I'm working on a login page and it's working great IF I insert the correct username and password. if not, it will look like this,
leave the username and password blank - blank page login.php appear
correct username, password blank - (working ok, redirect back to index.php)
blank username, wrong password - blank page login.php appear
index.php
<form class="login" action="login.php" method="post">
<b>Username:</b> <input type="text" name="username" id="username"/>
<b>Password:</b> <input type="password" name="password" id="password"/>
<input type="submit" value="login"/>
</form>
login.php
<?php
include('config.php');
$connection = mysql_connect("localhost","root","") or die ("Could Not Connect To Server".mysql_error());
$selection = mysql_select_db("permohonan_data") or die ("Could Not Connect To Database".mysql_error());
$User = null;
$Pass = null;
$username = $_POST['username'];
$password = $_POST['password'];
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql = "SELECT * FROM admin WHERE username='$username'";
$result = mysql_query($sql);
while($row = mysql_fetch_array($result))
{
$User = $row['username'];
$Pass = $row['password'];
if ($password == $Pass)
{
?>
<script languange='JavaScript'>
alert("Welcome <?php echo "$username" ?> to admin page! ");
<?php
$sql = "UPDATE admin SET status = 'AKTIF' where username = '$username' ";
$result = mysql_query($sql) or die('Cannot UPDATE.'.mysql_error());
?>
location.href='admin.php';
</script>
<?php
}
else
{
?>
<script language="javascript">
alert("Ops! Please try again!");
</script>
<script language="javascript">
location.href="index.php";
</script>
<?php
}
}
?>
why the other two doesnt redirect back to index.php?
