Not Going to Header

I have a PHP Login Page, and when they login, it is supposed to go to the main page of the intranet, however, it just refreshes the page. So, I know the Username and Password are correct, it’s just not going to the main page of the intranet. Can you guys help?

I am testing it locally using wamp.

connect.php

<?php 
mysql_connect("localhost", "root", "") or die("Could not connect to MySQL server!");
mysql_select_db("habbstick") or die("Could not find MySQL database");
?>

protect.php

&lt;?php  
$user = $_COOKIE['user']; //gets the user from the cookies
$pass = $_COOKIE['pass']; //gets the pass from cookies
include("connect.php"); // connects to our database
$login = mysql_query("SELECT * FROM `users` WHERE `user` = '$user' AND `pass` = '$pass`"); //selects info from our table if the row has the same user and pass that our cookies do
if(!mysql_num_rows($login)) //if the username and pass are wrong
{
  header("Location: ../login.php");  //redirects to our login page
  die(); //stops the page from going any further
}
?>

login.php

<?php 
$act = $_GET['act']; //retrives the page action
if(empty($act)) //if there is no action
{
  echo('<form action="login.php?act=auth" method="post" name="loginform" id="loginform">
  <p>Username
  <input type="text" name="user">
  </p>
  <p>Password
  <input type="password" name="pass">
  </p>
  <p>
  <input type="submit" name="Submit" value="Login">
  </p>
  </form>');
}
elseif($act == "auth") //if our page action = auth
{
  $user = $_POST['user']; //pulls the username from the form
  $pw = $_POST['pass']; //pulls the pass from the form
  $pass = md5($pw); //makes our password an md5
  include("connect.php"); //connects to our mysql database
  $login = mysql_query("SELECT * FROM `users` WHERE `user` = '$user' AND `pass` = '$pass`"); //selects info from our table if the row has the same user and pass that our form does
  if(!mysql_num_rows($login)) //if the username and pass are wrong
  {
        header("Location: login.php");  //redirects to our login page
        die(); //stops the page from going any further
  }
  else
  {
        setcookie("user", $user, time()+3600);//sets our user cookie
                setcookie("pass", $pass, time()+3600);//sets our pass cookie
                header("Location: intranet/pages/main.php");
  } 
}
?&gt;

you just need to do some basic debugging


$login = mysql_query("SELECT * FROM `users` WHERE `user` = '$user' AND `pass` = '$pass`");

Not certain its the only issue but the last back-tick needs to be replaced with a single closing quote. Otherwise, the SQL is malformed.

You can check the users like this::::
$check = mysql_query(“SELECT * FROM users WHERE user= '”.$_POST[‘user’].“'”) or die(mysql_error());

//Gives error if user dosen’t exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die(‘That user does not exist in our database. <a href=reg.php>Click Here to Register</a>’);
}
while($info = mysql_fetch_array( $check ))
{
//gives error if the password is wrong
if ($_POST[‘pass’] != $info[‘pass’]) {
die(‘Incorrect password, please try again.’);
}
else
{
// if login is ok then we add a cookie

setcookie(“user”, $user, time()+3600);//sets our user cookie

            setcookie("pass", $pass, time()+3600);//sets our pass cookie

            header("Location: intranet/pages/main.php");

your code is vulnerable to sql injection.

you should sanitise all user inputs with [fphp]mysql_real_escape_string[/fphp] or use prepared statements.

and if you set a ccokie after a user logs in, what is your Plan B for users who have cookies switched off in their browser?

I wouldn’t recomend using cookies at all but if you must for some reason I certainly would not be storing the password in a cookie.

An effective way to do that, and the way that’s advised by the PHP documentation, is to use sprintf with mysql_real_escape_string


$sql = sprintf('SELECT * FROM `users` WHERE `user` = "%s" AND `pass` = "%s"',
    mysql_real_escape_string($user),
    mysql_real_escape_string($pass)
);
$result = mysql_query($sql);
if(!mysql_num_rows($result)) {
    ...
}