[PHP] Redirection problem

programming
1

Hello, I’m trying to create a login page but for some reason my authentication page isn’t redirecting properly (actually, its not redirecting at all) like it’s supposed to.

Both the login page and authentication pages are stored in the same directory. If the user leaves one of the fields blank, the authentication page is supposed to redirect back to the login form with a variable in the query string telling which error should be displayed.

Here’s the login page:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
</head>

<body>
<?php
    if(isset($_GET['unset'])) {
        switch ($_GET['unset']) {
            case 'both':
                echo "Please enter a username and password.<br />";
                break;
            case 'pword':
                echo "Please enter a password.<br />";
                break;
            case 'name':
                echo "Please enter a username.<br />";
                break;
        }
    }
?>

<form action="authenticate.php" method="post">
    Name: <input type="text" name="name" /><br />
    Password: <input type="password" name="pword" /><br />
    <input type="checkbox" name="remember_me" value="TRUE" />Remember me?<br />
    <input type="submit" name="login" value="login" />
</form>
</body>
</html>

And here’s the authentication page:

<?php
    // Make sure the server doesn't cache this file.
    header("Cache-Control: no-cache, must-revalidate");
    header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
    
    if( isset($_POST['login']) ) {
        // Check to see if any of the fields are not set.
        if( !isset($_POST['name']) && !isset($_POST['pword']) ) {
            header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/login.php?unset=both");
            exit;
        } elseif( !isset($_POST['pword']) ) {
            header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/login.php?unset=pword" );
            exit;
        } elseif( !isset($_POST['name']) ) {
            header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/login.php?unset=name" );
            exit;
        }
        
        // Set POST variables to variables that are easier to type.
        $name = $_POST['name'];
        $pword = $_POST['pword'];
        
        // Set cookie if user wants to be remembered
        if($_POST['remember_me']) {
            session_start();
            setcookie('remember', 1, (time()+60*60*24*30));
        } else {
            session_start();
            setcookie('remember', 0, (time()+60*60*24*30));
        }
        
        echo "$name, $pword";
        
    } else {
        echo "Uh oh, your not supposed to be here!";
    }
?>

The authentication page isn’t done yet but shouldn’t it redirect if one of the fields is left blank? Some help would be greatly appreciated as I can’t see the error.