|
PHP - Simple Login Script Error Help Please.
Hi Everyone,
Just wondered if someone could quickly help me out, im building a simple login system for my website but having a little bit of trouble, the error i keep getting is: Quote Cannot modify header information - headers already sent by (output started at /home/sites/cuju8.com/public_html/include.php:18) in /home/sites/cuju8.com/public_html/login.php on line 12 I have done some research but cant find the answer to this, my login script is as follows: Code: [Select] <?php require_once('include.php'); $error = ''; $form = $_POST['submit']; $email = $_POST['email']; $password = $_POST['password']; if( isset($form) ) { if( isset($email) && isset($password) && $email !== '' && $password !== '' ) { $sql = mysql_query("SELECT * FROM `usersystem` WHERE email='$email' and password='$password';"); if( mysql_num_rows($sql) != 0 ) { //success $_SESSION['logged-in'] = true; [b]header('Location: members.php');[/b] exit; } else { $error = "Incorrect login info"; } } else { $error = 'All information is not filled out correctly';} } ?> I think its the header location code thats causing the problem but im not sure where to move it too. If anyone could help i would really appreciate it. Cheers Similar TutorialsHello, im very green to php and I am having trouble creating a simple log in script. Not sure why this is not working, maybe a mysql_query mistake? I am not receiving any errors but nothing gets updated in the members table and my error message to the user displays. any help is appreciated! here is my php: <?php session_start(); $errorMsg = ''; $email = ''; $pass = ''; if (isset($_POST['email'])) { $email = ($_POST['email']); $pass = ($_POST['password']); $email = stripslashes($email); $pass = stripslashes($pass); $email = strip_tags($email); $pass = strip_tags($pass); if ((!$email) || (!$pass)) { $errorMsg = '<font color="#FF0000">Please fill in both fields</font>'; }else { include 'scripts/connect_db.php'; $email = mysql_real_escape_string ($email); $pass = md5($pass); $sql = mysql_query("SELECT * FROM members WHERE email='$email' AND password='$pass'"); $log_check = mysql_num_rows($sql); if ($log_check > 0) { while($row = mysql_fetch_array($sql)) { $id = $row["id"]; $_SESSION['id']; $email = $row["email"]; $_SESSION['email']; $username = $row["username"]; $_session['username']; mysql_query("UPDATE members SET last_logged=now() WHERE id='$id' LIMIT 1"); }//Close while loop echo "You are logged in"; exit(); } else { $errorMsg = '<font color="#FF0000">Incorrect login data, please try again</font>'; } } } ?> and the form: <?php echo $errorMsg; ?> <form action="log_in.php" method="post"> Email:<br /> <input name="email" type="text" /><br /><br /> Password:<br /> <input name="password" type="password" /><br /><br /> <input name="myBtn" type="submit" value="Log In" /> </form> I'm very new to PhP and one of my asignments in class is to create a simple login using php and mysql. I made a simple page using html, php, and mysql and i keep getting errors. Here is my code so far: This is my index.php page: <html> <form action = 'login.php' method='POST'> Username: <input type='text' name='username'><br> Password: <input type='password' name='password'><br> <input type='submit' value='Log in'> </form> </html> This is my login.php page: <?php $username = $_POST['username']; $password = $_POST['password']; if ($username&&$password) { &connect = mysql_connect("localhost", "root", " ") or die ("Couldnt connect"); mysql_selct_db("phplogin") or die("Couldn't find db"); } else die ("Please enter a username and password"); ?> mySql file is very basic: 3 columns, id, username, password I dont think my problem is with the mySQL page that was the easiest to make but everytime I hit login in the index.php, the entire script for login.php gets outputted on screen. I would appreciate all the help. I've tried Googling this for a long time but I only find complete member systems with ugly code, not something i'm looking for. What I am looking for is just a simple tutorial or commented code to make a admin login. What it's going to do is just: Loading a MD5 salt hasched password from my MYSQL database. You'll get to fill in one field: Password. If it validates with the MYSQL password it'll show the hidden content; if not it'll just give a "not correct error". That's basicly it. I have only one page of secret admin stuff so yeah.. it would be awesome to have the ability to logout and I of curse want to have everything in sessions! It would be to big help! Hi there, I have a simple login script written but I get an error with it. It does work but shows an error on some pages. Let me explain. Three Files: Admin.php Login.html checklogin.php When the user has logged in they go to checklogin.php. If the username and password match 1 row in the database then it forwards the user to admin.php fine. Except I keep getting mysql warning messages: Warning: Cannot modify header information - headers already sent by (output started at /home/wormste1/public_html/tilburywebdesign/shop/templates/template1/admin/updatescompanyinformation.php:3) in /home/wormste1/public_html/tilburywebdesign/shop/templates/template1/admin/companyinfoupdated.php on line 3 At the start of each page I want password protected I put the following code: <? session_start(); if(!session_is_registered(myusername)){ header("location:login.html"); } ?