TROUBLE WITH LOGIN SCRIPTING USING PHP & MYSQL

I am trying to create my very first site login system. The following code seems to work just fine right up until it is supposed to redirect to the “login_success.php” file once it gets into the if function. I know it makes it into the if because of the 2 echo statements which are there just for debugging. All I get when I run this is an output of the $fusername (thomas) and the $count (1) with the url never changing. Can anyone help with why this script does not complete the redirection? I have also included the landing page code. Thanks in advance! Tom

CODE AT sfjlogin.php…

<?php session_start(); // IMPORT FORM VARIABLES $fusername=$_POST['fusername']; $fpassword=$_POST['fpassword']; // CONNECT TO SERVER AND SELECT DATABASE mysql_connect("localhost", "scripts3_public", "*******")or die("cannot connect"); mysql_select_db("scripts3_sfj")or die("cannot select DB"); // PROTECT AGAINST MYSQL INJECTION mysql_real_escape_string($fusername); mysql_real_escape_string($fpassword); // ENCRYPT FORM PASSWORD TO COMPARE WITH DATABASE ENCRYPTED PASSWORD $encrypt_fpassword=md5($fpassword); // LOOKUP USERNAME AND PASSWORD IN DATABASE COMPARED TO FORM ENTRIES $sql="SELECT * FROM `users` WHERE `User name` = '$fusername' AND `Password` = '$encrypt_fpassword'"; $result=mysql_query($sql); if(!mysql_num_rows($result)) {echo "No results returned.";} // COUNT RESULTS $count=mysql_num_rows($result); // IF COUNT IS 1,REGISTER USERNAME AND PASSWORD AND REDIRECT if($count==1){ echo $count; echo $fusername; $_SESSION['fusername']=$fusername; $_SESSION['fpassword']=$fpassword; header('Location: http://www.*******.com/login_success.php'); die(); } else { echo "Wrong Username or Password"; } ?>

LANDING FILE CODE…

<?php session_start(); if(!$_SESSION['fusername']){ header("Location: sfjlogin.php"); die(); } ?> Login Successful

This has been solved!! Thanks to all!!

Hey can u post the correct script because i have the same problem
Thnx in advance

Actually, my problem turned out to be a blank line at the start of my code BEFORE the opening tag for php (<?php). This apparently generates an output to the browser which then negated the header() call towards the end. Make sure there is not even a space before that php opening tag. After that you must start with the “session_start()”. It also helped me to add the error reporting code (see below) to get a display of your error.

<?php session_start(); // TURN ON ERROR REPORTING ini_set('display_errors',1); error_reporting(-1); // IMPORT FORM VARIABLES $fusername=$_POST['fusername']; $fpassword=$_POST['fpassword']; // CONNECT TO SERVER AND SELECT DATABASE mysql_connect("localhost", "scripts3_public", "yourpassword")or die("cannot connect"); mysql_select_db("scripts3_sfj")or die("cannot select DB"); // PROTECT AGAINST MYSQL INJECTION mysql_real_escape_string($fusername); mysql_real_escape_string($fpassword); // ENCRYPT FORM PASSWORD TO COMPARE WITH DATABASE ENCRYPTED PASSWORD $encrypt_fpassword=md5($fpassword); // LOOKUP USERNAME AND PASSWORD IN DATABASE COMPARED TO FORM ENTRIES $sql="SELECT * FROM `users` WHERE `User name` = '$fusername' AND `Password` = '$encrypt_fpassword'"; $result=mysql_query($sql); if(!mysql_num_rows($result)) {echo "No results returned.";} // COUNT RESULTS $count=mysql_num_rows($result); // IF COUNT IS 1,REGISTER USERNAME AND PASSWORD AND REDIRECT if($count==1){ $_SESSION['fusername']=$fusername; $_SESSION['fpassword']=$fpassword; header("Location: http://www.yoursite.com/login_success.php"); die(); } else { echo "Wrong Username or Password"; } ?>