#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2013
    Posts
    120
    Rep Power
    2

    Stuck in endless loop


    So I have done php login systems before using the same methods and they all worked however I did run into this problem one other time where everytime I logged in, when the page redirected to the account page it would get stuck in an endless loop and then you'd have to kill the session to view any of the website pages. I forget what I did to solve that issue before and I'm having the exact same issue again and honestly can't figure out what I'm doing wrong. I'll post my code here so maybe someone could see if there is something wrong with it but is there a common thing that causes an endless loop usually? I tried researching it and couldn't find any answers to my issue exactly.

    login.func.php
    PHP Code:
    <?php
    function login() {
        if (!
    logged_in()) {    
        if (isset(
    $_POST['username'], $_POST['password'])){

            
    $username $_POST['username'];
            
    $password $_POST['password'];
                        
            
    $actquery mysql_query("SELECT `activated` FROM `users` WHERE `username`='$username'");
            
    $activated2 mysql_fetch_assoc($actquery);
            
    $activated $activated2['activated'];
                        
            
    $errors = array();
        
            if (empty(
    $username) || empty($password)) {
                
    $errors[] = 'Username and password are required.';
                
    $usernameclass 'field2';
                
    $passwordclass 'field2';
            } else {
            
                
    $login login_check($username$password);
            
                if (
    $login === false){
                    
    $errors[] = 'Username or password is incorrect.';
                    
    $usernameclass 'field2';
                    
    $passwordclass 'field2';
                } else {
                    if (
    $activated==0) {
                        
    $errors[] = 'Your account needs to be activated. Please check your email with instructions to activate your account.';
                    }
                }
            
            }
        
            if (!empty(
    $errors)) {
            
                foreach (
    $errors as $error) {
                    echo 
    '<span class="font15" style="color: red;">- ',$error'</span><br />';
                }
            
            } else {
                
    //log user in
                
    $_SESSION['user_id'] = $login;
                
    header('Location: settings.php');
                exit();
            }
        }
        }
        
        if (
    logged_in()) {
            
    header('Location: index.php');
            exit();
        }
    }
    ?>
    settings.func.php
    PHP Code:
    <?
    function settings() {
        if (!
    logged_in()) {
            
    header('Location: index.php');
            exit();
        }
                                
        if (isset(
    $_POST['first_name'], $_POST['last_name'], $_POST['email'], $_POST['username'], $_POST['phone'], $_POST['phone2'], $_POST['address'], $_POST['address2'], $_POST['city'], $_POST['province'], $_POST['country'], $_POST['zip'], $_POST['password'], $_POST['mailing'], $_POST['note'])) {
                                    
            
    $first_name $_POST['first_name'];
            
    $last_name $_POST['last_name'];
            
    $email $_POST['email'];
            
    $username $_POST['username'];
            
    $phone $_POST['phone'];
            
    $phone2 $_POST['phone2'];
            
    $address $_POST['address'];
            
    $address2 $_POST['address2'];
            
    $city $_POST['city'];
            
    $province $_POST['province'];
            
    $zip $_POST['zip'];
            
    $password $_POST['password'];
            
    $mailing $_POST['mailing'];
            
    $note $_POST['note'];
                                    
            
    $errors = array();
                                    
            if (empty(
    $first_name) || empty($last_name) || empty($password)) {
                
    $errors[] = 'Required field or fields are empty.';
                
    $firstnameclass 'field2';
                
    $lastnameclass 'field2';
                
    $passwordclass 'field2';
            }
            
            if (empty(
    $mailing)) {
                
    $mailing '0';
            } else {
                
    $mailing '1';
            }
            
            if (empty(
    $note)) {
                
    $note '0';
            } else {
                
    $note '1';
            }
            
            if (
    $_POST['country'] == '0') {
                
    $country '0';
            }
            
            if (
    $_POST['country'] == 'Canada') {
                
    $country 'Canada';
            }
            
            if (
    $_POST['country'] == 'United States') {
                
    $country 'United States';
            }
                                    
            if (!empty(
    $errors)) {
                foreach (
    $errors as $error) {
                    echo 
    '<span class="font15" style="color: red;">- ',$error'</span><br />';
                }
            } else {
                
    update_user($first_name$last_name$address$address2$city$province$country$zip$phone$phone2$mailing$note$password);
                                        
