p2p.wrox.com Forums

p2p.wrox.com Forums (http://p2p.wrox.com/index.php)
-   BOOK: Beginning PHP5, Apache, and MySQL Web Development ISBN: 978-0-7645-7966-0 (http://p2p.wrox.com/forumdisplay.php?f=160)
-   -   Chapter 12 - $_POST['redirect'] problem (http://p2p.wrox.com/showthread.php?t=30090)

cshu June 5th, 2005 04:52 AM

Chapter 12 - $_POST['redirect'] problem
 
In Chapter 12 there is an administrator registration 'module' which allows an administrator to log in to update/delete user details. If you log in incorrectly you will get 'Invalid Username and/or Password' screen (admin_login.php) so you can re-enter username/password. If you purposely enter another incorrect username/password, instead of kicking you back into this screen so you can re-enter another username/password (admin_login.php) you get the following error:
'File "C:\sokkit\site\admin_me\admin_login.php method=" not found'.

NB:This also occurs with the previous section 'user_login' but I figure it is the same problem.

I suspect it has something to do with the 'redirect' but who knows because I am just a mere beginner.

admin_login.php:
************************************************** *************
<?php
ob_start();
session_start();
include "conn.inc.php";

if (isset($_POST['submit'])) { //(1)
  $query = "SELECT username,password, admin_level FROM admin " .
           "WHERE username = '" . $_POST['username'] . "' " .
           "AND password = (password('" . $_POST['password'] . "'))";

//echo "query:";
//echo $query;
//echo "<br>";

  $result = mysql_query($query)
    or die(mysql_error());

  $row = mysql_fetch_array($result);

  if (mysql_num_rows($result) ==1) {
//echo "<br>";
//echo "1a";
//echo "<br>";
    $_SESSION['admin_logged'] = $_POST['username'];
    $_SESSION['admin_password'] = $_POST['password'];
    $_SESSION['admin_level'] = $row['admin_level'];
    header ("Refresh: 5; URL=" . $_POST['redirect'] . "");
    echo "COLLEEN You are being redirected to your original page request!<br>";
    echo "(If your browser doesn't support this, " .
         "<a href=\"" . $_POST['redirect']. "\">click here</a>)";
  }
  else { //(2)

ob_end_flush();
    ?>
    <html>
    <head>
    <title>Beginning PHP5, Apache and MySQL</title>
    </head>
    <body>
    <p>
      Invalid Username and/or Password<br><br>
      <form action="admin_login.php method="post">
        <input type="hidden" name="redirect"
          value="<?php echo $_POST['redirect']; ?>">
        Username: <input type="text" name="username"><br>
        Password: <input type="password" name="password"><br><br>
        <input type="submit" name="submit" value="Login-invalid">
      </form>
    </p>
    </body>
    </html>
    <?php
  } //end else (2)
} //end if (1)
else { //else (1)
    if (isset($_GET['redirect'])) {
      $redirect = $_GET['redirect'];
    }
    else {
       $redirect = "index.php";
     }
?>
  <html>
  <head>
  <title>Beginning PHP5, Apache and MySQL</title>
  </head>
  <body>
  <p>
    Login below by supplying your username/password....<br>
    <form action="admin_login.php" method="post">
      <input type="hidden" name="redirect"
        value="<?php echo $redirect; ?>">
      Username: <input type="text" name="username"><br>
      Password: <input type="password" name="password"><br><br>
      <input type="submit" name="submit" value="Login">
    </form>
  </p>
</body>
</html>
<?php
}
?>

in case you need to see index.php, here it is:

index.php
_____________________________________________
<?php
session_start();
echo "getting to index.php";
echo "<br>";
if ((isset($_SESSION['admin_logged']) && $_SESSION['admin_logged']!= "") ||
   (isset($_SESSION['admin_password']) && $_SESSION['admin_password'] != "")) {
      include "logged_admin.php";
}
else {
  include "unlogged_admin.php";
}

------------------------------------------------------
Thanks in advance.


jason.gerner June 6th, 2005 10:26 AM

You've got a typo in your admin_login.php code near:

Invalid Username and/or Password<br><br>
      <form action="admin_login.php method="post">

You're missing the trailing quote around the form action attribute. It should read:
<form action="admin_login.php" method="post">

cshu June 8th, 2005 10:47 PM

Thanks Jason. I feel like an idiot. It's amazing that I have managed to get this far at all!


jason.gerner June 16th, 2005 03:44 PM

Don't sweat it, everyone makes typos, no matter how experienced. At any given time there's maybe 9 different keys near the tip of a finger--chances are good that sometimes we miss. :D


andrene July 25th, 2005 08:14 PM

I am having the same problem... and there is no typo?


All times are GMT -4. The time now is 05:52 AM.

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.