Android: http login request being redirected in php? -
so follow this post. attempting log in using code in post linked. works, believe there going on in login.php file i'm unaware of. here of login.php file, apologize in advance wall of code.
<?php session_start(); error_reporting(e_all^ e_notice); //include connection , variable defination page include("include/server.php"); include("include/function.php"); //checking form has been submit user or not if(isset($_post['cmdsubmit']) , $_post['cmdsubmit']="login") { //$reflink = $_server['http_referer']; $reflink = "index.php?err_msg=1"; $user = addslashes($_post['username']); $pass = addslashes($_post['password']); $remember = $_post['remember']; $strerrormessage = ""; if($user==""){ $strerrormessage = "user name can not blank"; } if($pass==""){ $strerrormessage = "password can not blank"; } if($user=="" , $pass==""){ $strerrormessage = "user name , password can not blank"; } if($strerrormessage=="") { if(isset($_post['remember'])){ //removing cookie @ set user name password in cookies unset($_cookie[session_name()]); setcookie("usernamex", $_post['username'], time()+60*60*24*100); setcookie("userpassx", $_post['password'], time()+60*60*24*100); setcookie("rememberx", $_post['remember'], time()+60*60*24*100); }else{ if(isset($_cookie['rememberx']) && isset($_cookie['usernamex']) && isset($_cookie['userpassx'])) { unset($_cookie[session_name()]); setcookie("usernamex", $_post['username'], time()); setcookie("userpassx", $_post['password'], time()); setcookie("rememberx", $_post['remember'], time()); } } $sqllogin = "select * member_mast username = '".$user."' , password = '".$pass."' , is_deleted_flg=0 , is_profile=0"; $querylogin = mysql_query($sqllogin) or die(mysql_error()." please check query"); $totlogin = mysql_num_rows($querylogin); //here checking user authorized or not if($totlogin>0) { $rslogin = mysql_fetch_array($querylogin); $_session['uid'] = trim($rslogin['username']); $_session['memberid'] = trim($rslogin['user_id']); $_session['usertype'] = trim($rslogin['member_role']); if(isset($_post["page"]) , trim($_post["page"])!="") { $pagename = trim($_post["page"]); $pagepassid = trim($_post["pageid"]); $redirect_url = "http://www.fakesite.com/fspv2/welcome.php?page=".$pagename."&pageid=".$pagepassid; } else { //$redirect_url = "http://www.fakesite.com/fspv2/welcome.php"; //$redirect_url = "welcome.php"; $redirect_url = "welcome.php"; } //header("location: ".$redirect_url); ?> <script>window.location.href="<?php echo $redirect_url; ?>";</script> <!-- <meta http-equiv="refresh" content="0;url=<?php echo $redirect_url; ?>"> --> <?php } else { $displaymessage = "login failed. if authorized, try again"; session_destroy(); $state = "inv"; $_session['username'] = $_post['username']; $_session['password'] = $_post['pass']; $username = $_session['username']; $password = $_session['password']; ?> <script>window.location.href="<?php echo $reflink; ?>";</script> <?php } } else { $state = "inv"; $_session['username'] = $_post['userid']; $_session['password'] = $_post['pass']; $username = $_session['username']; $password = $_session['password']; $displaymessage = $strerrormessage; ?> <script>window.location.href="<?php echo $reflink; ?>";</script> <?php } } //header("location: ".$reflink); ?> <!--<script>window.location.href="<?php echo $reflink; ?>";</script>--> <!-- <meta http-equiv="refresh" content="0;url=<?php echo $reflink; ?>"> -->
now when connect login.php doesnt matter if username/pw valid or not. response this
05-18 17:08:50.160: v/response(30797): <!--<script>window.location.href="";</script>--> <!-- <meta http-equiv="refresh" content="0;url="> -->
which looks though it's javascript
attempting redirect me because it's mobile device. redirect can find in there redirect client "welcome.php" if logged in. there not appear mobile login.php redirect in here (i may wrong) should noted did not design site or of files i'm trying access via android software, have access files. my question if not file/url should accessing, is, or how find it? if need see other code please ask. thanks!
check if following line results true condition:
if($totlogin>0)
Comments
Post a Comment