the code does not head me to the index page instead it head me to (itself) even though true user name and password is set
Code:
<?php
session_start();
if (isset($_SESSION['pass'])){
header("location:index.php");
exit();
}
//Connection to database
if(isset($_POST['enter']))
{
if($_POST['name']!=NULL && $_POST['pass']!=NULL)
{
//...
$pass1=preg_replace('#[*0-9]#i','',$_POST['pass']);
$manager1=preg_replace('#[*A-Za-z0-9]#i','',$_POST['name']);
//connect to the databases
include "../ex/connect_to_mysql.php";
//Query database
$sql=mysql_query("select password from admin where password='$pass' and name='$manager' limit 1");
$adminCount=mysql_num_rows($sql);
if($adminCount==1)
{
while($row=mysql_fetch_array($sql))
{
$pass=$row['password'];
}
$_SESSION['pass']=$pass1;
$_SESSION['manager']=$manager1;
//send to index page..
header("location:index.php");
exit();
}
else
{
echo 'The Information Is Not Correct: <a href="index.php">Click Here...!';
exit();
}
}
else
{
header("location:login.php");
exit();
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>login</title>
</head>
<body>
<form action="login.php" name="frmlog" method="post">
<table width="45%" border="1" align="center">
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td colspan="2" align="center"><h3>Enter Login Details:</h3></td>
</tr>
<tr>
<td width="32%" align="right">User Name:</td>
<td width="56%"><label for="name"></label>
<input name="name" type="text" id="name" size="30" /></td>
</tr>
<tr>
<td align="right">password:</td>
<td><label for="pass"></label>
<input name="pass" type="password" id="pass" size="30" /></td>
</tr>
<tr>
<td></td>
<td align="left"><input type="submit" name="enter" id="enter" value="Login" /></td>
</tr>
<tr>
<td colspan="2" align="center">hilaryComber ©2012</td>
</tr>
</table>
</form>
</body>
</html>
Comment