                
    $emailcheck mysql_query("SELECT `email` FROM `users` WHERE `email`='$email'");
                
    $usernamecheck mysql_query("SELECT `username` FROM `users` WHERE `username`='$username'");
                  
    $count mysql_num_rows($emailcheck);
                
    $count2 mysql_num_rows($usernamecheck);
                
                
    $errors2 = array();
                                    
                if(
    $count!=0){
                    
    $errors2[] = 'The email you provided is already in use.';
                    
    $emailclass 'field2';
                }
                                        
                if (
    filter_var($emailFILTER_VALIDATE_EMAIL) === false){
                    
    $errors2[] = 'The email you provided is not a valid email address.';
                    
    $emailclass 'field2';
                }
                            
                if(
    $count2!=0){
                    
    $errors2[] = 'The username you provided is already in use.';
                    
    $usernameclass 'field2';
                }
                                        
                if (empty(
    $email) || empty($username)) {
                    
    $errors2[] = 'Required field or fields are empty.';
                    
    $emailclass 'field2';
                    
    $usernameclass 'field2';
                }
        
                if (!empty(
    $errors2)) {
                    foreach (
    $errors2 as $error2) {
                        echo 
    '<span class="font15" style="color: red;">- ',$error2'</span><br />';
                    }
                } else {
                    
    update_user2($email$username);
                    
    header('Location: settings.php');
                    exit();
                }                                
            }
        }
    }
    ?>
    I checked all my webpages to make sure there were no headers that weren't exited, I double checked to see if I mispelled anything, I cleared my cache, tried moving things around and seeing if I could reach the settings page if there was no code on it after login and that didn't work. I took out the headers to test and see if that was the issue and it wasn't so I really don't know where else I'm going wrong. Thanks for your time and help in advance.
  2. #2
  3. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,908
    Rep Power
    6352
    What kind of endless loop? A redirect loop? An infinite loop in your code? An unresponsive script?
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  4. #3
  5. No Profile Picture
    Dazed&Confused
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2002
    Location
    Tempe, AZ
    Posts
    506
    Rep Power
    128
    Would help to know when/where login() is called from. If that's a check that happens on all your pages (or namely index.php) then I can see where you're getting into a redirect loop.
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2013
    Posts
    120
    Rep Power
    2
    It's a redirect loop, where firefox brings up a page that says the page redirects in a way that will never complete or google chrome brings up an endless loop error page which is the same. The login(); function is called from the login page, heres my code for that. I apologize for how messy my code turned out when putting brackets around them. I could probably attach the php file if there is an option for that on here if the code isn't readable. Thanks in advance!

    header.php (this is the only php code on this page and the header is called throughout all main pages of the website.)
    PHP Code:
    <?
                
    if (logged_in()) {
                    
                    function 
    get_username() {
                        
    $usernames = array();
                    
                        
    $username_query mysql_query("SELECT LEFT(`username`, 10) as `username` FROM `users` WHERE `user_id`=".$_SESSION['user_id']);
                    
                        while (
    $username_row mysql_fetch_assoc($username_query)) {
                            
    $usernames[] = array(
                            
    'username' => $images_row['username'],
    'email' => $images_row['email']
                            );
                        }
                        
                        return 
    $usernames;
                    }
                    
                    
    $usernames get_username();
                    
                    foreach (
    $usernames as $username2) {
                        if (
    strlen($username2['username']) > 7) {
                            
    $dots '...';
                        } else {
                            
    $dots '';
                        }
                        echo 
    '
                        <a href="settings.php" target="_self" class="font1">Hello, '
    .substr($username2['username'],0,7).$dots.'</a><br />
                        <a href="logout.php" target="_self" class="font1">Logout</a>
                        '
    ;
                    }
                } else {
                    echo 
    '
                    <a href="login.php" target="_self" class="font1">► My LTS Account</a><br />
                    <a href="register.php" target="_self" class="font1">Register</a> <span class="font1">|</span> <a href="forgotpass.php" target="_self" class="font1">Forgot Password</a>
                    '
    ;
                }
                
