# Ajax Login Script



## kurosagi01 (Apr 16, 2014)

Hey guys i need some help with this login page of mine which implements the use of Ajax.
I have followed this tutorial:
http://www.91weblessons.com/php-ajax-login-validation-tutorial/
Now assuming if i have declared my variables correctly because when i enter the login details it echos "correct" but if i didn't it echo "enter correct details" or leave the text blank it ask me to fill the spaces.
The issue is its not parsing through to the index.php script correctly,i have to refresh the page for it to take me to the index page.
Any help or advice be great here's what my codes look like:
login.php:


> <?php
> session_start();
> if(isset($_SESSION['LOGIN_STATUS']) && !empty($_SESSION['LOGIN_STATUS'])){
> header('location:index.php');
> ...


processed.php:


> <?php
> session_start();
> include_once('johndb.php');
> $message=array();
> ...


index.php:


> <?php
> session_start();
> if(!isset($_SESSION['LOGIN_STATUS'])){
> header('location:login.php');
> ...


logout.php:


> <?php
> session_start();
> session_destroy();
> header('location:login.php');
> ?>


----------



## arskatb (Apr 16, 2014)

No encryption of the received password?


----------



## kurosagi01 (Apr 16, 2014)

The only encryption i got is it display the stars instead of actual text when entered.


----------



## ste2425 (Apr 16, 2014)

```
$("#flash").hide();
if(result=='correct'){
window.location='list.php';
}
```

What is list.php? 

In your login page your redirecting to list.php after a successful ajax call. Maybe that's causing problems?


----------



## kurosagi01 (Apr 16, 2014)

To be honest the index.php was a test page,i have managed to get to direct it to the list.php which is my intended page. However instead of automatically directing me to the list page it only echos "correct" and i have to refresh my browser to display the list page.


----------



## ste2425 (Apr 16, 2014)

Excuse me but i have never used PHP before however, when making an AJAX call with AngularJS and NodeJS server side you cannot perform redirects server side due to it being an ajax call. Im assuming that your redirect is client side. I know window.location is a JavaScript thing but didn't know it there was something similar to PHP

If you stick a break point on the window.location. Is it being hit? is the result variable the value your expecting? Can there be caching issues or issues with the browser prevent the redirect?


----------



## Disparia (Apr 18, 2014)

Don't see from a glance where it's failing, but a quick tip:


```
if( !isset($_SESSION['LOGIN_STATUS']) ) {
    header('location:login.php');
    exit;
}
```

When using header() in this fashion you'll want to stop processing by exit. Header() will send an http header but the processing will continue and output sent to the requestor. In your example the worst is that you'll throw a undefined index notice ( echo $_SESSION['username']; ), but if you had somewhat important information information on that page it could be captured by anyone, not just those that have an account.


----------

