[RESOLVED] Login Form submits to blank page

@conamamJun 27.2009

I am very new to PHP so please forgive my ignorance. I have been reading posts for the last while and have set up a registration page that encrypts the password with sha1. This page works. My problem is when I try to log in.
I have a simply form that submits to session.php. When I process the form, if the password it incorrect my “print” command works. If the password is correct, the “session.php” page loads blank and the header command does not redirct.

I have tried trouble shooting by replacing the header command with a “print” command and that works. I have tried the header command on it’s own in a blank page and it works. It just doesn’t seem to work on my page.

Thank you for any help you can give me.

My code is placed at the top of the page and it is as follows:

<?php
session_start();
require (‘pconnect.php’);

$username = $_POST[‘username’];
$password = $_POST[‘password’];

$select_query = sprintf(“SELECT * FROM users WHERE username = ‘$username’ and password = sha1(‘$password’)”);

$select_result = mysql_query($select_query);

if (!$select_result) {
$message = ‘Invalid query: ‘ . mysql_error() . “n”;
$message .= ‘Whole query: ‘ . $select_query;
die($message);
}

if (mysql_num_rows($select_result) == 1) {
$row = mysql_fetch_assoc($select_result);
$_SESSION[‘username’] = $row[‘password’];
header (‘Location: TenantBasicInfo.php’);
} else {
Print “User was not found. Check your username and password and try again or register if you haven’t!”;
}
?>

to post a comment

PHP

9 Comments(s) _↴

@webmaster54880Jun 27.2009 — #<?php

session_start();

require ('pconnect.php');

$username = $_POST['username'];

$password = $_POST['password'];

$select_query = sprintf("SELECT * FROM users WHERE username = '$username' and password = sha1('$password')");

$select_result = mysql_query($select_query);

if (!$select_result) {

$message = 'Invalid query: ' . mysql_error() . "n";

$message .= 'Whole query: ' . $select_query;

die($message);

}

if (mysql_num_rows($select_result) == 1) {

$row = mysql_fetch_assoc($select_result);

$_SESSION['username'] = $row['password'];

header ('Location: TenantBasicInfo.php');

} else {

Print "User was not found. Check your username and password and try again or register if you haven't!";

}

?> [/QUOTE]

First I would recommend hashing the password before you use it in your query string and second your header redirect may not be working because of the space before the 'TenantBasicInfo.php' in your header declaration.

Remove the space between the Location: and the 'TenantBasicInfo.php' and see if that fixes your problem.

@conamamauthorJun 27.2009 — #Thanks for your reply. I was planning on adding the hashing after I got the code working, as I'm still nervous about wrting my own code. I go step by step.

Unfortuantly, as to your other comment, I have tried every variation to the header line I can think of, but still no luck. Could it be a hosting issue?

@Joseph_WitchardJun 27.2009 — #I am by no means an expert, but I'm just going to throw this out there: it looks to me like you're selecting a sha1() password from your database. Is that the type of password that's in the database? I had this same problem; the passwords have to match exactly.

[code=php]
 <?php
 
 $password = 'apple';
 $password = sha1($password);
 // password is now 'd0be2dc421be4fcd0172e5afceea3970e2f3d940'
 // but is it stored that way in the database?
 ?>[/code]

@conamamauthorJun 27.2009 — #Yes, the password is okay. If I take out the header line and insert a "print" line it works. For some reason it just doesn't want to redirect.

@toenailsinJun 27.2009 — #put this in to see if there are any errors. there may be something getting echo'd earlier in the script which will prevent any changes to the headers.

error_reporting(E_ALL);

ini_set('display_errors', '1');

Remove the space between the Location: and the 'TenantBasicInfo.php' and see if that fixes your problem.[/QUOTE]
I always put a space in my headers just to make it more readable. its never affected performance.

@webmaster54880Jun 27.2009 — #You know I just thought of this because this sometimes happens to me. Your header may be working fine. Have you check the script or code in the file that you are trying to redirect to? Check the URL in the browser window to see where you are actually ending up.

@conamamauthorJun 27.2009 — #These are the errors I'm getting. I'm not sure what they mean.

Warning: Unknown: open(/var/php_sessions/sess_cc162bc8babecc0693b6833d59526e28, O_RDWR) failed: No such file or directory (2) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/php_sessions) in Unknown on line 0

@conamamauthorJun 27.2009 — #Thanks to everyone for your help. I called my hosting company and they did something to get rid of the initial error. I got a new error that the header had already been sent and it was from my require ('pconnect.php'); file. It works perfectly now.

Thanks so much for all the help.

@PierceMooreJun 27.2009 — #Those stinkers :-P

Also in #PHP _↴

Opeing other programs like Acrobat reader and others in browser. . .? How [RESOLVED] Share vars between servers is there unescape function in php?

Success!

Help @conamam spread the word by sharing this article on Twitter...

Tweet This

[RESOLVED] Login Form submits to blank page

9 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

[RESOLVED] Login Form submits to blank page

9 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

9 Comments(s) _↴

Also in #PHP _↴