    ?>
    login.php
    Code:
    <div style="width: auto; height: auto; float: left;">
                        	<span class="font3">Sign In</span><br />
                            <?
    						$usernameclass = 'field';
    						$passwordclass = 'field';
    //here's the only place where the login function is called.
    						login();
                            ?>
                            </div>
                        </div><br />
                        <div style="float: left; width: 550px; height: auto; margin-top: 20px;">
                        	<form action="" method="post">
                    		<div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Username:</span>
                            </div><br />
                            <div id="usernameField" class="<? echo $usernameclass; ?>">
                    			<input type="text" id="username" name="username" class="fieldfont" border="0" size="60" style="border-style: none; background-color: transparent; overflow: hidden;" />
                    		</div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Password:</span>
                            </div><br />
                            <div id="passwordField" class="<? echo $passwordclass; ?>">
                    			<input type="password" id="password" name="password" class="fieldfont" border="0" size="60" style="border-style: none; background-color: transparent; overflow: hidden;" />
                    		</div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<a href="register.php" target="_self" class="font1">Register</a> <span class="font1">|</span> <a href="forgotpass.php" target="_self" class="font1">Forgot Password</a><br /><br />
                            	<input type="image" name="submit" src="images_folder/middle/fields/signin.png" />
                            </div>
                            </form>
                    	</div>
    settings.php
    Code:
    <div style="width: auto; height: auto; float: left;">
                        	<span class="font15" style="color: red;">
                            <?
    						settings();
    						
