Login page not redirect to target location?

Hi everyone please help i have developed my first website www.ncrwallpaper.com its under testing.
My problem is that whenever i login on from login page.
1st its not redirect to target page
2nd its already logged in but in current page its not showing…

here is my code

    <input type="hidden" name="redirurl" value="<? echo $_SERVER['HTTP_REFERER']; ?>" />
    <?php  include_once('top.php'); ?> 
    $c=$mysqli->query("select * from users where email='$a' and pass='$b'");
   //value assign in session_id


    $url = $_SESSION['url']; // holds url for last page visited.
    $url = "index.php"; 

    echo "<center><span id='error'>Please enter valid email id and password</span></center>";
            <h2>Login here</h2>
            <form action="#" method="post" enctype="multipart/form-data">
              <div class="form-group">
                <label class="control-label" for="input-email">E-Mail Address</label>
                <input type="email" name="email" placeholder="E-Mail Address" id="input-email" class="form-control" required autofocus/>
              <div class="form-group">
                <label class="control-label" for="input-password">Password</label>
                <input type="password" name="pass" placeholder="Password" id="input-password" class="form-control" required/>
              <input type="submit" value="Login" class="btn btn-primary" name="login" />

Please prepend each line of your code with 4 spaces so we can read HTML tags (they’re stripped by forum’s parser now).

Hi megazoid i have arranged the code please check.

It would also help if you enclose your code by 3 tick marks ``` - 3 before 3 after

1 Like

Looks like you did that only for PHP lines as HTML of the form is still stripped

I see how you are checking for $_SESSION['url'] but where its value should come from?
There is hidden input:

<input type="hidden" name="redirurl" value="<? echo $_SERVER['HTTP_REFERER']; ?>" />

but its value never used in the code

Step 1: Never store passwords as plaintext.
Step 2: put a space in the header. header(“Location: $url”);
Step 3: This code has no concept of a user already being logged in, unless that logic is hidden inside top.php.
Step 4: You cannot send a header AFTER outputting anything to the screen, or closing a PHP block. You close a PHP block in line 4, output HTML in line 5, probably output more HTML in the included file of line 6…

I would also suggest that you never use short tags but always use <?php (line 5)

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.