PHP - How To Login To A Site With Php?

Hey guys,

I'm kind of a n00b with PHP and i'm trying to practice by building a mock e-comm site, but i'm having a problem with my admin login form. When the information is submitted the form just clears and doesn't redirect me to the index.php file i have set-up. My knowledge of php isn't where i'd like it to be yet, so i'm here for help! I'll post the code for bpoth the admin login page and the index.php file.

ADMIN LOGIN PAGE
            |
            |
            V
<?php
session_start();
if (isset($_SESSION["username"])) {
    header("location: index.php");
    exit();
}

?>
<?php

if (isset($_POST["username"]) && isset($_POST["password"])){

   $username = $_POST["username"]; // filter everything but numbers and letters
    $password = $_POST["password"]; // filter everything but numbers and letters

    include "../storescripts/connect_to_mysql.php";
    $sql = mysql_query("SELECT id FROM admin WHERE username='$username' AND password='$password' LIMIT 1");

    $existCount = mysql_num_rows($sql); // count the row nums
    if ($existCount == 1) { // evaluate the count
        while($row = mysql_fetch_array($sql)){
             $id = $row["id"];
       }
       $_SESSION["id"] = $id;
       $_SESSION["username"] = $username;
       $_SESSION["password"] = $password;
       header("location: index.php");
         exit();
    } else {
      echo 'That information is incorrect, try again <a href="index.php">Click Here</a>';
      exit();
   }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
      <title>Store Admin Area</title>
        <link rel="stylesheet" type="text/css" href="../css/main_style.css" />
   </head>

   <body>
           <div id="wrapper">
                  <div id="text"><br />
                     <div align="left" style="margin-left:100px; margin-top:100px;">
                        <h2>Please Login To Manage The Store</h2>
                        <br /><br />
                        <form id="form1" name="form1" method="post" action="admin_login.php">
                        <strong>Username</strong>
                           <input name="username" type="text" id="username" size="40" />
                        <br /><br />
                        <strong>Password</strong>
                           <input name="password" type="password" id="password" size="40" />
                        <br />
                        <br />
                           <input type="submit" name="button" id="button" value="Login" />
                        </form>
                     </div>
           </div><!--closes wrapper-->
   </body>
</html>



INDEX.PHP FILE
           |
           |
           V

<?php
session_start();
if (!isset($_SESSION["username"])) {
    header("location: admin_login.php");
    exit();
}

$usernameID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]);
$username = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["username"]);
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]);

include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT * FROM admin WHERE id='$usernameID' AND username='$username' AND password='$password' LIMIT 1"); // query the person

$existCount = mysql_num_rows($sql); // count the row nums
if ($existCount == 0) { // evaluate the count
    echo "Your login session data is not on record in the database.";
     exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
      <title>Store Admin Area</title>
        <link rel="stylesheet" type="text/css" href="../css/main_style.css" />
   </head>

   <body>
          <div id="wrapper">
                  <div id="text"><br />
                     <div align="left" style="margin-left:100px; margin-top:100px;">
                        <h2>Hello store manager, what would you like to do today?</h2>
                        <p><a href="inventory_list.php">Manage Inventory</a><br />
                        <a href="#">Manage Blah Blah </a></p>
                     </div>
                     <br />
                  <br />
                  <br />
                </div><!--closes wrapper-->
   </body>
</html>

Any help and suggestions are greatly appreciated! Thanks!

I have 2 websites, a companies main website written in PHP and a web application they have purchased written in aspx

(main site)
www.example.com

(web app)
www.webapp.com/login.aspx?CompanyName=example

The client wants people to be able to login from their main website which then redirect to the webapp (which will be styled like their branding) without the customer realising they have left the main site.

I thought i may be able to achieve this with a simple include from a page within the main site such as;
Code: [Select]
<?php
// www.example.com/software

include"http://www.webapp.com/login.aspx?CompanyName=example";
?>
This pulls in the login page fine, however when you try to login it does not redirect, it gives a 404 error as it trys to open this URL
http://www.example.com/software/login.aspx?CompanyName=example

Is there a way of pulling in the necessary html from the aspx site to provide a login box in my clients main site but then have it redirect to the correct aspx page (on the aspx site)?

I have thought about using an iframe, but that wont redirect to the webapp upon login, but just keep everything withing the iframe

thanks for any advice...

Hi,

Having completed a site migration this am everything went well aside from issues with logging into and out of our site where two files are used and appear as white pages.

When logging into our site, proc_login.php is used and when logging out proc_logout.php is used.

Both processes result in a white "blank" page instead of the php files forwarding on.

I've no idea about php generally and have been trying my best to find useful and similar information online to attempt to resolve the problem.  I am now stuck.

The site works perfectly on my local web server, and what is really baffling me is the site also works perfectly on Domain B on the exact same server I'm trying to get the site running under as Domain A.  In other words as both Domain A & B are configured on the same host server I'm thinking all the inherited php/apache/mysql settings should be identical (or pretty much thereabouts) and therefore am more confused than ever! 