    						$id = $_SESSION['user_id'];
    						$data5 = user_data($id, 'email', 'username', 'first_name', 'last_name', 'address', 'address2', 'city', 'province', 'country', 'zip', 'phone', 'phone2', 'password', 'date', 'mailing', 'note', 'admin');
    						?>
                            </span>
                        	<span class="font3">Account Settings</span><br />
                            <span class="searchfont3">Account created on <? $datetime = strtotime($data5['date']); echo date('d/m/y', $datetime); ?></span><br /><br />
                            <span class="font15">You can edit your personal information, account settings and preferences here. Don't forget to save your changes when you're finished editing or your changes won't take effect.</span><br /><br />
                        	<span class="font15">All fields with an asterick(*) are required.</span><br /><br />
                        </div><br />
                        <div style="float: left; width: 550px; height: auto; margin-top: 20px;">
                        	<?
    						$firstnameclass = 'field';
    						$lastnameclass = 'field';
    						$emailclass = 'field';
    						$usernameclass = 'field';
    						$passwordclass = 'field';
    						?>
                        	<form action="" method="post">
                        	<div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">First Name:</span>
                            </div><br />
                            <div id="firstnameField" class="<? echo $firstnameclass; ?>">
                    			<input type="text" id="firstname" name="firstname" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['first_name']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                                <span style="color: red;"> *</span>
                            </div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Last Name:</span>
                            </div><br />
                            <div id="lastnameField" class="<? echo $lastnameclass; ?>">
                    			<input type="text" id="lastname" name="lastname" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['last_name']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                            	<span style="color: red;"> *</span>
                            </div><br /><br />
                    		<div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Email Address:</span>
                            </div><br />
                            <div id="emailField" class="<? echo $emailclass; ?>">
                    			<input type="text" id="email" name="email" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['email']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                    			<span style="color: red;"> *</span>
                            </div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Username:</span>
                            </div><br />
                            <div id="usernameField" class="<? echo $usernameclass; ?>">
                    			<input type="text" id="username" name="username" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['username']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                            	<span style="color: red;"> *</span>
                            </div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Primary Telephone Number:</span>
                            </div><br />
                            <div id="phoneField" class="field">
                    			<input type="text" id="phone" name="phone" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['phone']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                            </div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Secondary Telephone Number:</span>
                            </div><br />
                            <div id="phone2Field" class="field">
                    			<input type="text" id="phone" name="phone2" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['phone2']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                            </div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Address Line 1:</span><span class="font15"> (Street address, P.O. box, company name, c/o)</span>
                            </div><br />
                            <div id="addressField" class="field">
                    			<input type="text" id="address" name="address" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['address']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                            </div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Address Line 2:</span><span class="font15"> (Apartment, suite, unit, building, floor, etc.)</span>
                            </div><br />
                            <div id="address2Field" class="field">
                    			<input type="text" id="address" name="address2" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['address2']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                            </div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">City/Town:</span>
                            </div><br />
                            <div id="cityField" class="field">
                    			<input type="text" id="city" name="city" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['city']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                            </div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Province/State:</span>
                            </div><br />
                            <div id="provinceField" class="field">
                    			<input type="text" id="province" name="province" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['province']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                            </div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Country:</span>
                            </div><br />
                            <div style="float: left;">
                            <?
    						$query = mysql_query("SELECT `country` FROM `users` WHERE `id`=".$_SESSION['user_id']);
    						$query_row = mysql_fetch_assoc($query);
    						$countryselect = $query_row['country'];
    						?>
                    			<select name="country" id="country" class="fieldfont">
       								<option value="0" <?php if ($countryselect == '0') echo 'selected="selected"' ?>>Choose Country...</option>
      								<option value="Canada" <?php if ($countryselect == 'Canada') echo 'selected="selected"' ?>>Canada</option>
        							<option value="United States" <?php if ($countryselect == 'United States') echo 'selected="selected"' ?>>United States</option>
        						</select>
                            </div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Postal/Zip Code:</span>
                            </div><br />
                            <div id="zipField" class="field">
                    			<input type="text" id="zip" name="zip" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['zip']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                            </div><br /><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<span class="fieldfonttitle">Password:</span>
                            </div><br />
                            <div id="passwordField" class="<? echo $passwordclass; ?>">
                    			<input type="password" id="password" name="password" class="fieldfont" border="0" size="55" value="<? echo stripslashes($data5['password']); ?>" style="border-style: none; background-color: transparent; overflow: hidden;" />
                            	<span style="color: red;"> *</span>
                            </div><br /><br /><br /><br />
                            <div id="agreement">
                            <span class="font2"><b>Settings</b></span><br /><br />
                            <input type="checkbox" name="mailing" value="mailing" 
                            <?
    						if ($data5['mailing']=='1') {
    							echo 'checked="checked"';
    						}
    						?>
                            /> <span class="font15">Subscribe to our mailing list.</span><br />
                            <input type="checkbox" name="note" value="note" 
                            <?
    						if ($data5['note']=='1') {
    							echo 'checked="checked"';
    						}
    						?>
                            /> <span class="font15">Receive notifications from Website related to your account.</span>
                            </div><br />
                            <div>
                            <?
    						if ($data5['admin'] == '0') {
    							echo '';
    						} else {
    							echo '<a href="admin.php" class="font15"><u>Administrator Settings</u></a>';
    						}
    						?>
                            </div><br />
                            <div style="float: left; width: 550px; height: auto;">
                            	<input type="image" name="submit" src="images_folder/middle/fields/save.png" />
                            </div>
                            </form>
                    	</div>
    user.func.php
    PHP Code:
     <?php
    function logged_in(){
        return isset(
    $_SESSION['user_id']);
    }

    function 
    login_check($username$password){
        
    $username mysql_real_escape_string($username);
        
    $salt '111111';
        
    $hash hash('sha256'$salt.$password);
        
    $login_query mysql_query("SELECT COUNT(`user_id`) as `count`, `user_id` FROM `users` WHERE `username`='$username' AND `password`='$hash'");
        return(
    mysql_result($login_query0'count') == 1) ? mysql_result($login_query0'user_id') : false;
    }

    function 
    user_data(){
        
    $args func_get_args();
        
    $fields '`'.implode('`, `'$args).'`';
        
        
    $query mysql_query("SELECT $fields FROM `users` WHERE `user_id`=".$_SESSION['user_id']) or die(mysql_error());
        
    $query_result mysql_fetch_assoc($query);
        foreach (
    $args as $field) {
            
    $args[$field] = $query_result[$field];
        }
        return 
    $args;
    }

    function 
    user_data2() {
        
    $userinfo = array();
        
