I have a redirect code that seems to work for all but one of my pages. The code does this: checks to see if a user is logged in. If not, then it stores the URL that the user is trying to access and provides a login link. On the logged in page, the code checks to see if a redirect variable has been stored. If so, it redirects the user back to the page they were trying to access. Sounds simple.

So, page1.php:

session_start();
if (!isset($_SESSION['username'])) {
$_SESSION['redirect'] = "http://localhost/userdirectory/$querieduser";
die("<div id='message'><br/><br/><br/>You must first <a href='http://localhost/login'> login </a> before accessing this page.</div>");
}


This part of the codes seems to work. When I go to it without being logged in, it displays the login message. When echoing $_SESSION['redirect'] on this page, it shows the correct redirect url. Let's say for example, the queried user is bluemoon. It shows http://localhost/userdirectory/bluemoon. So far so good.

Next page: login.php - just a login form, no php.
Next page: loggedin.php (target of login.php form)

session_start();

//connectionString

$username = mysql_real_escape_string($_POST['username']);
$password = sha1(mysql_real_escape_string($_POST['password']));

$querypw = "SELECT password FROM users WHERE username='$username'";
$pwaction = @mysql_query($querypw, $dbc);
$ccpwarray = mysql_fetch_row($pwaction);
$ccpassword = $ccpwarray[0];

if ($ccpassword == $password) {
$LOGGEDIN = TRUE;
$_SESSION['username'] = $username;

if (isset($_SESSION['redirect']) && $_SESSION['redirect'] != "") {
$REDIRECT = TRUE;
header( "refresh: 3; url={$_SESSION['redirect']}" );
$_SESSION['redirect'] = "";
}

else {
header( 'refresh: 3; url= http://local/main.php' );
$_SESSION['redirect'] = "";
}
}

else {
$LOGGEDIN = FALSE;
}


The important part of this script is where it checks for $_SESSION['redirect']. After I login, it successfully sees that the variable is set and redirects me. However, instead of directing me to http://localhost/userdirectory/bluemoon (which was the value of $_SESSION['redirect'] on page1.php) it takes me to http://localhost/userdirectory/images/masthead/tabs.

So, somewhere in these smalls bits of code, the value of $_SESSION['redirect'] change from "http://localhost/userdirectory/bluemoon" to "http://localhost/userdirectory/images/masthead/tabs". I don't know how the hell the value is getting changed, or why it would be changed to this. images/masthead/tabs isn't even referenced in any of this code.

It's especially confusing because
1) the code on page1.php dies after displaying the login message. So, no subsequent php code on that page could be changing the value.
2) the snippet of code for loggedin.php that I have provided is not preceded by any other php code. So, no other section of code before this could be changing the value.
3) I use this exact direct method for other pages, and it works fine.

The problem must lie in the small snippets of code that I've listed here. But it all seems so straightforward, I can't imagine where it's going wrong. I'm going nuts trying to figure out where the problem could be.

I would really appreciate any input on this problem. This is the last bug on my entire site and it's like a cockroach. It just won't die.

Well, the first problem with the redirect is that your header() function isn't in the correct format. You seem to be trying to use the meta refresh format with the header() function. It should be:
header('Location: http://www.url.com/');
Also, instead of selecting the password from the database you should SELECT COUNT(*) FROM `table` WHERE `username` = '$username' AND `password` = '$password' LIMIT 1, which will return 1 or 0.

Thanks for the tip. I've changed the header to a redirect as opposed to a meta refresh, which is more efficient. The problem, however, remains. Ugh.

As far as retrieving the password differently, is your method more secure or just more efficient?

Post the code you have now.

Here it is:

page1.php

session_start();
if (!isset($_SESSION['username'])) {
$_SESSION['redirect'] = "http://localhost/userdirectory/$querieduser";
die("<div id='message'><br/><br/><br/>You must first <a href='http://localhost/login'> login </a> before accessing this page.</div>");
}


loggedin.php

session_start();

//connectionstring

$username = mysql_real_escape_string($_POST['username']);
$password = sha1(mysql_real_escape_string($_POST['password']));

$querypw = "SELECT COUNT(*) FROM `users` WHERE `username`='$username' AND `password`='$password' LIMIT 1";
$pwcheck = mysql_result(mysql_query($querypw, $dbc), 0);

if ($pwcheck == 1) {
$LOGGEDIN = TRUE;
$_SESSION['username'] = $username;

if (isset($_SESSION['redirect']) && $_SESSION['redirect'] != "") {
$REDIRECT = TRUE;
header( "Location: {$_SESSION['redirect']}" );
$_SESSION['redirect'] = "";
}

else {
header( 'Location: http://localhost/main.php' );
$_SESSION['redirect'] = "";
}
}

else {
$LOGGEDIN = FALSE;
}

Add:die("Location: {$_SESSION['redirect']}");
// before
header( "Location: {$_SESSION['redirect']}" );
And post the output.

As far as retrieving the password differently, is your method more secure or just more efficient?
It depends really. It might not be any more secure per se, but it separates the database logic from the programming logic. And you avoid handling the password at all, other than hashing it and sending it to the database. You also don't have any extra variables floating around with the password in them which could possibly be exploited.

The output is:

http://localthost/userdirectory/images/masthead/tabs

which is the wrong address. Strangely the variable is now different than it was on page1.php.

So the problem must be occurring before this but after the script dies on page1.php The only thing between these two snippets is login.php, so I'll go ahead a reference it. Although, it's really just a simple form.

<?php
session_start();
echo "
<form action='http://localhost/loggedin.php' method='post'>
<table align='center' valign='middle' width='300'>
<tr>
<td colspan='2'><div align='center'>Please enter your login information:</div></td>
</tr>
<tr>
<td width='36%'>&nbsp;</td>
<td width='64%'>&nbsp;</td>
</tr>
<tr>
<td> User Name:</td>
<td><input type='text' size='20' name='username' /> </td>
</tr>
<tr>
<td> Password: </td>
<td> <input type='password' size='20' name='password' /> </td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
<tr>
<td colspan='2'><div align='center'><input name='submit' type='submit' value='Login' />
</div></td>
</tr>
<tr>
<td colspan='2'>&nbsp;</td>
</tr>
<tr>
<td colspan='2'><div align='center'>Not a member? <a href='http://localhost/register'> Register Now. </a></div></td>
</tr>
</table>
</form>
";
?>

Your $_SESSION['redirect'] is being overwritten somewhere. Try adding in echo()'s at different places, and on every page so you can find out where it is happening.

Alright, so the plot thickens.

page1.php is very simple:

if (!isset($_SESSION['username'])) {
$_SESSION['redirect'] = "http://www.knowidea.org/userdirectory/$querieduser";
die("<div id='message'><br/><br/><br/>You must first <a href='http://localhost/login'> login </a> before accessing this page.<br /> {$_SESSION['redirect']} </div>");
}


$_SESSION['redirect'] is echoed as "http://localhost/userdirectory/bluemoon" . That's good.

On the next page, login.php, I write this:

session_start();
echo "\$_SESSION[\"redirect\"] = {$_SESSION['redirect']}";


It outputs:
$_SESSION["redirect"] = http://localhost/userdirectory/images/masthead/tabs

There isn't any code being executed between these 2 echoes. The code dies directly after storing the variable on page1.php, and these are the first lines on login.php. I don't know how the variable is being overwritten. It makes no sense to me.

The problem remains. Does anyone have any ideas about what could be causing this issue? I'm not looking for someone to do the work for me, but I could really use some leads.