Problem on login

system · June 27, 2012, 11:22am

Hello Sir/Mam ,
I am having problem on login to the account.

you can check the problem on www.educonnects.com/oes

When i logged in to the account it redirect to the same page rather than student welcome page(stdwelcome.php).
please sort out my problem asap.

Index.php

  error_reporting(0);
  session_start();
  include_once 'oesdb.php';

/***************************** Step 1 : Case 1 /
//redirect to registration page
if(isset($_REQUEST[‘register’]))
{
header(‘Location: register.php’);
}
else if($_REQUEST[‘stdsubmit’])
{
/* Step 1 : Case 2 ****************************/
//Perform Authentication
$result=executeQuery(“select *,DECODE(stdpassword,‘oespass’) as std from student where stdname=’”.htmlspecialchars($_REQUEST[‘name’],ENT_QUOTES)."’ and stdpassword=ENCODE(’".htmlspecialchars($_REQUEST[‘password’],ENT_QUOTES)."’,‘oespass’)");
if(mysql_num_rows($result)>0)
{

          $r=mysql_fetch_array($result);
          if(strcmp(htmlspecialchars_decode($r['std'],ENT_QUOTES),(htmlspecialchars($_REQUEST['password'],ENT_QUOTES)))==0)
          {
              $_SESSION['stdname']=htmlspecialchars_decode($r['stdname'],ENT_QUOTES);
              $_SESSION['stdid']=$r['stdid'];
              unset($_GLOBALS['message']);
              header('Location: stdwelcome.php');
          }else
      {
          $_GLOBALS['message']="Check Your user name and Password.";
      }

      }
      else
      {
          $_GLOBALS['message']="Check Your user name and Password.";
      }
      closedb();
  }

?>

<?php

    if($_GLOBALS['message'])
    {
     echo "<div class=\"message\">".$_GLOBALS['message']."</div>";
    }
  ?>
  
  <div id="container">
        
            <div class="header">
            <img style="margin:10px 2px 2px 10px;float:left;" height="80" width="200" src="images/logo.gif" alt="OES"/><h3 class="headtext"> &nbsp;Online Examination System</h3><h4 style="color:#ffffff;text-align:center;margin:0 0 5px 5px;"><i>...because Examination Matters</i></h4>
        </div>
 <form id="stdloginform" action="index.php" method="post">
  <div class="menubar">
   
   <ul id="menu">
                <?php if(isset($_SESSION['stdname'])){
                      header('Location: stdwelcome.php');}else{  
                      /***************************** Step 2 ****************************/
                    ?>

                  <!--  <li><input type="submit" value="Register" name="register" class="subbtn" title="Register"/></li>-->
       <li><div class="aclass"><a href="register.php" title="Click here  to Register">Register</a></div></li>
                    <?php } ?>
                </ul>

  </div>
  <div class="page">
          
          <table cellpadding="30" cellspacing="10">
          <tr>
              <td>User Name</td>
              <td><input type="text" tabindex="1" name="name" value="" size="16" /></td>

          </tr>
          <tr>
              <td>Password</td>
              <td><input type="password" tabindex="2" name="password" value="" size="16" /></td>
          </tr>

          <tr>
              <td colspan="2">
                  <input type="submit" tabindex="3" value="Log In" name="stdsubmit" class="subbtn" />
              </td><td></td>
          </tr>
        </table>


  </div>
   </form>

<div id="footer">
      <p style="font-size:70%;color:#ffffff;"> Developed By-<b>Nikhil</b><br/> </p><p>Educonnects team</p>
  </div>
  </div>

[size=14pt]stdwelcome.php[/size]

error_reporting(0);
session_start();
if(!isset($_SESSION[‘stdname’])){
$_GLOBALS[‘message’]=“Session Timeout.Click here to <a href=“index.php”>Re-LogIn”;
}
else if(isset($_REQUEST[‘logout’])){
unset($_SESSION[‘stdname’]);
$_GLOBALS[‘message’]=“You are Loggged Out Successfully.”;
header(‘Location: index.php’);
}
?>