> I can't work out why I am getting this error. Many Thanks, Ian Hey I would just like to release a simple login/register script that will work just fine and has some nice systems in it. The Login. (I will post the code then below tell you what you need to do to get it to work with MYSQL DATABASE) Create a file and call it login with the suffix .php so if you have file extensions showing on your computer it will look like "login.php" then put this code inside of it. Code: [Select] <?php session_start(); ?> <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_SESSION['user_id'])){ redirect_to("staff.php"); } ?> <?php if (isset($_POST['submit'])){ $errors = array(); // Perform validations on the form $required_fields = array('username', 'password'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); if (empty($errors)){ // Checks database to see if username and password exist their $query = "SELECT id, username FROM users WHERE username='$username' AND hashed_password='$hashed_password' LIMIT 1"; $result_set = mysql_query($query, $connection); if(!$result_set){ die("Database Query Failed: " . mysql_error()); } if (mysql_num_rows($result_set) == 1) { // The Username and Password have been found in the database and the user is verified // Only 1 Match $found_user = mysql_fetch_array($result_set); $_SESSION['user_id'] = $found_user['id']; $_SESSION['username'] = $found_user['username']; redirect_to("staff.php"); }else{ // Username and Password was not found in the database. $message = "Username/Password Combination Incorrect.<br/>Please make sure your caps lock key is off and try again."; echo $message; } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ // The Form Has Not Been Submitted if(isset($_GET['logout']) && $_GET['logout'] == 1){ echo "You Are Now Logged Out"; } if(isset($_GET['nowlogged']) && $_GET['nowlogged'] == 1){ echo "You Need to Login to reach this page."; } $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="login.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /><br /> <input type="submit" name="submit" value="Login" /><br /> </form> <p>Haven't got an account? register <a href="register.php">here!</a></p> </body> </html> Now once you have a file called "login.php" with the above code inside of it you will need to goto your mysql database and create a database with a table that has 3 fields in the following format. - id - int(11) - Auto increment - username - varchar(50) - hashed_password - varchar(40) Now search for this in the login.php code Code: [Select] define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); And This: Code: [Select] $db_select = mysql_select_db("bcooperz", $connection); And change these to your settings. Once you have done all this create a new file called register with the suffix .php as well so if you have file extensions turned on it will look like "register.php" And add this code inside it: Code: [Select] <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } ?> <?php define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","maxcooper"); define("DB_NAME","bcooperz"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_POST['submit'])){ $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); $confirmpass=$_POST['confirmpass']; $query2 = "SELECT * FROM users WHERE username='$username'"; $result2 = mysql_query($query2); $counted=mysql_num_rows($result2); $errors = array(); // Perform validations on the form $required_fields = array('username', 'password', 'confirmpass'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } if($confirmpass!=$_POST['password']){ $errors[] = "passdifference"; } if($counted > 0){ $errors[] = "User Already Created"; } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } /* The Form Has Been Submitted */ if (empty($errors)){ $query = "INSERT INTO users (username,hashed_password) VALUES ('{$username}', '{$hashed_password}')"; $result = mysql_query($query, $connection); if($result){ echo "User Successfully Created"; }else{ echo "The User Could Not Be Created" . "<br />"; echo mysql_error(); } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ /* The Form Has Not Yet Been Submitted */ $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="register.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /> Confirm Password: <input type="password" name="confirmpass" maxlength="30" value="" /><br /><br /> <input type="submit" name="submit" value="Register" /><br /> </form> <p>Already have a account? login here <a href="login.php">here!</a></p> </body> </html> Once you have done that and you have a file called "register.php" you will need to perform the final step which will be changing the database details once again on the second file ("register.php"). Thanks, Bcooperz. Please tell me if this works I have a form on my website which actions login.php. The login.php code is below: <?php include('includes/classes.php.inc'); session_start(); $link = new BaseClass(); $data = $link->query("SELECT * FROM logins"); $pass_accepted = false; if($_REQUEST['username'] && $_REQUEST['password']){ $username = $_REQUEST['username']; $password = $_REQUEST['password']; while($row = mysql_fetch_array($data)){ if(($row['username']==$useranme)&&($row['password']==$password){ echo 'Password correct!'; $_SESSION['loggedin']=true; $pass_accepted = true; } } } else { echo 'You did not enter a username or password!'; } if(!