Php loading to wrong page

PHP
1

hello everyone!!!.. I’m having a bit of an issue here… I’m trying to follow along with a PHP tutorial on youtube for building your own e-commerce site… and I’m stuck trying to figure out what’s wrong with my page… the page I’m coding looks like this in dreamweaver

now at the top it says

Click Here</a>';exit();}}?>

so that’s telling me somethings wrong with the code… but I tested it on Ideone.com and everything came out fine… now when I try to run it in the browser this pops up…

… that is NOT the page I coded… I don’t understand how this is happening… here’s the php for the page in question… can someone PLEASE help me with this?.. I can’t continue learning until I get this figured out… thanks in advance… :slight_smile:


<?php
session_start();
if(!isset($_SESSION["manager"])){
    header("location:'http://www.optiq-costomtees.zhq.net/mystore/storeadmin/index.php'");
    exit();
}
?>
<?php
//Parse the log in form if the user has filled it out and pressed "Log In"
if(isset($_POST["username"])&&isset($POST["password"])){
    
    $manager=preg_replace('#[^A-Za-z0-9]#i','',$_POST["username"]);//filter everything but numbers and letters
    $password=preg_replace('#[^A-Za-z0-9]#i','',$_POST["password"]);//filter everything but numbers and letters
    //Connect to the MySQL database
    include"http://www.optiq-costomtees.zhq.net/mystore/storescripts/connect_to_mysql.php";
    $sql=mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1");//query the person
    //---- MAKE SURE PERSON EXISTS IN DATABASEE ----
    $existCount=mysql_num_rows($sql);//count rows nums
    if($existCount==1){//evaluate the count
        while($row=mysql_fetch_array($sql)){
            $id=$row["id"];    
        }
        $_SESSION["id"]=$id;
        $_SESSION["manager"]=$manager;
        $_SESSION["password"]=$password;
        header("location:'http://www.optiq-costomtees.zhq.net/mystore/storeadmin/index.php'");
        exit();
    }else{
        echo'That information is incorrect, try again <a href="http://www.optiq-costomtees.zhq.net/mystore/storeadmin/index.php">Click Here</a>';
        exit();}}?>

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Store admin</title>
<link rel="http://www.optiq-costomtees.zhq.net/mystore/style/style.css" type="text/css" />
</head>

<body>
<div align="center" id="mainWrapper">
    <?php include_once("http://www.optiq-costomtees.zhq.net/mystore/template_header.php");?>
    <div id="pageContent"><br />
        <div align="left" style="margin-left:24px;">
            <h2>Please Log In To Manage Store</h2>
            <form id="form1" method="post" action="admin_login.php">
                User Name:
                <input name="username" type="text" id="username" size="40" />
                <br /><br />
                Password:
                <input name="password" type="password" id="password" size="40" />
                <br />
                <br />
                <br />
                <input type="submit" name="button" id="button" value="Log In" />
            </form>
            <p>&nbsp;</p>
        </div>
    </div>
    <br />
    <br />
    <?php include_once("http://www.optiq-costomtees.zhq.net/mystore/template_footer.php");?>

</div>
</body>
</html>
2

ok I think I figured out part of the problem so far… in the coding above I have the code

$manager=preg_replace(‘#[^A-Za-z0-9]#i’,‘’,$_POST[“username”]);

the server I’m using automatically adds a number and underscore before the usernames… so this is filtering out the underscore in my username… how do I get it to allow the underscore?..

3

Hi Optiq and welcome to Sitepoint.

To extend your regex, add the _ character in at the end.


'#[^A-Za-z0-9_]#i'

That should do it.

Your images aren’t showing up in your post btw.

4

thanks!!!.. I tried that before but it didn’t work… I guess there’s more to the problem than just that… and is there a way I can edit my post or do I need to repost the pics in another post?

5

Just a lil thing I noticed in your code is that when you’re using mysql num rows: it returns an integer and any integer but 0 is trucy (or however you spell it, it is true when used in a statement).

