help with code

[kydo76]

hey... just wondering if anyone could help me with what i thought was supposed to be an easy code.. hehe...

it's just 3 pages of code: 1) index.php where it will check for page 2) which validates whether or not there is a registered session and if there isn't, it'll lead you to page 3) which is a logon page

I have a database (mysql) named "testdb" with a table called "members" with four columns ("nick" "password" "fname" and "lname")

now my trouble is...
1) if i load up the index.php it'll tell me that "The page cannot be displayed" as if the page didn't exist... if i take out the:
require("validate.php");
then the page works fine (gets data with no problems)
2) when i load up the login page by itself (never got the page to lead me into the login obviously)... i fill in the nick and password... but no matter what i do.... it just loads the login page.... even with the correct nick and password

any help would be great... thanx.. : )

here's the code:

1) index.php
<?php
require("validate.php");?>
<html>
<head>
<title>Database</title>
</head>
<body>
<h2>Current People</h2>
<table border="1">
<tr>
<td>Name</td>
</tr>
<tr>
<?php
$conn = mysql_connect();
mysql_select_db("testdb",$conn);
$query = "SELECT * FROM members";
$results = mysql_query($query, $conn);
while ($row=mysql_fetch_array($results)) {

print "
<tr>
<td>$row[fname] $row[lname]</a>
</td>
</tr>";
}mysql_close($conn);
?>
</table>

</body>
</html>




2) validate.php
<?php

session_start();

if(!(session_is_registered("userNick"))) {

header("Location:http://$HTTP_HOST/cc/login.php");

exit();

}

?>




3) login.php
<?php

if(!($conn=mysql_connect())) {
print "<BR>Error connecting...<BR>";
exit();
}

if(!mysql_select_db("testdb", $conn)) {
print "<BR>Error selecting datable.";
print mysql_errno($conn). " ". mysql_error($conn);
exit();
}

session_start();

if($nickname!="") {
$sql="SELECT * From members
WHERE nick='$nickname'";
$result=mysql_query($sql, $conn);
if(($row=mysql_fetch_array($result)) && ($password==$row[password]
&& $password!="")) {
$userNick=$nickname;
session_register("userNick");
mysql_close($conn);

header("Location:http://$HTTP_HOST/cc/index.php");
exit();
} else {
mysql_close($conn);
header("Location:http://$HTTP_HOST/cc/login.php");
exit();
}
}

mysql_close($conn);

?>

<Html>
<Head>
<Title>Login</Title>
</Head>
<Body>

<H3>Please Login</H3>

<Form Action="<?php print $PHP_SELF;?>" Method="post">
<Table>
<TR>
<TD>Nick</TD>
<TD><Input Type="Text" Name="nickname" Size="20"></TD>
</TR>

<TR>
<TD>Password</TD>
<TD><Input Type="Password" Name="password" Size="20"></TD>
</TR>

<TR>
<TD Colspan="2" Align="Center"><Input Type="Submit" Value="Login"></TD>
</TR>

</Table>
</Form>
</Body>
</Html>

[gothic]

You should try echo'ing $HTTP_HOST to make sure the variable exists..

Also, are these pages located in yoursite.com/cc/* ?

Also, if you are using IE, make sure you turn off "Friendly error messages" .. That will make things oh-so-much easier.

[qball]

try slapping a print or echo in validate.php as first line, then you will know if it is actually going there.

also, you need a session_start as first line in every page you want to use session stuff, or you used to have to do that.

your login.php, which has reference to self in FORM, doesn't have any code to handle submission of form!

use:

if (isset($_POST['password']))
{
//login success, show em something
else
{
//show form to login
}

Lastly using header to redirect is not the ideal way to accomplish branching logically (many reasons), better to use includes inside conditionals.

[kydo76]

thanks for the help... i finally got it to work...

it was all because of the version change... what a pain... anyway... what i did was change some stuff in the login.php... anyone who's curious, what i did was:
1) change each $HTTP_HOST to {$_SERVER['HTTP_HOST']}
2) for each variable passed by the post method, type the variable in the form of $_POST['variable_name']
3) in line 15, I had the "!" in the wrong place

here's the corrected code for login.php if anyone wants:

<?php
session_start();
if(!($conn=mysql_connect())) {
print "<BR>Error connecting...<BR>";
exit();
}

if(!mysql_select_db("testdb", $conn)) {
print "<BR>Error selecting datable.";
print mysql_errno($conn). " ". mysql_error($conn);
exit();
}


if($_POST['nickname']!="") {
$sql="SELECT * From members
WHERE nick='".$_POST['nickname']."'";
$result=mysql_query($sql, $conn);
if(($row=mysql_fetch_array($result)) && ($_POST['password']==$row[password]
&& $_POST['password']!="")) {
$userNick=$_POST['nickname'];
session_register("userNick");
mysql_close($conn);

header("Location:http://{$_SERVER['HTTP_HOST']}/cc/index.php");
exit();
} else {
mysql_close($conn);
header("Location:http://{$_SERVER['HTTP_HOST']}/cc/login.php");
exit();
}
}

mysql_close($conn);

?>

<Html>
<Head>
<Title>Login</Title>
</Head>
<Body>

<H3>Please Login</H3>

<Form Action="<?php print $PHP_SELF;?>" Method="post">
<Table>
<TR>
<TD>Nick</TD>
<TD><Input Type="Text" Name="nickname" Size="20"></TD>
</TR>

<TR>
<TD>Password</TD>
<TD><Input Type="Password" Name="password" Size="20"></TD>
</TR>

<TR>
<TD Colspan="2" Align="Center"><Input Type="Submit" Value="Login"></TD>
</TR>

</Table>
</Form>
</Body>
</Html>

[kydo76]

qball.... u said "Lastly using header to redirect is not the ideal way to accomplish branching logically (many reasons), better to use includes inside conditionals."

i'm not exactly sure how it would be better, but thanx for the tip... i'll try it out once i get better at PHP.. hehe... uhm... you wouldn't happen to have any articles or examples of the above said that you can reference me, would u? anyway, thanx again

[qball]

Quote:

i'm not exactly sure how it would be better

using a header to redirect browser, can be like opening new browser window to 'URL'. relies on client.

better to rely on server.