|
BOOK: Beginning PHP5, Apache, and MySQL Web Development ISBN: 978-0-7645-7966-0 | This is the forum to discuss the Wrox book Beginning PHP5, Apache, and MySQL Web Development by Elizabeth Naramore, Jason Gerner, Yann Le Scouarnec, Jeremy Stolz, Michael K. Glass; ISBN: 9780764579660 |
|
Welcome to the p2p.wrox.com Forums.
You are currently viewing the BOOK: Beginning PHP5, Apache, and MySQL Web Development ISBN: 978-0-7645-7966-0 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
|
|
|
June 5th, 2005, 04:52 AM
|
Registered User
|
|
Join Date: Jun 2005
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Chapter 12 - $_POST['redirect'] problem
In Chapter 12 there is an administrator registration 'module' which allows an administrator to log in to update/delete user details. If you log in incorrectly you will get 'Invalid Username and/or Password' screen (admin_login.php) so you can re-enter username/password. If you purposely enter another incorrect username/password, instead of kicking you back into this screen so you can re-enter another username/password (admin_login.php) you get the following error:
'File "C:\sokkit\site\admin_me\admin_login.php method=" not found'.
NB:This also occurs with the previous section 'user_login' but I figure it is the same problem.
I suspect it has something to do with the 'redirect' but who knows because I am just a mere beginner.
admin_login.php:
************************************************** *************
<?php
ob_start();
session_start();
include "conn.inc.php";
if (isset($_POST['submit'])) { //(1)
$query = "SELECT username,password, admin_level FROM admin " .
"WHERE username = '" . $_POST['username'] . "' " .
"AND password = (password('" . $_POST['password'] . "'))";
//echo "query:";
//echo $query;
//echo "<br>";
$result = mysql_query($query)
or die(mysql_error());
$row = mysql_fetch_array($result);
if (mysql_num_rows($result) ==1) {
//echo "<br>";
//echo "1a";
//echo "<br>";
$_SESSION['admin_logged'] = $_POST['username'];
$_SESSION['admin_password'] = $_POST['password'];
$_SESSION['admin_level'] = $row['admin_level'];
header ("Refresh: 5; URL=" . $_POST['redirect'] . "");
echo "COLLEEN You are being redirected to your original page request!<br>";
echo "(If your browser doesn't support this, " .
"<a href=\"" . $_POST['redirect']. "\">click here</a>)";
}
else { //(2)
ob_end_flush();
?>
<html>
<head>
<title>Beginning PHP5, Apache and MySQL</title>
</head>
<body>
<p>
Invalid Username and/or Password<br><br>
<form action="admin_login.php method="post">
<input type="hidden" name="redirect"
value="<?php echo $_POST['redirect']; ?>">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br><br>
<input type="submit" name="submit" value="Login-invalid">
</form>
</p>
</body>
</html>
<?php
} //end else (2)
} //end if (1)
else { //else (1)
if (isset($_GET['redirect'])) {
$redirect = $_GET['redirect'];
}
else {
$redirect = "index.php";
}
?>
<html>
<head>
<title>Beginning PHP5, Apache and MySQL</title>
</head>
<body>
<p>
Login below by supplying your username/password....<br>
<form action="admin_login.php" method="post">
<input type="hidden" name="redirect"
value="<?php echo $redirect; ?>">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br><br>
<input type="submit" name="submit" value="Login">
</form>
</p>
</body>
</html>
<?php
}
?>
in case you need to see index.php, here it is:
index.php
_____________________________________________
<?php
session_start();
echo "getting to index.php";
echo "<br>";
if ((isset($_SESSION['admin_logged']) && $_SESSION['admin_logged']!= "") ||
(isset($_SESSION['admin_password']) && $_SESSION['admin_password'] != "")) {
include "logged_admin.php";
}
else {
include "unlogged_admin.php";
}
------------------------------------------------------
Thanks in advance.
|
June 6th, 2005, 10:26 AM
|
Authorized User
|
|
Join Date: Jun 2004
Posts: 37
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
You've got a typo in your admin_login.php code near:
Invalid Username and/or Password<br><br>
<form action="admin_login.php method="post">
You're missing the trailing quote around the form action attribute. It should read:
<form action="admin_login.php" method="post">
|
June 8th, 2005, 10:47 PM
|
Registered User
|
|
Join Date: Jun 2005
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Thanks Jason. I feel like an idiot. It's amazing that I have managed to get this far at all!
|
June 16th, 2005, 03:44 PM
|
Authorized User
|
|
Join Date: Jun 2004
Posts: 37
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Don't sweat it, everyone makes typos, no matter how experienced. At any given time there's maybe 9 different keys near the tip of a finger--chances are good that sometimes we miss. :D
|
July 25th, 2005, 08:14 PM
|
Registered User
|
|
Join Date: Mar 2005
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
I am having the same problem... and there is no typo?
|
|
|