I simply don't know where to start therefore in resolving this problem.  I've tried looking in the error log file and have also played around with turning on error enabling on those specific php files to try and follow any errors, however the "errors" generated are no different than the ones present on sites where the login/logout process works just fine.

I've hopefully attached both files and if anyone could assist in helping me narrow down my search for a solution I'd be very appreciative.

Thanks.

hi

i need help an idea how can i separate members from admins
since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 )   (its session login form only that i made it work other tutorials wre too old or something)
how what i want to do is separate members and admins because admin need more rights to do
now i have idea but dont know will it work like that
what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work?
and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag?

Hello guys,

Is there on web any updated tutorial on how can I add Facebook login on my simple php login script?

How to add the ability to login with username or email for login?

 

<?php 
ob_start();
include('../header.php');
include_once("../db_connect.php");
session_start();
if(isset($_SESSION['user_id'])!="") {
	header("Location: ../dashboard");
}
if (isset($_POST['login'])) {
	$email = mysqli_real_escape_string($conn, $_POST['email']);
	$password = mysqli_real_escape_string($conn, $_POST['password']);
	$result = mysqli_query($conn, "SELECT * FROM users WHERE email = '" . $email. "' and pass = '" . md5($password). "'");
	if ($row = mysqli_fetch_array($result)) {
		$_SESSION['user_id'] = $row['uid'];
		$_SESSION['user_name'] = $row['user'];	
		$_SESSION['user_email'] = $row['email'];		
		header("Location: ../dashboard");
	} else {
		$error_message = "Incorrect Email or Password!!!";
	}
}
?>

 

Hi guys.

What I want to create is really complicated. Well I have a login system that works with post on an external website.
I have my own website, but they do not give me access to the database for security reasons, therefore I have to use their login system to verify my users.
What their website does is that it has a post, with username and password. The POST website is lets say "https://www.example.com/login".
 If login is achieved (i.e. username and password are correct), it will redirect me to "https://www.example.com/login/success" else it will redirect me to "https://www.example.com/login/retry".

So I want a PHP script that will do that post, and then according to the redirected website address it will return me TRUE for success, FALSE for not successful login.

Any idea??

Thanks

Hi guys,

Can anyone assist me. I am trying to create a login for admin and user (if user not a member click register link) below is my code: But whenever I enter the value as: Username: admin Password:123 - I got an error message "That user does not exist!"

Any suggestion and help would be appreciated.
Thanks.

login.php

<?php 

//Assigned varibale $error_msg as empty

//$error_msg = "";

session_start();

$error_msg = "";

if (isset($_POST['submit'])) {

if ($a_username = "admin" && $a_password = "123") 

{

//Define $_POST from form text feilds

$username = $_POST['username'];

$password = $_POST['password'];

//Add some stripslashes

$username = stripslashes($username);

$password = stripslashes($password);

//Check if usernmae and password is good, if it is it will start session

if ($username == $a_username && $password == $a_password)

{

session_start();

$_SESSION['session_logged'] = 'true';

$_SESSION['session_username'] = $username;

//Redirect to admin page

header("Location: admin_area.php");

}

}

$username = (isset($_POST['username'])) ? $_POST['username'] : ''; 

$password = (isset($_POST['password'])) ? $_POST['password'] : ''; 

if($username && $password) {

$connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect!");

mysql_select_db("friendsdb") or die ("Couldn't find the DB");

$query = mysql_query ("SELECT * FROM `user` WHERE username = '$username'");

$numrows = mysql_num_rows($query);

if ($numrows != 0){

while ($row = mysql_fetch_array($query)) {

$dbusername = $row['username'];

$dbpassword = $row['password'];

}

//Check to see if they are match!

if ($username == $dbusername && md5($password) == $dbpassword) {

header ("Location: user_area.php");

$_SESSION['username'] = $username;

}

else

$error_msg = "Incorrect password!";

//code of login

}else

$error_msg = "That user does not exist!";

//echo $numrows;

}

else

$error_msg = "Please enter a username and password!";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login Page</title>
</head>

<body>
<br />
<?php

require "header.php";
?><br />
<div align="center">
<table width="200" border="1">

<?php

// If $error_msg not equal to emtpy then display error message

if($error_msg!="") echo "<div id=\"error_message\"style=\"color:red; \">$error_msg</div><br />";?>

<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<!--form action="login_a.php" method="post"-->

Username: <input type="text" name="username" /><br /><br />

Password: <input type="password" name="password"  /><br /><br />

<input type="submit" name = "submit" value="Log in"  />
</form> <p> </p>

Register a <a href="register.php">New User</a>
</table>
</div>
</body>
</html>

I have several "sites" located in my html directory, and each has a "general" access point and an "administrator" access point:

