php - Logging in gets me to the wrong page -


on page, http://mackscript.netii.net/main_login.php when login, gets me wrong page, want me page specified ?nav_to so, specify ?nav_to=shop.php. redirects login_success.php.

code main_login.php

<html> <head> <title>please login</title> <link rel="stylesheet" type="text/css" href="style.css"> </head> <body> <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#cccccc"> <tr> <form name="form1" method="post" action="checklogin.php" style="color:#b3b3b3;"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#ffffff"> <tr> <td colspan="3"><strong>member login </strong></td> </tr> <tr> <td width="78">username</td> <td width="6">:</td> <td width="294"><input name="myusername" type="text" class="field" id="myusername"></td> </tr> <tr> <td>password</td> <td>:</td> <td><input name="mypassword" type="password" class="field" id="mypassword"></td> </tr> <tr> <td><a href="insert.php">register</a></td> <td><input type="submit" name="submit" class="but" value="login"></td> <td><a href="contact.php">forgot pass?</a></td> </tr> </table> </td> </form> </tr> </table> </body> </html>

code checklogin.php (this checks login , redirects)(details have been removed)

<?php ob_end_flush();  define('debug', true);  ob_start(); $host=""; // host name  $username=""; // mysql username  $password=""; // mysql password  $db_name=""; // database name  $tbl_name=""; // table name   // connect server , select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect");  mysql_select_db("$db_name")or die("cannot select db");  // username , password sent form  $myusername=$_post['myusername'];  $mypassword=$_post['mypassword'];  $nav = $_get['nav_to']; $nav_to = (string)$nav;  // protect mysql injection (more detail mysql injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $mypass = md5($mypassword); $sql="select * $tbl_name username='$myusername' , password='$mypass'"; $result=mysql_query($sql);  // mysql_num_row counting table row $count=mysql_num_rows($result);  // if result matched $myusername , $mypassword, table row must 1 row if($count==1){  // register $myusername, $mypass , redirect file "login_success.php" $sql="select credits $tbl_name username='$myusername' , password='$mypass'"; $creds=mysql_query($sql); $row = mysql_fetch_row($creds); session_register("myusername"); session_register("mypass"); if(!empty($nav_to)){ header("location:$nav_to"); } if(empty($nav_to)){  header("location:login_success.php?name=$myusername"); setcookie("valid", "true", time()+3600); setcookie("creds", "$row[0]", time()+3600); }  }else { echo "wrong username or password"; echo "<p><a href='main_login.php'>back</a></p>"; } ?> <html> <head> <link rel="stylesheet" type="text/css" href="style.css"> </head> <body> </body> </html>

i think because $nav_to not in $_get ! - method in form "post" cant see input name.

you should add form this:

<input type="hidden" name="nav_to" value="<?php echo $_get["nav_to"]; ?>" />

Comments

Post a Comment

Popular posts from this blog

java.util.scanner - How to read and add only numbers to array from a text file -

i'm learning java , have question regarding reading file want read numbers file contains strings well. here example of file: 66.56 "3 java 3-43 5-42 2.1 1 and here coding: public class test { public static void main (string [] args){ if (0 < args.length) { file x = new file(args[0]); try{ scanner in = new scanner( new fileinputstream(x)); arraylist<double> test = new arraylist<>(); while(in.hasnext()){ if(in.hasnextdouble()){ double f=in.nextdouble(); test.add(f);} else {in.next();} } catch(ioexception e) { system.err.println("exception during reading: " + e); } } my problem add 66.56,2.1 , 1 doesn't add 3 after "3 or ignores 3-43 , 5-42 can tell me how skip strings , add doubles here? thanks all said 3 ie; "3, 3-43 , 4-42 strings either u read string , split , check number @ " , - or put in space between characters , integers. jvm after compilation tre
Read more

rewrite - Trouble with Wordpress multiple custom querystrings -

i'm working on adding multiple querystring , doesn't seem work. i've found codes seems work others might i'm missing something. i want like: http://mydomain.com/board/?getyear=2013&getsometext2=sometext to http://mydomain.com/board/2013/sometext/ i added code below functions.php file. doesn't seem work should though. this works. echoing querystring gets both variable without problem. http://mydomain.com/board/2013/sometext/ but doesn't. tested querystring vis isset() seems nothing being set/get http://mydomain.com/board/2013/ function add_query_vars($vars) { $vars[] = "getyear"; $vars[] = "getsometext2"; return $vars; } add_filter('query_vars', 'add_query_vars'); function add_rewrite_rules($arules) { $anewrules = array('board/([^/]+)/([^/]+)/?$' => 'index.php?pagename=board&getyear=$matches[1]&getsometext2=$matches[2]'); $arules = $a
Read more

debian - 500 Error upon login into Plesk Admin - auth.php3? -

hello , reading this, i'm suffering 500 error after login admin panel on plesk 11.5.30. if incorrect user/pass input lgin form returns correct response. however upon successful login page jumps 500 error. i've tried using following command: /usr/bin/sw-engine-cgi -c /usr/local/psa/admin/conf/php.ini -d auto_prepend_file=auth.php3 -u psaadm this returns following: php warning: unknown: failed open stream: no such file or directory in unknown on line 0 php warning: unknown: failed open stream: no such file or directory in unknown on line 0 php fatal error: unknown: failed opening required 'auth.php3' (include_path='/opt/psa/admin/plib:/opt/psa/admin/externals') in unknown on line 0 status: 500 internal server error content-type: text/html restarting plesk achieves: /etc/init.d/psa start [ ok ing psa... [....] starting plesk engine pool manager: sw-engine-fpm. done starti
Read more