Hi everyone,

I am trying to make a login form for my site. I am using the About.com code as a template of sorts. You can find that here: http://php.about.com/od/finishedphp1/ss/php_login_code_4.htm

I have since changed this code to make it easier for my clients to log in. I want them to have only one field to fill out. Since I have done this however, Firefox has given me a warning:

Redirect Loop

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

The browser has stopped trying to retrieve the requested item. The site is redirecting the request in a way that will never complete.

* Have you disabled or blocked cookies required by this site?
* NOTE: If accepting the site's cookies does not resolve the problem, it is likely a server configuration issue and not your computer.

Now, clearly I have cookies enabled for my own site. I have also talked with my server regarding a potential configuration issue. Since there is nonesuch configuration issue, I believe I have screwed up somewhere. Here is my code:

<?php
// Connects to your Database
mysql_connect("localhost", "XXXX", "XXXX") or die(mysql_error());
mysql_select_db("XXXX") or die(mysql_error());

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{
$password = $_COOKIE['ID_my_site'];
$check = mysql_query("SELECT * FROM Prospects WHERE password = '$password'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($password != $info['password'])
{
}
else
{
header("Location: XXXX.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['password']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['password'] = addslashes($_POST['password']);
}
$check = mysql_query("SELECT * FROM Prospects WHERE password = '".$_POST['password']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=NDA.htm>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['password'] = stripslashes($_POST['password']);
$info['password'] = stripslashes($info['password']);
$_POST['password'] = $_POST['password'];

//gives error if the password is wrong
if ($_POST['password'] != $info['password']) {
echo "This '".$_POST['pword']."' should be the same as '".$info['password']."' and if it isn't...why?";
die('Incorrect log in, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['password'] = stripslashes($_POST['password']);
$hour = time() + 3600;
setcookie("ID_my_site", $_POST['password'], $hour);

//then redirect them to the members area
header("Location: XXXX.php");
}
}
}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>E-Mail Address:</td><td>
<input type="password" name="password">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}

?>

Thanks very much in advance for any advice you may give me.

Bettina

This question has already been answered. Start a new discussion instead.