This is driviing me nuts. I think i've stared at this too long and now can't see the problem. This is a login page I created:



<?php
$userid = $_POST["userid"];
$password = $_POST["password"];
$submit = $_POST["submit"];
//process login
if(isset($submit)){
include("includes/login_module.php");
$login_msg = user_login($userid, $password);
if($login_msg == "validated"){
header("Location: cp.php");
}//end if
}//end if

// show login form
include("includes/header_no_access.php");
?>
<!-- begin login form -->
<table width="264" border="0" cellspacing="0" cellpadding="3">
<form name="form1" method="post" action="<?php echo $HTTP_SERVER_VARS['PHP_SELF']; ?>">
<tr bgcolor="#006699">
<td width="80" class="pageContentWhite">User ID</td>
<td width="172"><input name="userid" type="text" id="userid"></td>
</tr>
<tr bgcolor="#006699">
<td class="pageContentWhite">Password</td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr bgcolor="#006699">
<td>&nbsp;</td>
<td><input type="submit" name="submit" value="Login"></td>
</tr>
</form>
</table>
<!-- end login form -->

<?php
echo $login_msg;
include("includes/footer.php");
?>



For some reason the header is not working when the login has been validated.

if($login_msg == "validated"){
header("Location: cp.php");
}//end if



I know the login is being validated as I checked that by putting an echo statement in there to make sure. I get no php errors. It just stays on the login page.

????

Ok i figured it out. It was actually working just fine. The page it was redirecting to was checking for a session variable and if it didnt exist was taking me back to this page. lol

I swear programming can drive us insane. :)

I got no rational explanation for you though I am sure there is one !

anyway I have had this issue in the past, usually when using output buffering (ob_start(); etc)

It is usually sorted by calling die();

header("Location: cp.php");die();

which does not actually die() but seems to clear up the problem, perhaps it flushes the output buffer ??

haha , puts the kybosh on my theory then :)

I actually added in an exit after the header to prevent any other coding from executing once the header gets sent.

The reason my session variable didn't exist though is kind of odd. I put the coding for creating the session in the included login_module.php file but it was not creating the session. I moved the code for creating the session into the login page and it worked fine.

Not sure why though.

Here is the login_module.php:


<?php
function user_login($userid, $password){

// validation messages
$error1 = "Please type in your username and password";
$error2 = "Username or Password not found";
$validated = "validated";

//validating username and password
if($userid==null || $userid=="" || $password==null || $password==""){
return $error1;
}
//checking if login exists
else{
include("includes/db_connect.php");
$query = "SELECT userid FROM access_levels WHERE userid='$userid' and password='$password'";
$result = mysql_query($query);

//login found
if (mysql_num_rows($result)){
return $validated;
}//end if

//login not found
else{
return $error2;
}//end else
}//end else
}//end user_login()
?>



I had put the code for creating the session in this section of the login_module.php page which is included in the login page:


//login found
if (mysql_num_rows($result)){
//session code was here
return $validated;
}//end if


but it wasn't working so I had to move it into this section of the login page:


if($login_msg == "validated"){

//session code is here now

header("Location: cp.php");
}//end if



Any ideas why that wasn't working?