Problem after login into system

[aghahamidgol]

Hello,
I uploaded this script and it works fine ! after that i put php code of " login.php " into my  custome " index.php" now that's fine and works but after login  into system it doesnt work and redirect and the page is blank

you can try live : http://hamid-askari.ir/u2u/admin/login
if you type invalid username and password that's fine but please type valid username and password : username: emadi pasword: emadi it's work but the next page is blank !!

tnx

[aghahamidgol]

this is my ftp pictures: http://i42.tinypic.com/29v09x0.jpg
here you can see my index.php file :

Code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<?php

include_once("config.php");

// Check user not logged in already:
checkLoggedIn("no");

// Page title:
$title="Member Login Page";

// if $submit variable set, login info submitted:
if(isset($_POST["submit"])) {
//
// Check fields were filled in
//
// login must be between 4 and 15 chars containing alphanumeric chars only:
field_validator("login name", $_POST["login"], "alphanumeric", 4, 15);
// password must be between 4 and 15 chars - any characters can be used:
field_validator("password", $_POST["password"], "string", 4, 15);

// if there are $messages, errors were found in validating form data
// show the index page (where the messages will be displayed):
if($messages){
doIndex();
// note we have to explicity 'exit' from the script, otherwise
// the lines below will be processed:
exit;
}

// OK if we got this far the form field data was of the right format;
// now check the user/pass pair match those stored in the db:
/*
If checkPass() is successful (ie the login and password are ok),
then $row contains an array of data containing the login name and
password of the user.
If checkPass() is unsuccessful however, $row will simply contain
the value 'false' - and so in that case an error message is
stored in the $messages array which will be displayed to the user.
*/
    if( !($row = checkPass($_POST["login"], $_POST["password"])) ) {
// login/passwd string not correct, create an error message:
        $messages[]="Incorrect login/password, try again";
    }

/*
If there are error $messages, errors were found in validating form data above.
Call the 'doIndex()' function (which displays the login form) and exit.
*/
if($messages){
doIndex();
exit;
}

/*
If we got to this point, there were no errors - start a session using the info
returned from the db:
*/
cleanMemberSession($row["login"], $row["password"]);

// and finally forward user to members page (populating the session id in the URL):
header("Location: members.php");
} else {
// The login form wasn't filled out yet, display the login form for the user to fill in:
doIndex();
}

/*
This function displays the default 'index' page for this script.  This consists of just a simple
login form for the user to submit their username and password.
*/
function doIndex() {
/*
Import the global $messages array.
If any errors were detected above, they will be stored in the $messages array:
*/
global $messages;

/*
also import the $title for the page - note you can normally just declare all globals on one line
- ie:
global $messages, $title;
*/
global $title;

// drop out of PHP mode to display the plain HTML:
?>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<!--
 ____________________________________________________________________
|                                                                    |
|      NAME : Nice Login and Signup Panel using Mootools 1.2         |
|    AUTHOR : Jeeremie { http://web-kreation.com }                   |
|      DATE : August 3, 2008                                         |
|   LICENSE : Creative Common License 2.5                            |
|     EMAIL : info@web-kreation.com                                  |
|____________________________________________________________________|
-->

<head>
  <title><?php print $title; ?></title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />

<!-- The main style sheet -->
  <link rel="stylesheet" href="style.css" type="text/css" media="screen" />

<!-- START Fx.Slide -->
<!-- The CSS -->
  <link rel="stylesheet" href="fx.slide.css" type="text/css" media="screen" />
    <!-- Mootools - the core -->
<script type="text/javascript" src="js/mootools-1.2-core-yc.js"></script>
    <!--Toggle effect (show/hide login form) -->
<script type="text/javascript" src="js/mootools-1.2-more.js"></script>
<script type="text/javascript" src="js/fx.slide.js"></script>
<!-- END Fx.Slide -->

</head>
<?php doCSS(); ?>
<body>
<?php
// if there are any messages stored in the $messages array, call the displayErrors
// function to output them to the browser:
if($messages) { displayErrors($messages); }

/*
PHP_SELF:
The $_SERVER superglobals variable $PHP_SELF is one of the most useful predefined variables in PHP.
It contains the URI (uniform resource indicator) of the current script.
For example if this script is at http://example.com/somedir/join.php, then $_SERVER["PHP_SELF"] will contain:
/somedir/join.php

