...

View Full Version : help! having login redirect problem



mfriedman24
03-14-2009, 12:14 PM
hi i have a site that members can sign up for and when they log in they go to their individual member profile page. i'm having a problem redirecting them to their page when they log in because instead of making the url /home.php?id=###, it just goes to /home.php?id= and thats it and it gives me an error, below is my code, how do i redirect the users to their page. (the ### should be their user id number) thanks!


<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['email'])) {
$loginUsername=$_POST['email'];
$password=$_POST['password'];
$userid = $_REQUEST['id'];
$MM_fldUserAuthorization = "Access";
$MM_redirectLoginSuccess = "/home.php?id=$userid";
$MM_redirectLoginFailed = "/loginfail.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_SH, $SH);

$LoginRS__query=sprintf("SELECT Username, Password, Access FROM Signup WHERE Username=%s AND Password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

$LoginRS = mysql_query($LoginRS__query, $SH) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {

$loginStrGroup = mysql_result($LoginRS,0,'Access');

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>

abduraooft
03-14-2009, 12:36 PM
$userid = $_REQUEST['id']; Are you getting the right value from that variable? Put an echo before that statement and test it. I think you need to extract the id from the mysql_query result.

mfriedman24
03-14-2009, 12:45 PM
im not sure and the echo i tried to do didnt work - i'm really new to all this but i took that out of the login script and put it in the sql query and here is what i have - what should i do? - with this code i get the error "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1"


<?php
$userid = $_REQUEST['id'];
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}

mysql_select_db($database_SH, $SH);
$query_Recordset1 = "SELECT * FROM Signup where id = $userid";
$Recordset1 = mysql_query($query_Recordset1, $SH) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['email'])) {
$loginUsername=$_POST['email'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "Access";
$MM_redirectLoginSuccess = "/home.php?id=$userid";
$MM_redirectLoginFailed = "/loginfail.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_SH, $SH);

$LoginRS__query=sprintf("SELECT Username, Password, Access FROM Signup WHERE Username=%s AND Password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

$LoginRS = mysql_query($LoginRS__query, $SH) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {

$loginStrGroup = mysql_result($LoginRS,0,'Access');

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>

abduraooft
03-14-2009, 12:47 PM
$userid = $_REQUEST['id']; What the above statement supposed to do?

mfriedman24
03-14-2009, 12:53 PM
it's supposed to get the user's id so i can put it at the end of the home.php?id=### url i dont think i'm doing it right, how do i do it? i just need to get their id once they login and redirect them to the page with their id as the last numbers of the url

riwan
03-14-2009, 01:52 PM
well, you need to check first if $_REQUEST['id'] is empty or not.
If its empty then you'll definitely get an error in your mysql query.
Btw, why are you using $_REQUEST to get the id instead of $_POST ?
That could be the reason you are searching for.
you could put the id in hidden input field and retrieve the value using $_POST

abduraooft
03-14-2009, 01:57 PM
Btw, why are you using $_REQUEST to get the id instead of $_POST ?
That could be the reason you are searching for.
you could put the id in hidden input field and retrieve the value using $_POST How do you assume the id would be passed via POST from the login page?

mfriedman24
03-14-2009, 02:11 PM
i'm using request because that's what's working for me on my other pages, but not this one. the id is the user's individual id so i cannot post it in a hidden field. i have to get it from the database once they login using their information, then redirect them to a page with their id in the url. how do i get their id from the database once they login?



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum