CODEWITHSUNDEEP
php
Josh
Josh

Reputation: 133

why isn't my error message working?

I've got a simple form for a $_Session and it's not printing my error message when the password is wrong. It works fine other than the error message and in fact the error message worked until I put header("Location: /cms/"); in. Is there something I'm doing wrong?

<?php 
session_start();
$error_msg = "";

if($_POST['username']) {

$username = $_POST['username'];
$password = $_POST['password'];

$admin = "a";
$adminpass = "s";

if(($username != $admin) || ($password != $adminpass)) {
$error_msg = 'Your login information is wrong dude!';
} 
else {
    $_SESSION['admin'] = '$username';
        header("Location: /cms/");
    exit();
}

}
if(!isset($_SESSION['admin'])) {
    header("Location: /cms/login");     
exit();
}
?>

<html>
<body>

<form action="/cms/loggedin.php" method="post" target=_self> 
<label>Username: <input type="text" name="username" id="username"></label>
<font color="#FF0000"><?php echo $error_msg; ?></font><br />

<br />
<label>Password: <input type="text" name="password" id="password"></label>
<br />
<br />
<label><input type="submit" name="Submit" value="Sign In"></label>
</form>

Upvotes: 0

Views: 69

Answers (2)

tereško
tereško

Reputation: 58444

Here is what you should change..

At the point where you check for username and password : 

if(($username != $admin) || ($password != $adminpass)) {
  $_SESSION['error'] = 'Your login information is wrong dude!';
}

In the HTML part:

<?php 
    if (isset($_SESSION['error']))
    {
        echo '<p class="warning">',$_SESSION['error'],'</p>'; 
        unset( $_SESSION['error'] );
    }
?>

Also, please learn how to write proper semantic HTML. The <font> tag has been deprecated for ~10 years already, your code is missing <!DOCTYPE of any kind and <br> tag is not for formating the layout.

Oh, and you might find this article interesting.

Upvotes: 1

Abhijit
Abhijit

Reputation: 895

header("Location: /cms/"); - this will redirect to a different page before the message is printed, so you will not see the message.

EDIT - In fact it is the header("Location: /cms/login"); that will do the redirect as in case of the error, it will not find the session variable.

Upvotes: 3

Related Questions