Hi all,
I’m a bit stumped on this, as I’ve never encountered this problem before. I have a login script that uses a header redirect after user authentication.
Here’s my script (I usually don’t use the mysql functions, but the hosting server only has PHP 4.4.9):
$login = trim($_POST['username']);
$pass = trim($_POST['passphrase']);
$pass = md5($pass);
$query = "SELECT id FROM users WHERE username='".mysql_real_escape_string($login)."' AND passp='$pass' ";
$result = mysql_query($query);
$num = mysql_num_rows($result);
if($num == 1)
{
session_start();
$_SESSION['logged_in'] = TRUE;
while($row = mysql_fetch_assoc($result))
{
$id = $row['id'];
}
$_SESSION['id'] = $id;
header('Location: /admin');
exit;
}else
{
$status = "<p class=\\"errors\\">The username/password combination you supplied is incorrect. Please try again.</p>\
\\r";
}
I’ve checked to make sure the session variables are set. The header function doesn’t seem to be working here. Before I added the exit call, it was just re-displaying the login form. After adding exit, I just see a blank white screen.
I’ve also tried using an absolute URL for the Location, with no luck.
I’ve taken out the authentication script out of the index file, so when I type the address of the index file directly, I can see it just fine. It’s not redirecting back to the login page (as I thought my auth script was messing things up and just sending me back to the login page).
Any ideas? Thanks in advance.