Hi,

I have a "check_login" function which checks whether the user is logged in or not and if it isn't, redirects them to "login.php". When I try going to the page whilst logged in, it displays as it should. However, when I'm logged out and I try it, instead of sending me to the "login.php" page, it displays "The page isn't redirecting properly: Firefox has detected that the server is redirecting the request for this address in a way that will never complete."

Here is the check_login function:

function check_login() {

session_start();
if (!isset($_SESSION['user'])) {

header('Location: login.php');

}

}

Any help would be much appreciated.

Looking at the aspect of seeing only a function for checking if the user's loggedin, and if not would redirect, clearly, there's no problem. :)

Can you show us the logout script and your login? Specifically in the logout script the part where you unset the "user" variable in the session.

Sure. Here is the login.php:

<?php
include("db.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from Form
$username=mysql_real_escape_string($_POST['username']); 
$password=mysql_real_escape_string($_POST['password']); 
$password = sha1($password);
$sql="SELECT * FROM client_login WHERE Username='$username' and Password='$password'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
$row = mysql_fetch_array($result);
$client_ref = $row['Client_ref'];
$user_level = $row['user_level'];
// If result matched $username and $password, table row must be 1 row
if($count==1)
{

$_SESSION['user_level'] = $user_level;
if (isset($_client_ref)) {
$_SESSION['client_ref'] = $client_ref;
}
$_SESSION['user'] = $username;

if ($user_level == '1') {
header('Location: admin.php');
} else {

header('Location: myaccount.php');
}
}
else 
{
$_SESSION['oops'] = "USERNAME OR PASSWORD INCORRECT";
header('Location: error.php');
}
}
?>
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<title>Contisec Portal</title>

<link rel="stylesheet" href="css/style.css" />

</head>

<body>



<form method="post" action="login.php">

    <h2>CONTISEC PORTAL</h2>

    <input type="text" name="username" class="text-field" placeholder="Username" />
    <input type="password" name="password" class="text-field" placeholder="Password" />

    <input type="submit" value="LOG IN BITCH!" class="button" />

</form>

</body>
</html>

Here is the logout.php:

<?php

session_start();
session_destroy();

header('Location: login.php');



?>

Here is the login_fns.php file from where I took the check_login function:

<?php


function check_login() {

session_start();
if (!isset($_SESSION['user'])) {

header('Location: login.php');

}

}



function check_admin() {

if ($_SESSION['user_level'] != '1') {

header('Location: myaccount.php');

}

}

function check_user() {

if ($_SESSION['user_level'] != '0') {

header('Location: admin.php');

}

}

?>

Also, here is one of the pages where check_function is called:

<?php

include("login_fns.php");
check_login();
check_admin();

?>


<!DOCTYPE html>
<html lang="en">
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  <title>CONTISEC PORTAL - ADMIN <?php echo "(",$_SESSION['user'],")"; ?></title>
  <link rel="stylesheet" href="buttcss/gstyle_buttons.css" type="text/css"  media="screen">
  <style>

 body {

    background: #CCCCCC
}

h1 {



} 

.buttons {

    background: #F1F1F1;
    padding: 11px;
    border: 1px solid #D2D2D2;
    width: 843px;
    margin-bottom: 20px;
}
#container {
    text-align: left;
    background: #CCCCCC;
    width: 865px;
    margin: 300px auto 0;
    padding: 20px;

}
h1 {
font-family: arial;
font-size: 30px;
font-weight: bold;
color: #3c659b;
text-transform: capitalize;
font-style: normal;
line-height: normal;
font-variant: normal;
word-spacing: normal;
display:inline;
margin-left: auto;
margin-right: auto;
width: 211px; - these are the size of the layer
height: 45px;
text-indent: 0px;
}



  </style>
  </head>
  <body>

  <div id="container">
    <div class="buttons">
      <a href="#"><button class="action bluebtn"><span class="label">CREATE NEW ACCOUNT</span></button></a>
      <button class="action redbtn"><span class="label">EDIT ACCOUNT</span></button>
      <button class="action greenbtn"><span class="label">IMPORT EDI TEXT FILES</span></button>
      <a href="logout.php"><button class="action"><span class="label">LOG OUT <?php echo "(",$_SESSION['user'],")"; ?> </span></button></a>
    </div>


  </div>

</body>
</html>

Hmm.. Seems there's no way you'd go in a loop here though.

What is the address when you see the redirection loop error points to? or on what script file?

When I try new_user.php, it goes to admin.php and then displays the error message. If I go to admin.php, it stays on the same page and also displays the error.

Correct me if I'm wrong:

Admin owns

  • admin.php

uses check_admin() while

User owns

  • new_user.php

uses check_user()

So, when you try to access new_user.php as an ADMIN it would redirect you to admin.php. And as an ADMIN, when you're in admin.php no redirection will happen.
Is admin.php the last file you posted?

No. User owns myaccount.php
When you're logged into either account, the redirection works fine. In the case of admin, you can access admin.php and new_user.php whereas user can only access myaccount.php
I'll post admin.php.

This is the admin.php code:

<?php

include("login_fns.php");
check_login();
check_admin();

?>


<!DOCTYPE html>
<html lang="en">
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  <title>CONTISEC PORTAL - ADMIN <?php echo "(",$_SESSION['user'],")"; ?></title>
  <link rel="stylesheet" href="buttcss/gstyle_buttons.css" type="text/css"  media="screen">
  <style>

 body {

    background: #CCCCCC
}

h1 {



} 

.buttons {

    background: #F1F1F1;
    padding: 11px;
    border: 1px solid #D2D2D2;
    width: 843px;
    margin-bottom: 20px;
}
#container {
    text-align: left;
    background: #CCCCCC;
    width: 865px;
    margin: 300px auto 0;
    padding: 20px;

}
h1 {
font-family: arial;
font-size: 30px;
font-weight: bold;
color: #3c659b;
text-transform: capitalize;
font-style: normal;
line-height: normal;
font-variant: normal;
word-spacing: normal;
display:inline;
margin-left: auto;
margin-right: auto;
width: 211px; - these are the size of the layer
height: 45px;
text-indent: 0px;
}



  </style>
  </head>
  <body>

  <div id="container">
    <div class="buttons">
      <a href="new_user.php"><button class="action bluebtn"><span class="label">CREATE NEW ACCOUNT</span></button></a>
      <button class="action redbtn"><span class="label">EDIT ACCOUNT</span></button>
      <button class="action greenbtn"><span class="label">IMPORT EDI TEXT FILES</span></button>
      <a href="logout.php"><button class="action"><span class="label">LOG OUT <?php echo "(",$_SESSION['user'],")"; ?> </span></button></a>
    </div>


  </div>

</body>
</html>

" function check_admin() {

header('Location: myaccount.php');
}
}
function check_user() {
if ($_SESSION['user_level'] != '0') {
header('Location: admin.php');


then the user and the administrator can use user_level= 2   ?"