{
$username=$row[‘users’];
$_SESSION[‘username’]=$username;
echo $_SESSION[‘username’];
}
header("location: checkuser.php");
}}[/php]
Can become:
[php]if(mysql_num_rows($msq)>0) {
$row=mysql_fetch_array($msq);
$username=$row[‘users’];
$_SESSION[‘username’]=$username;
echo $_SESSION[‘username’];
header(“location: checkuser.php”);
}[/php]
@vivekanand pathak please put your code in PHP tags. Use the php button above the form that you use to create a new thread or reply.
Now I get this error on the login page
“Parse error: syntax error, unexpected $end in C:\Program Files (x86)\EasyPHP-5.3.8.1\www\Sample\login.php on line 44”
login.php
[php]<?php
error_reporting (E_ALL ^ E_NOTICE);
session_start();
?>
$user = $_POST[‘username’];
$pass = $_POST[‘password’];
mysql_connect(“127.0.0.1”,“root”,"");
mysql_select_db(“member”);
$user = mysql_real_escape_string($_POST[‘username’]);
$pass = mysql_real_escape_string($_POST[‘password’]);
if($_POST[‘Submit’]){
$select = “SELECT * FROM USERS where username=’”.$user."’ && password=’".md5($pass)."’";
$msq = mysql_query($select);
if($msq == false){
echo mysql_error();
}
if(mysql_num_rows($msq)>0) {
$row = mysql_fetch_array($msq);
$username = $row[‘users’];
$_SESSION[‘username’] = $username;
echo $_SESSION[‘username’];
header(“location: checkuser.php”);
}
?>
I appeared to have missed a bracket!
[php]if($_POST[‘Submit’]){
$select = “SELECT * FROM USERS where username=’”.$user."’ && password=’".md5($pass)."’";
$msq = mysql_query($select);
if($msq == false){
echo mysql_error();
}
if(mysql_num_rows($msq)>0) {
$row = mysql_fetch_array($msq);
$username = $row[‘users’];
$_SESSION[‘username’] = $username;
echo $_SESSION[‘username’];
header(“location: checkuser.php”);
}[/php]
Should be:
[php]if($_POST[‘Submit’]){
$select = “SELECT * FROM USERS where username=’”.$user."’ && password=’".md5($pass)."’";
$msq = mysql_query($select);
if($msq == false){
echo mysql_error();
}
if(mysql_num_rows($msq)>0) {
$row = mysql_fetch_array($msq);
$username = $row[‘users’];
$_SESSION[‘username’] = $username;
echo $_SESSION[‘username’];
header(“location: checkuser.php”);
}
}[/php]
ok, I should have seen the missing bracket, I’m sorry. However now it just refreshes the page to the login.php…there is no redirect to the form