/var/www/html/site1/index.php
/var/www/html/site1/administrator/index.php
/var/www/html/site2/index.php
/var/www/html/site2/administrator/index.php
/var/www/html/site3/index.php
/var/www/html/site3/administrator/index.php

All sites are similar except that data will be specific to site1, site2, or site3, etc.   Users who log onto /var/www/html/siteX/index.php are totally unrelated to those who logon to /var/www/html/siteX/administrator/index.php, will have different logon credentials, are stored in different DB tables, and each should have their own session.  If a user logs off of either the general or administrator site, it should not effect the other site even if they were previously logged on to both on the same PC (and of course not effect other sites). When a user logs off, I would like to destroy their previous cookie and associated session.  Users for either will only use https.  I am using Apache to rewrite https://www.mysite.com/ to https://mysite.com/.  While I named the administrator site "administrator" above, the administrator user has the ability to change the directory name.   I am thinking I need to use session_set_cookie_params to specify where I wish the session cookie to be stored since /var/www/html/siteX/administrator/index.php is a sub-directory to /var/www/html/siteX/index.php, but am not really sure.  Sorry for the cryptic post, but I am not very well versed in this subject. How would you recommend setting up cookies/sessions for this scenario?  Thank you

Not sure if I'm trying to achieve something totally crazy here, or if this is something pretty standard. Didn't have much luck with searching as I'm not fully down with all the terms.

(A) I have one site providing an RSS feed.
(B) I have one site I want to search, once for each of the items in the feed A.
(C) I want the results of the search in (B) to be displayed on page (C).

So for example, the feed on (A) says;

apples
bananas
oranges
cheese

I want site (B) to search for each of those terms (by passing the item in the feed (A) to the ?search= part of the URL of that page) and then show the results from THAT search on page C. Bit of a complex one, let me know if you need me to clarify. Thanks for any help! 

Hi,

My first post here is a cry for help

I have a Windows 2003 server running IIS6/PHP5, the server hosts multiple web sites.

The problem is include files that are for site A are showing on site B (each site having its own includes as part of the site files in its own site folder), though not every time, its very random, sometimes the correct includes show, sometimes ones from another site on the same server. This only occurs where the include files for both sites have the same name, such as 'inc-header.php' for example.

I can only assume PHP is caching includes and because they have the same name is showing the wrong one on other sites sometimes, if I rename them to something unique then the problem goes away, but its not a practical solution to rename all include files to unique names so I find myself looking for a 'real' fix.

I have a feeling its to do with the include_path in the php.ini, but right now its disabled with a semi-colon, and I don't want to set one as I have no global includes, all includes are site specific.

Any help would be very much appreciated!

Phil

now i use this code to show where the visitors came from to my site.

<?php
$referer=$_SERVER['HTTP_REFERER'];
echo $referer;
?>

now, i want to show the  5 latest vistors referer's site url on my site ?

Transferring data from sub-domain.site.com
Reading sub-domain.site.com

What is this all about?
I'm going to put all .. images into a separate sub-domain eg: images.site.com.
This would create a folder inside my public_HTML called "images"

Now when sites have that Transferring data, and Reading... is this .. something relating to what I want. Facebook also does it, and they get their images for the site from a sub domain, how is it all done?

I'm not sure if its entirely PHP, but I hope someone can help.

Thanks

I'm currently running a classified ads site and planning to display my own content from database combined with and external site rss. So here is what i got right now after the db query for the jobs ads (procedural php),

while ($row = mysqli_fetch_array($results, MYSQLI_ASSOC)){


echo '<div class="media margin-none">
<a class="pull-left bg-inverse innerAll text-center" href="#"><img src="'.$foto.'" share_alt="" width="100" height="100"></a>
<div class="media-body innerAll">
<h4 class="media-heading innerT">
<a href="' . $row['title'] .'-da' . $row['id_ad'] . '" class="text-inverse">'. $remuneracion .' &nbsp; ' . substr(ucfirst(strtolower($row['title'])), 0, 53) . '</a> <small class="pull-right label label-default"><i class="fa fa-fw fa-calendar-o"></i> ' . $row['date_created'] . '</small></h4>
<p>' . substr(ucfirst(strtolower($row['description'])), 0, 80) . ' ...</p>';

echo '</div>
</div>
<div class="col-separator-h"></div>';
}

echo pagination($statement,$per_page,$page, $url_filtros, $filtros);
?>

it is the while loop that i use to display ads from my database, what could be the best way to display (in this same loop?) other site's rss feed so i can show my content combined with the external rss? Thanks

Hi I made a new design for my website and I made some changes. I want to use layout for my second site. I'll like to know if my site is easier to browse through now and if you like the design better?. I test my site on internet explorer, chrome, and firefox. It is best to use site on better browsers like firefox and chrome to get a better experience of site. Thanks.   http://adjade.com