This is very useful because it means if you change the name of the script, you don't have to change every reference
to the script in <form> tags - $_SERVER["PHP_SELF"] automatically includes the current script URI!
*/
?>
<!-- Login -->
<div id="login">
<div class="loginContent">
<form action="<?php print $_SERVER["PHP_SELF"]; ?>" method="post">
<label for="log"><b>Username: </b></label>
<input class="field" type="text" name="login" id="log" value="<?php print isset($_POST["login"]) ? $_POST["login"] : "" ; ?>" maxlength="15" />
<label for="pwd"><b>Password:</b></label>
<input class="field" type="password" name="password" id="pwd"  value="" maxlength="15" />
<input type="submit" name="submit" value="" class="button_login" />
<input type="hidden" name="redirect_to" value=""/>
</form>
<div class="left">
            <label for="rememberme"><input name="rememberme" id="rememberme" class="rememberme" type="checkbox" checked="checked" value="forever" /> Remember me</label></div>
<div class="right">&nbsp;<a href="#">Lost your password?</a></div>
</div>
<div class="loginClose"><a href="#" id="closeLogin">Close Panel</a></div>
</div> <!-- /login -->

    <div id="container">
<div id="top">
<!-- login -->
<ul class="login">
    <li class="left">&nbsp;</li>
        <li>Hello Guest!</li>
<li>|</li>
<li><a id="toggleLogin" href="#">Log In</a></li>
</ul> <!-- / login -->
</div> <!-- / top -->

        <div class="clearfix"></div>


<div id="content">
<ul dir="rtl">
<li dir="rtl">
<p style="margin-top: 60px; text-align:justify" dir="rtl">برای
ورود به بخش مدیریت روی گزینه ی <b>log in</b> در بالا کلیک نمایید.</p>
</li>
<li dir="rtl">
<p style="margin-top: 60px; text-align:justify" dir="rtl">بعد از
اتمام کار در بخش مدیریت لطفا به <b>صورت کامل</b> از سیستم خارج
شوید.</p></li>
<li dir="rtl">
<p style="margin-top: 60px; text-align:justify" dir="rtl">اگر از
سیستمی خارج از سیستم شخصی خود وارد پنل مدیریت می شوید روی گزینه
ی &quot; remember me &quot; کلیک <b>نکنید</b>.</p></li>
</ul>
</div>
<p><!-- / content -->
        </p>
        <div class="clearfix"></div>
</div><!-- / container -->

</body>

</html>
<?php
}
?>

[munk]

Hi, glad you got on at last.

I would use var_dump() to 'test' the value of things at certain places - you want to test that the login details are firstly submitted correctly (so use var_dump() after this line: if(isset($_POST["submit"])) { to dump out the values in the $_POST variable.

Something like this would be ok:

Code:

if(isset($_POST["submit"])) {
    var_dump($_POST);exit;

that will dump the values in $_POST but only if it gets through that 'if' clause (ie if the submit post variable is set).  If that DOES dump out the values in $_POST, then at least you know that the form is being processed correctly... and from there you know it must be a problem further down in that if block.

If the login does work OK, you're redirected to the members.php page - you do have that set up correctly?  I suspect there's a problem there though because if the authentication is getting done properly, for some reason it's not redirecting to members.php, it's just reloading the same index.php page which it shouldn't be.

Check further on in the if block to see if the login worked ok:

Code:

    if( !($row = checkPass($_POST["login"], $_POST["password"])) ) {
// login/passwd string not correct, create an error message:
        $messages[]="Incorrect login/password, try again";
    }

you could add a var_dump() after that to dump the contents of $messages to see if there's a problem there / if the $messages:

Code:

var_dump($messages);exit;

[aghahamidgol]

i added this code but now i have this error :

array(4) { ["login"]=>  string(5) "emadi" ["password"]=>  string(5) "emadi" ["submit"]=>  string(0) "" ["redirect_to"]=>  string(0) "" }


is it possbile to send my file or give you my ftp account to make it ...

[munk]

No I can't complete any work for you I@m afraid, I can only try and help you work out why your code isn't working, you'll have to do the work yourself.  You need to try and understand what's going on, why you're doing these things, the above isn't an error message it's just telling you what's contained in the submit POST variable after you added the var_dump() line to your code.

You need to debug the code as I said above, work out why it's not being forwarded to the members.php page, if you carry on down the script adding debugging you shoudl be able to work out where it's going wrong.

You might have more luck on a PHP forum where there will be more people available to help - I don't really have time any more to help people with PHP, I've long since stopped working on PHP!  I don't mind trying, but it's really just me on this forum and there's noone else around (should probably close the forum down but hey ho!).