search

thedigicraft / Atom.CMS

Atom.CMS
56 stars 52 forks source link

login page no-redirect #51

Closed tmcgahn closed 10 years ago

tmcgahn commented 10 years ago

Hi, I have been working on this for two day's and cant figure out the login redirect issue. I read earlier posts and used a few suggestions - to no avail. Here is where I am at: I added the following grabbed from another post: " Okay. Try this...

Somewhere within the < body >< /body > tags on login.php place this code:

if($_POST) {

echo '<pre>';

    print_r($_SESSION);

    print_r($_POST);

    print_r($_GET);

    print_r($page);

echo '</pre>';

}

Fill out the login form, submit it. Then copy/paste what gets echoed out to the page. If you need to hide the password, go ahead and do that. "

Here are the results: Array ( [username] => tom@tom.com ) Array ( [email] => tom@tom.com [password] => 123 ) Array ( ) Still will not redirect to index.php here is the actual code: <?php

Start Session:

session_start();

Database Connection

include('../config/connection.php');

if ($_POST){

$q = "SELECT * FROM users WHERE email = '$_POST[email]' AND password = sha1('$_POST[password]')";
$r = mysqli_query($dbc, $q);

if (mysqli_num_rows($r) == 1){
    $_SESSION['username'] = $_POST['email'];
    header('Location: index.php');

}

}

?> Any thoughts?

iboutsikas commented 10 years ago

I think that no redirection means that the if statement doesnt execute, which in turn means that mysqli_num_rows is not 1. Please check under phpmyadmin that the user you are trying to connect with is indeed set up like that. You have to make sure that the password is sha1 encrypted in database and not just 123.

tmcgahn commented 10 years ago

Hi Zinadore,

Here is the database data: id first last email password status 1 Tom McGahn tom@tom.com 40bd001563085fc35165329ea1ff5c5ecbdbbeef 1

obviously encrypted.

displayed login results echoing added username, input password, sha1 password, and previous arrays session username: tom@tom.com post password: 123 sha1 post password: 40bd001563085fc35165329ea1ff5c5ecbdbbeef Array ( [username] => tom@tom.com ) Array ( [email] => tom@tom.com [password] => 123 ) Array ( ) The troubling point is that username is assigned and that happens in the if statement -so I don't know what is going on. Could it be in the index page? where the session is not picking up the assigned value and redirecting back to login.php?

Here is that code:

start the session

session_start(); 

if(!isset($_SESSION['username'])){
    header('Location: login.php'); # redirects to login page if not logged in
}

?>

tmcgahn commented 10 years ago

I figured this out! I am using Ipage and needed to add the following to get the redirect and sessions to work. @ob_start(); // Output Buffering

start Session:

session_save_path('my complete path + /cgi-bin/tmp'); session_start();