PHP redirecting registered user to wrong page

system · August 16, 2012, 9:41am

hi all:

i am trying to use this code to login to members area but everytime i try to login with a registered user it redirects to the registration page please help.

below is the code:

[php]<?php
session_start();
$uname=“root”;
$pword="";
$host=“localhost”;
$database=“spl”;

$Username=$_POST[‘Username’];
$Password = MD5($_POST[‘Password’]);

mysql_connect("$host", “$uname”, “$pword”)or die(“cannot connect”);
mysql_select_db("$database")or die(“cannot select DB”);

$checkUsername=mysql_query(“select Username, Password from registration where Username=‘Username’ and Password=‘Password’”);

$Username_exist=mysql_num_rows (’$checkUsername’);

if ($Username_exist>0)
{
header(“location:indexma.php”);
}
else
{
echo “not registered”;
header(“location:register.php”);
}
?>[/php]

and also how do i destroy a session please help ASAP. thank you

itsmeveee · August 16, 2012, 12:06pm

Try changing:

if ($Username_exist>0)

to

if ($Username_exist>1)

itsmeveee · August 16, 2012, 12:07pm

And use

session_destroy();

Ferus · August 16, 2012, 12:14pm

This will not fix the issue. The code is specific enough to where it should only response with a single response. In which case, your edit would always return a false, as it only looks for two or more responses. The original way was correct.

From what I can gather,$Username_exist=mysql_num_rows ('$checkUsername');is the suspect, here. An apostrophe is used in literal constructions. Meaning that the output of it is, literally, “$checkUsername”.

You should change it to use quotation marks:$Username_exist=mysql_num_rows ("$checkUsername");

Ferus · August 16, 2012, 12:17pm

In the case that I am mistaken, and[php]$Username_exist=mysql_num_rows ("$checkUsername");[/php]isn’t the correct fix, you may be able to solve it by removing the quotations or apostrophes, completely:[php]$Username_exist=mysql_num_rows ($checkUsername);[/php]

Also, sorry for forgetting to use the “php” tags, in my above post. I am new to the forum, and am used to only using “code” tags.

itsmeveee · August 16, 2012, 12:46pm

Im not saying im 100% sure but from this code i can see that if numrows returns 0 (username doesnt exist ?) then it will take the user to the index page then its else (if numrows finds the user ?) and it exists it will take him to the registration page ?

itsmeveee · August 16, 2012, 1:02pm

Woops forgot to change the sign in my first post:

Try changing:

if ($Username_exist>0)

to

if ($Username_exist = 1)

Ferus · August 16, 2012, 1:15pm

“>0” means “Greater than Zero”. So if the user is registered (therefore, greater than zero), they’ll be sent to the index (which is intended).

“=1” is, in this case, essentially the same thing, considering he should only get a singular response.

wilson382 · August 16, 2012, 4:12pm

replace the following lines with mines
[php]
$checkUsername=mysql_query(“select Username, Password from registration where Username=’$Username’ and Password=’$Password’”) or die(mysql_error());

$Username_exist=mysql_num_rows ($checkUsername) or die(mysql_error());
[/php]