0

I am redirecting the user back to login page if the login inputs arenot correct. 

$sql = "select * from Driver where username=$username and pwd=$pwd";
$driver = mysql_query($sql);

if(!$driver){
  header("Location: http://domain.de/login.php");
  exit();
}

can i also pass message like "sorry, username isnot correct" to login page?

i dont want to use session. get isnot the option here

Improve this question
4
  • @Kevin, how? can you please say more words? Commented May 17, 2013 at 16:48
  • php.net/manual/en/function.urlencode.php should help you. When you append it to the URL. Make sure you use urldecode() on the other side. Commented May 17, 2013 at 16:49
  • @Kevin, thanks. working now. but can i also POST the variable? Commented May 17, 2013 at 16:56
  • You can, but it gets messy. See this question for a detailed explanation: stackoverflow.com/questions/5576619/php-redirect-with-post-data Commented May 17, 2013 at 16:59

5 Answers 5

Reset to default
1

you could do it like

header("Location: http://domain.de/login.php?error=username");

and do on the other page 

if ($_GET['error'] == 'username') {
    echo 'Sorry, username is not correct!';
}

EDIT: Watch out for SQL injection also

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

simple: i have big message and i dont want to put it to url
That's why you just use ?error=username and in the other page you use if else statements to show the big message ;)
1

You may add get paramet to location header or save message flag in session. Like this:

 $sql = "select * from Driver where username=$username and pwd=$pwd";
 $driver = mysql_query($sql);

 if(!$driver){
     header("Location: http://domain.de/login.php?wasredirect=1");
     exit();
 }

 //////// In login.php

 if (isset($_GET['wasredirect'])) {
     echo "sorry, username isnot correct";
 }

Or this:

     $sql = "select * from Driver where username=$username and pwd=$pwd";
 $driver = mysql_query($sql);

 if(!$driver){
     header("Location: http://domain.de/login.php");
     if (!isset($_SESSION)) {
         session_start();
     }
     $_SESSION['redirect'] = true;
     exit();
 }

 //////// In login.php

 if (!isset($_SESSION)) {
     session_start();
 }
 $_SESSION['redirect'] = true;
 if (isset($_SESSION['redirect']) &&$_SESSION['redirect'] ) {
     echo "sorry, username isnot correct";
     unset($_SESSION['redirect']);
 }
Improve this answer

2 Comments

i dont want to save into session. this is just a 2 second message and it doesnot have to be saved into session
You may delete value from session after "use", like in example, or add get paramter
1

I think the best solution is to load that login.php page as a part (the view) of the current script (the controller) and set a variable with the value of the message. Something like:

if(!$driver){
$message = "Sorry, username isnot correct";
} 
else {
$message = "Whatever";
}
include('login.php');

$message will be available for you inside login.php script.

Improve this answer

Comments

1

For simply giving away a message, you can add it to the URL. 

header("Location: http://domain.de/login.php?e=1234");

I recommend using error codes instead of full-length messages for better flexibility.

Note, how ever, that doing it right would require to implement a MVC pattern and then internally load the routing of the error page. But that might be too much for a small script.

I know you don´t ant feedback to your query. No need to worry, unless you are clueless about what SQL injection means.

Best regard

Zsolt

Improve this answer

Comments

-3

Change the query to:

$sql = "select * from `Driver` where `username`='$username' and `pwd`='$pwd'";

Note the backticks and single quotes

Improve this answer

3 Comments

this is not the quuestion, my query is fine
Strings in sql query which are not in quotations can make problem
in case the variable get a value as reserved mysql words, like select or order

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.