mat3000000 Posted January 27, 2011 Share Posted January 27, 2011 Hi, why won't this work, there is no error messages so it gets to this point, but won't redirect??? (Obviously a lot is missed out here) $query = mysql_query("SELECT * FROM `users` WHERE `username`='$username'"); if ($username==$dbusername&&$password==$dbpassword) { $_SESSION['user'] = $username; while($row = mysql_fetch_array($query)){ $type = $row['Type']; if ($type=="0") { header("Location: chefpanel.php"); }else{ header("Location: restpanel.php"); } } } else $errors[] = 'Password Incorrect'; } else $errors[] = 'Username Incorrect'; Quote Link to comment Share on other sites More sharing options...
litebearer Posted January 27, 2011 Share Posted January 27, 2011 make sure errors are set on. You should eb getting errors. for 1, you haven't executed your query... Quote Link to comment Share on other sites More sharing options...
mat3000000 Posted January 27, 2011 Author Share Posted January 27, 2011 Errors are on? It all works but just wont redirect to any of the pages, what do you mean I haven't executed my query? Quote Link to comment Share on other sites More sharing options...
litebearer Posted January 27, 2011 Share Posted January 27, 2011 Compare your code to this... $username = some value; $password = some value; $query = mysql_query("SELECT Type FROM users WHERE username='$username' AND password = '$password'"); $result = mysql_query($query); if(mysql_num_rows($result)!=1) { /* bad name or password */ /* redirect back to form */ } $_SESSION['user'] = $username; $row = mysql_fetch_array($query); $type = $row['Type']; if ($type=="0") { header("Location: chefpanel.php"); }else{ header("Location: restpanel.php"); } Quote Link to comment Share on other sites More sharing options...
mat3000000 Posted January 27, 2011 Author Share Posted January 27, 2011 Here is my full code? $query = mysql_query("SELECT * FROM `users` WHERE `username`='$username'"); $numrows = mysql_num_rows($query); if ($numrows!=0) { while($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } if ($username==$dbusername&&$password==$dbpassword) { $_SESSION['user'] = $username; while($row = mysql_fetch_array($query)){ $type = $row['Type']; if ($type=="0") { header("Location: chefpanel.php"); }else{ header("Location: restpanel.php"); } } } else $errors[] = 'Password Incorrect'; } else $errors[] = 'Username is not in our Database'; Quote Link to comment Share on other sites More sharing options...
litebearer Posted January 27, 2011 Share Posted January 27, 2011 no offense, if that is the full code, where are you setting the value for $username, that is called in the very first line? Quote Link to comment Share on other sites More sharing options...
mat3000000 Posted January 27, 2011 Author Share Posted January 27, 2011 Sorry, I lied, It isn't the full code, but it's the important bit. Can you see anything wrong? Quote Link to comment Share on other sites More sharing options...
litebearer Posted January 27, 2011 Share Posted January 27, 2011 Look CLOSELY at all the comments... <?PHP /* first you have you acquire the username form somewhere */ /* presuming you are coming here from a form, where the field name is username and other is password */ /* a good plan to check if the form is submitted - but for now we will skip that as well as cleansing data */ $username = $_POST['username']; $password = $_POST['password']; /* again for simplicity we are not doing any hashing */ /* here you connect to your database */ include('dp.php'); /* or whtever your connection code is */ /* next create your query to see if its a good username AND password */ /* what's point of a password if you are not going to use it to protect access? */ $query = mysql_query("SELECT * FROM users WHERE username ='$username' AND password = '$password'"); /* now you have to ACTUALLY EXECUTE the query */ /* once again I am ignoring proper protocal and not making provision for errors */ /* $result is the 'resource'/'identifer' of the EXECUTED query */ $result = mysql_query($query); /* NOW we can see if the EXECUTED query has found a match - by rights ONE and ONLY ONE record should be found */ $numrows = mysql_num_rows($result); /* if no records found OR too many records found - send them back to the form */ if ($numrows!=1){ /* redirect back to the form page */ } $_SESSION['user'] = $username; /* since we only have one record with which to deal, no need for a loop */ $row = mysql_fetch_array($result); $type = $row['Type']; if ($type=="0") { header("Location: chefpanel.php"); }else{ header("Location: restpanel.php"); } ?> Quote Link to comment Share on other sites More sharing options...
DavidAM Posted January 27, 2011 Share Posted January 27, 2011 The query is executed on the first line of the code snippet: $query = mysql_query("SELECT * FROM `users` WHERE `username`='$username'"); The problem is that you are using while ($row = ...) twice on the same result set. The first WHILE loop has already processed ALL records, so the second while loop is not finding any data and is skipping the entire body of the loop. If you are expecting only ONE row from the query, you do NOT need to use a WHILE loop at all. Check to see if the query was successful, then fetch the data into $row (or whatever) and go from there. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.