Member Avatar for Zagga

Just an afterthought, do you have cookies enabled on your browser?

yes cookies is enabled

I think it has to do with this section. The reason why I think its this secion is because it log into the server fine. Inside mySQL for redirect column (id, username, password, redirect), I have it redirect to workspace_files.php. Now, at this point, it won't go in there and redirect but instead it goes back to workspace.php. However if I put

header("Location: '$redirect'");

instead of

header("Location: $redirect");

it will actually redirect to the file specified in redirect column of mySQL which is workspace_files.php. The only problem is that it will say in the url as 'workspace_files.php' and there are no such file. 'workspace_files.php' is not a file but workspace_files.php is the file. I am not sure how to fix this. It must be a code related problem.

Below is the section I am talking about at the bottom of workspace_login.php.

// get the redirect column's value
    $redirect = trim($result['redirect']);
    if ($redirect == '') {
        echo "No redirect value was set!";
    } else {
        header("Location: $redirect");
        exit;
    }
} else {
    header("Location: workspace.php");
}

gaaaaaaah!!!

I assumed the directory was saved in the database, and not just the page name... facepalm

try:
header("Location: /$redirect");

if you are on a Windows server it may be:

header("Location: \$redirect");

and if all else fails...

header("Location: ./$redirect"); <- notice the period. If one period doesnt work, you can always try 2 ../

Its not hosted on a Window server. I believe its Linux. As for trying the differnt headers you suggested, none of them work. Still going back to workspace.php

Member Avatar for Zagga

All 3 'workspace' files are in the same directory?
In the redirect field in your database you have workspace_files.php (without any single or double quotes)?

Zagga,

Yes all 3 files are in the same directory. As for the workspace_files, there are no single or double quote.

Here is the setup for the table workspace in mySQL.

Field      Type         Collation           Null   Extra
id         int10                            No     auto_increment
username   varchar20    latin1_swedish_ci   No
password   varchar20    latin1_swedish_ci   No
redirect   varchar250   latin1_swedish_ci   No

Here is how the row(s) for workspace table are setup.

id     username     password     redirect
1      johndoe      12345        workspace_files.php

id is Primary and username, password and redirect is by default.

Zagga, if you look up you will see that the redirects are working. I forgot that we tested it last night and he said we got a message from the target page. The problem is with $_SESSION persistence.

instead, in workspace_login.php, before the header redirect (line 36), add session_write_close();

Also, I think exit on line 37 should be exit();

What I got so far but still the same.

<?php
//Start session
session_start();

$host="localhost"; // Host name 
$username="****"; // Mysql username 
$password="****"; // Mysql password 
$db_name="****"; // Database name 
$tbl_name="workspace"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$username=$_POST['username'];
$password=$_POST['password'];

// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql = "SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result = mysql_query($sql);

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

// If result matched $username and $password, table row must be 1 row
if($count == 1){

// Register $username, $password and redirect
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;

// get the result set from the query
$result = mysql_fetch_array($result);

// get the redirect column's value
$redirect = trim($result['redirect']);
    if ($redirect == '') {
        echo "No redirect value was set!";
    } else {
        session_write_close();
        header("Location: /$redirect");
        exit();
    }
} else {
    header("Location: workspace.php");
}
?>

after line 50 you need exit(); as well. any header change requires a complete exit(); from the script.

exit(); placed after line 50. Still the same

k, remove session_write_close();

Im betting the missing exit() was the problem. Should work with that gone.

removed. Still the same

from line 38 change as follows:

while ($data = mysql_fetch_array($result) {
 $redirect = trim($data['redirect']);
 if($redirect == '') {
  echo "No redirect value found!";
 }else {
 header("Location: $redirect");
 exit();
}
}
else {
header ("Location: workspace.php");
exit();
}
?>

What I got so far.

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$username=$_POST['username'];
$password=$_POST['password'];

// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql = "SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result = mysql_query($sql);

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

// If result matched $username and $password, table row must be 1 row
if($count == 1){

// Register $username, $password and redirect
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;

// get the result set from the query
while ($data = mysql_fetch_array($result) {
 $redirect = trim($data['redirect']);
 if($redirect == '') {
  echo "No redirect value found!";
 }else {
 header("Location: $redirect");
 exit();
}
}
else {
header ("Location: workspace.php");
exit();
}
?>

There is an error:

0
Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

woops.. line 28 add another closing )

while ($data = mysql_fetch_array($result)) {
Member Avatar for Zagga

My bad with the exit typo, sorry about that. I'm also getting notification of updates late so missed an entire page of the thread.

Anyway, if we think it's a session problem we could try a simple test, without any of the extra code . . .

page1.php

<?php
session_start();
$_SESSION['testVar'] = "Session Persisted";
header('Location: page2.php');
exit();
?>

page2.php

<?php
session_start();
echo "Result: " . $_SESSION['testVar'];
?>

Browse to page1.php and see if we get the session variable when it redirects us to page2.php

Ryan,

I added another closing but still the same error.

Member Avatar for Zagga

Sorry I don't understand. Did you create the 2 test pages above and run page1.php?

Zagga,

I browse to page1 and it said Resutl on page 2

Member Avatar for Zagga

Just "Result: " not "Result: Session Persisted"?

Just Result:

Nothing more.

same 'result' we had last night :-P

to fix the code I gave you, add another } to line 34. The rest is fine.

and.. after review... it seems that you forgot session_start() at the top of your page again ;) That should fix your problem.

Ryan,

Still the same thing. I never forgot the session_start at the top. I just did not include it the last time. Sorry. Here is what I got so far per your code.

<?php
//Start session
session_start();

$host="localhost"; // Host name 
$username="*****"; // Mysql username 
$password="*****"; // Mysql password 
$db_name="*****"; // Database name 
$tbl_name="workspace"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$username=$_POST['username'];
$password=$_POST['password'];

// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql = "SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result = mysql_query($sql);

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

// If result matched $username and $password, table row must be 1 row
if($count == 1){

// Register $username, $password and redirect
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;

// get the result set from the query
while ($data = mysql_fetch_array($result)) {
 $redirect = trim($data['redirect']);
 if($redirect == '') {
  echo "No redirect value found!";
 }else {
 header("Location: $redirect");
 exit();  }
}
}
else {
header ("Location: workspace.php");
exit();
}
?>

do me a favor and clear out all your cookies. Close your browser, open and retry it. Make sure you are getting a cookie set.

Also, apparently an oddity, check to see if it works in another browser.

Just did with cookies. Same thing. I tried it in IE as well. Same thing.

did the cookie set in your cookies folder?

I am not really sure how to check this.

with internet explorer, you click the cog looking thing, go to internet settings -> (under history) settings -> view files

if there are a lot of them, you need to clear them out (delete them) and then try to run your script.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.