I have a PHP Login Page, and when they login, it is supposed to go to the main page of the intranet, however, it just refreshes the page. So, I know the Username and Password are correct, it’s just not going to the main page of the intranet. Can you guys help?
I am testing it locally using wamp.
connect.php
<?php
mysql_connect("localhost", "root", "") or die("Could not connect to MySQL server!");
mysql_select_db("habbstick") or die("Could not find MySQL database");
?>
protect.php
<?php
$user = $_COOKIE['user']; //gets the user from the cookies
$pass = $_COOKIE['pass']; //gets the pass from cookies
include("connect.php"); // connects to our database
$login = mysql_query("SELECT * FROM `users` WHERE `user` = '$user' AND `pass` = '$pass`"); //selects info from our table if the row has the same user and pass that our cookies do
if(!mysql_num_rows($login)) //if the username and pass are wrong
{
header("Location: ../login.php"); //redirects to our login page
die(); //stops the page from going any further
}
?>
login.php
<?php
$act = $_GET['act']; //retrives the page action
if(empty($act)) //if there is no action
{
echo('<form action="login.php?act=auth" method="post" name="loginform" id="loginform">
<p>Username
<input type="text" name="user">
</p>
<p>Password
<input type="password" name="pass">
</p>
<p>
<input type="submit" name="Submit" value="Login">
</p>
</form>');
}
elseif($act == "auth") //if our page action = auth
{
$user = $_POST['user']; //pulls the username from the form
$pw = $_POST['pass']; //pulls the pass from the form
$pass = md5($pw); //makes our password an md5
include("connect.php"); //connects to our mysql database
$login = mysql_query("SELECT * FROM `users` WHERE `user` = '$user' AND `pass` = '$pass`"); //selects info from our table if the row has the same user and pass that our form does
if(!mysql_num_rows($login)) //if the username and pass are wrong
{
header("Location: login.php"); //redirects to our login page
die(); //stops the page from going any further
}
else
{
setcookie("user", $user, time()+3600);//sets our user cookie
setcookie("pass", $pass, time()+3600);//sets our pass cookie
header("Location: intranet/pages/main.php");
}
}
?>