I am trying to make a login page using php.
index.php contain form for "login" and "password" which will be check by "process.php"
My intention is: if the login or password is incorrect, an alert box will pop up telling the user the case, and redirect back to index.php
Here is the code for process.php
<?php session_start(); include('db.php'); if(isset($_POST['submit'])) : // Username and password sent from signup form // Remove all HTML-tags and PHP-tags $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); // Make the query a wee-bit safer $query = sprintf("SELECT ID FROM users WHERE username = '%s' AND user_password = '%s' LIMIT 1;", mysql_real_escape_string($username), mysql_real_escape_string($password)); $result = mysql_query($query); if(1 != mysql_num_rows($result)) : // MySQL returned zero rows (or there's something wrong with the query) echo "<script>alert('Wrong login or password')</script>"; header('Location: index.php'); else : // We found the row that we were looking for $row = mysql_fetch_assoc($result); // Register the user ID for further use $_SESSION['member_ID'] = $row['ID']; header('Location: members-only.php'); endif; endif; ?>
I got the error message in "cannot modify header information". From the php textbox that I got, I know that the error was caused because I put "echo" code before "header"
Is there anyway to achieve what I want to do without putting anything before the header?