OES-DashBoard <?php

    if($_GLOBALS['message']) {
        echo "<div class=\"message\">".$_GLOBALS['message']."</div>";
    }
    ?>
    <div id="container">
       <div class="header">
            <img style="margin:10px 2px 2px 10px;float:left;" height="80" width="200" src="images/logo.gif" alt="OES"/><h3 class="headtext"> &nbsp;Online Examination System </h3><h4 style="color:#ffffff;text-align:center;margin:0 0 5px 5px;"><i>...because Examination Matters</i></h4>
        </div>
        <div class="menubar">

            <form name="stdwelcome" action="stdwelcome.php" method="post">
                <ul id="menu">
                    <?php if(isset($_SESSION['stdname'])){ ?>
                    <li><input type="submit" value="LogOut" name="logout" class="subbtn" title="Log Out"/></li>
                    <?php } ?>
                </ul>
            </form>
        </div>
        <div class="stdpage">
            <?php if(isset($_SESSION['stdname'])){ ?>

    
            <img height="600" width="100%" alt="back" src="images/trans.png" class="btmimg" />
            <div class="topimg">
                <p><img height="500" width="600" style="border:none;"  src="images/stdwelcome.jpg" alt="image"  usemap="#oesnav" /></p>

                <map name="oesnav">
                    <area shape="circle" coords="150,120,70" href="viewresult.php" alt="View Results" title="Click to View Results" />
                    <area shape="circle" coords="450,120,70" href="stdtest.php" alt="Take a New Test" title="Take a New Test" />
                    <area shape="circle" coords="300,250,60" href="editprofile.php?edit=edit" alt="Edit Your Profile" title="Click this to Edit Your Profile." />
                    <area shape="circle" coords="150,375,70" href="practicetest.php" alt="Practice Test" title="Click to take a Practice Test" />
                    <area shape="circle" coords="450,375,70" href="resumetest.php" alt="Resume Test" title="Click this to Resume Your Pending Tests." />
                </map>
            </div>
            <?php }?>

        </div>

oesdb.php

include_once ‘dbsettings.php’;

$conn=false;

function executeQuery($query)
{
global $conn,$dbserver,$dbname,$dbpassword,$dbusername;
global $message;
if (!($conn = @mysql_connect ($dbserver,$dbusername,$dbpassword)))
$message=“Cannot connect to server”;
if (!@mysql_select_db ($dbname, $conn))
$message=“Cannot select database”;

$result=mysql_query($query,$conn);
if(!$result)
    $message="Error while executing query.<br/>Mysql Error: ".mysql_error();
else
    return $result;

}
function closedb()
{
global $conn;
if(!$conn)
mysql_close($conn);
}
?>

dbsetting.php

database page includes databse name and username details

RaythXC · June 27, 2012, 11:41am

In the first script, using header as you have:
[php]
header(‘Location: stdwelcome.php’);}else{
[/php]

Won’t redirect because of it’s location in the script. Headers have to be sent BEFORE everything else is sent to the browser. You’ve already sent menu’s etc so error reporting should actually report this error.

richei · June 27, 2012, 2:44pm

I’ve seen this script before, must be popular I’m trying to figure out why anyone would allow html tags to be used as part of the password and login name. To me, that’s just asking for trouble.

As for the redirects, as said in the post before, any headers have to done before any text is sent to the screen, otherwise you get this really long error message. In this case, he has error reporting turned off, which doesn’t help any in this case. You need to turn it on so you can see what’s going. you don’t need to use e_strict, e_warning will work for most problems.

nikhiltuteja · June 27, 2012, 8:14pm

Thanks alot…
I used e_warning function and somehow able to find out the error

<?php //Disable error reporting error_reporting(0); //Report runtime errors error_reporting(E_ERROR | E_WARNING | E_PARSE); //Report all errors error_reporting(E_ALL); ?>

And then i placed the code :-
At the top of the page <? ob_start(); ?>

then at the bottom of the page

<? ob_flush(); ?>

Now code working fine
Thanks for your support

lovemyindia · July 19, 2012, 6:39pm

me too installed my local system … same error i facing … can you send you edit php file oes to my id [email protected]

Many Thank
Saravanan Ponnurangam