E.g: $rows = mysql_num_rows($result);
if($rows == 1) or if($rows != 0) –> if($rows)

6

@Dreeass… I’m kind of lost on what you’re saying. I looked at my code and don’t see anything like the code you listed… could you point it out to me and elaborate a little more on what that means and how it will change it?.. I’ve updated my code so I’m re-posting it in here… now I’m getting a “404 Page Not Found” error…

<?php
session_start();
if(!isset($_SESSION["manager"])){
	header("location:'http://www.optiq-customtees.zxq.net/storeadmin/index.php'");
	exit();
}
?>
<?php
//Parse the log in form if the user has filled it out and pressed "Log In"
if(isset($_POST["username"])&&isset($POST["password"])){
	
	$manager=preg_replace('#[^A-Za-z0-9_]#i','',$_POST["username"]);//filter everything but numbers and letters
	$password=preg_replace('#[^A-Za-z0-9]#i','',$_POST["password"]);//filter everything but numbers and letters
	//Connect to the MySQL database
	include"http://www.optiq-customtees.zxq.net/storeadmin/connect_to_mysql.php";
	$sql=mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1");//query the person
	//---- MAKE SURE PERSON EXISTS IN DATABASEE ----
	$existCount=mysql_num_rows($sql);//count rows nums
	if($existCount==1){//evaluate the count
		while($row=mysql_fetch_array($sql)){
			$id=$row["id"];	
		}
		$_SESSION["id"]=$id;
		$_SESSION["manager"]=$manager;
		$_SESSION["password"]=$password;
		header("location:http://www.optiq-customtees.zxq.net/storeadmin/index.php");
		exit();
	}else{
		echo'That information is incorrect, try again <a href="http://www.optiq-customtees.zxq.net/storeadmin/index.php">Click Here</a>';
		exit();}}?>

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Store admin</title>
<link rel="http://www.optiq-customtees.zhq.net/style/style.css" type="text/css" />
</head>

<body>
<div align="center" id="mainWrapper">
	<?php include_once("http://www.optiq-customtees.zxq.net/template_header.php");?>
	<div id="pageContent"><br />
		<div align="left" style="margin-left:24px;">
        	<h2>Please Log In To Manage Store</h2>
            <form id="form1" method="post" action="admin_login.php">
            	User Name:<br />
                <input name="username" type="text" id="username" size="40" />
                <br /><br />
                Password:<br />
                <input name="password" type="password" id="password" size="40" />
                <br />
                <br />
                <br />
                <input type="submit" name="button" id="button" value="Log In" />
            </form>
            <p>&nbsp;</p>
        </div>
	</div>
    <br />
    <br />
	<?php include_once("http://www.optiq-customtees.zxq.net/template_footer.php");?>

</div>
</body>
</html>
7

I just noticed in my code above I have a string that goes

<link rel=“http://www.optiq-customtees.zhq.net/style/style.css” type=“text/css” />

… I just changed it to zxq.net… which is what it should be… but I still get a 404 error…

8

It’s at the comment 'Make sure the user is in the database and when using href, forms, etc. you can just give the filename that is in the folder of the page.

E.g.: href=“http://www.domain.com/file.php” -> href=“file.php” and to get to a file in a folder use FOLDERNAME/FILENAME.

9

oooooh so you’re talking about this code?

$existCount=mysql_num_rows($results);//count rows nums
if($existCount==1){//evaluate the count
while($row=mysql_fetch_array($sql)){
$id=$row[“id”];
}

so what you’re saying I should do is switch it to

$rows=mysql_num_rows($sql);//count rows nums
if($rows==1){//evaluate the count
while($row=mysql_fetch_array($sql)){
$id=$row[“id”];
}

is that what it should be?

10

$rows=mysql_num_rows($sql);
if($rows){
while($row=mysql_fetch_[b]assoc/b){
$id=$row[“id”];
}
}

mysql_fetch_assoc gets the associative array.