I have set up a website using php and my login script keeps returning me to an error page 403 - Forbidden. I am running the website on my local machine and there it works just fine.
Here’s the php-logon-script, please advice.
<?php
session_start();
require 'dbconn.php';
if ( mysqli_connect_error() ) {
exit('Failed to connect to MySQL: ' . mysqli_connect_error());
}
if ( !isset($_POST['username'], $_POST['password']) ) {
exit('Please fill both the username and password fields!');
}
if ($stmt = $con->prepare('SELECT id, password FROM users WHERE username = ?')) {
$stmt->bind_param('s', $_POST['username']);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
$stmt->bind_result($id, $password);
$stmt->fetch();
if (password_verify($_POST['password'], $password)) {
session_regenerate_id();
$_SESSION['loggedin'] = TRUE;
$_SESSION['name'] = $_POST['username'];
$_SESSION['id'] = $id;
header('Location: ../teampagina.php');
} else {
header('Location: ../index.php?error=IncorrectPassword');
}
} else {
header('Location: ../index.php?error=IncorrectUsername');
}
$stmt->close();
mysqli_close($con);
}
?>
When I check it is there alright.
This website has been running on the server for several months and has been working fine. (see zhv21.epizy.com). After I made several improvements it stopped working and I don’t know why…
Thank you for your reply, I moved up the require statements and checked the location of files dbconn.php and authenticate.php wich is in the Includes folder.
However I still get the same error message. Any help is more then welcome. I would like to emphasise this code works fine on my local server, I have following php configuration:
Are you sure you have the correct htdocs folder? Please screenshot the entire homepage of the client area, and make sure the “Account Info” and “Account Domains” sections are viewable in the screenshot.