        
    $query mysql_fetch_assoc("SELECT `user_id`, `email`, `username`, `first_name`, `last_name`, `address`, `address2`, `city`, `province`, `country`, `zip`, `phone`, `phone2`, `password`, `admin`, `date`, `mailing`, `note` FROM users WHERE user_id=".$_SESSION['user_id']);
        
        while (
    $query_row mysql_fetch_assoc($query)) {
            
    $userinfo[] = array(
                
    'user_id' => $query_row['user_id'],
                
    'email' => $query_row['email'],
                
    'username' => $query_row['username'],
                
    'first_name' => $query_row['first_name'],
                
    'last_name' => $query_row['last_name'],
                
    'address' => $query_row['address'],
                
    'address2' => $query_row['address2'],
                
    'city' => $query_row['city'],
                
    'province' => $query_row['province'],
                
    'country' => $query_row['country'],
                
    'zip' => $query_row['zip'],
                
    'phone' => $query_row['phone'],
                
    'phone2' => $query_row['phone2'],
                
    'password' => $query_row['password'],
                
    'admin' => $query_row['admin'],
                
    'date' => $query_row['date'],
                
    'mailing' => $query_row['mailing'],
                
    'note' => $query_row['note']
            );
        }
        
        return 
    $userinfo;
    }

    function 
    user_register($email$username$first_name$last_name$phone$password$code){
        
    $email mysql_real_escape_string($email);
        
    $username mysql_real_escape_string($username);
        
    $first_name mysql_real_escape_string($first_name);
        
    $last_name mysql_real_escape_string($last_name);
        
    $phone mysql_real_escape_string($phone);
        
    $code mysql_real_escape_string($code);
        
    $salt '111111';
        
    $hash hash('sha256'$salt.$password);
        
    mysql_query("INSERT INTO `users` VALUES ('', '$email', '$username', '$first_name', '$last_name', '', '', '', '', '0', '', '$phone', '', '$hash', '$code', '0', '0', NOW(), '', '')");
        return 
    mysql_insert_id();
    }

    function 
    user_exists($email){
        
    $email mysql_real_escape_string($email);
        
    $query mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email`='$email'");
        return (
    mysql_result($query0) == 1) ? true false;
    }

    function 
    update_user($first_name$last_name$address$address2$city$province$country$zip$phone$phone2$mailing$note$password) {
        
    $first_name mysql_real_escape_string($first_name);
        
    $last_name mysql_real_escape_string($last_name);
        
    $address mysql_real_escape_string($address);
        
    $address2 mysql_real_escape_string($address2);
        
    $city mysql_real_escape_string($city);
        
    $province mysql_real_escape_string($province);
        
    $country mysql_real_escape_string($country);
        
    $zip mysql_real_escape_string($zip);
        
    $phone mysql_real_escape_string($phone);
        
    $phone2 mysql_real_escape_string($phone2);
        
    $mailing = (int)$mailing;
        
    $note = (int)$note;
        
    $salt '111111';
        
    $hash hash('sha256'$salt.$password);
        
        
    mysql_query("UPDATE `users` SET `first_name`='$first_name', `last_name`='$last_name', `address`='$address', `address2`='$address2', `city`='$city', `province`='$province', `country`='$country', `zip`='$zip', `phone`='$phone', `phone2`='$phone2', `mailing`='$mailing', `note`='$note', `password`='$hash' WHERE `user_id`=".$_SESSION['user_id']);
    }

    function 
    update_user2($email$username) {
        
    $email mysql_real_escape_string($email);
        
    $username mysql_real_escape_string($username);
        
        
    mysql_query("UPDATE `users` SET `email`='$email', `username`='$username' WHERE `user_id`=".$_SESSION['user_id']);
    }
    ?>
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2013
    Posts
    120
    Rep Power
    2
    Ok so I solved this one, there was headers trying to go to the settings.php page in some of the function files included to see if someone was logged in or not. I just took the headers out and put them directly on the pages instead of within the functions on the func.php files.

IMN logo majestic logo threadwatch logo seochat tools logo