$pass_accepted){ echo 'Your password is incorrect'; } echo '<br>Please <a href="index.php">click here</a> to return to page'; ?> I have checked that my references are all correct however even when I enter the correct password it returns saying the password is incorrect. Any idea on why this could be? I am happy to answer any follow up questions. Regards Hi all, I've got a website, which used to work ... I have a login script which did log each user in fine, but now for some odd reason its not loggin them in, I've looked over the script quite a few times but carnt see why its not loggin then it as it use to. <?php session_start(); include_once"includes/config.php"; if (strip_tags($_GET['logout']) == "yes"){ session_destroy(); }elseif (isset($_SESSION['username'])){ header("Location: index2.php"); exit(); } if ($_POST['Submit'] && strip_tags($_POST['username']) && strip_tags($_POST['password'])){ $username = mysql_real_escape_string(addslashes(strip_tags($_POST['username']))); $password = md5(addslashes(strip_tags($_POST['password']))); $select = mysql_query("SELECT * FROM users WHERE online > '$timenow' ORDER by rank desc"); $num = mysql_num_rows($select); $date = gmdate('Y-m-d h:i:s'); $ip = $REMOTE_ADDR; ///check INFO $sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' LIMIT 1"); $login_check = mysql_num_rows($sql); $inf = mysql_fetch_object($sql); if ($login_check == "0"){ $message="<table width='30%' class='table' align='center' cellpadding='0' cellspacing='0' border='1'> <tr> <td class='header' align='center'>Error</td> </tr> <tr> <td align='center'>You could not be logged in.</td> </tr> <table><br />"; }elseif ($login_check != "0"){ if ($login_check > "0"){ if ($inf->status == "Banned"){ $encoded=md5(strtolower($username)); header("Location: banned.php?banned=$username&encoded=$encoded"); exit(); } session_register('username'); $_SESSION['username'] = $inf->username; $timestamp = time()+20; $get = mysql_query("SELECT * FROM users WHERE username='$username' LIMIT 1"); $got = mysql_fetch_object($get); $loginnumber = $got->loginnumber+1; mysql_query("UPDATE users SET online='$timestamp' WHERE username='$username'"); mysql_query("UPDATE users SET lastlogin='$date' WHERE username='$username'"); mysql_query("UPDATE users SET l_ip='$ip' WHERE username='$username'"); mysql_query("UPDATE users SET loginnumber='$loginnumber' WHERE username='$username'"); header("Location: index2.php"); } else { $message= "<table width='30%' class='table' align='center' cellpadding='0' cellspacing='0' border='1'> <tr> <td class='header' align='center'>Error</td> </tr> <tr> <td align='center'>You could not be logged in.</td> </tr> <table><br />"; }}} ?> <html> <head> <title>Login </title> <link href='style.css' rel='stylesheet' type='text/css'> </head> <body class='body'> <form action='' method='post' name='form1'> <?php echo ($message); ?> <table width='702' class='table' align='center' cellpadding='0' cellspacing='0' border='1'> <tr> <td class='header' align='center' colspan='2'>Welcome To Speed-Drive</td> </tr> <tr> <td align='center' colspan='2'><img src='images/banner.png'></td> </tr> <tr> <td class='header' align='center' colspan='2'>Speed-drive Login</td> </tr> <tr> <td width='50%' align='right'>Username:</td><td width='50%' align='left'><input name="username" class='input' type="text" maxlength="15" id="username"></td> </tr> <tr> <td width='50%' align='right'>Password:</td><td width='50%' align='left'><input name="password" class='input' type="password" maxlength="30" id="password"></td> </tr> <tr> <td colspan='2' align='center' class='omg'><input type="submit" class='button' name="Submit" value="Submit"></td> </tr> <tr> <td class='header' align='center' colspan='2'>Help</td> </tr> <tr> <td align='center' colspan='2'><a href='register.php'>Register</a> .|. <a href='lost.php'>Lost Password</a> .|. <a href='tos.php'>TOS</a></td> </tr> <tr> <td align='center' colspan='2'><br /><font color='pink'><strong><h3>This website is currently <u></font><font color='red'>closed</font><font color='pink'></u>!<br /><br />You will <u></font><font color='red'>Not</font><font color='pink'></u> be able to Register untill the website is completed.<br /><br /></font></h3> Thank you for understanding.</strong></td> </tr> </table> </form> </body> </html> Is there a small error in the script or is the Script fine? Thanks for all the help given. Hi, Im using the code below to check a users username and password is ligit before adding their username to their session. <?php $con = mysql_connect("localhost","user","password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("hiddenbid", $con); $username = mysql_real_escape_string($_POST['username']); $password = md5($_POST['password']); $mysql = mysql_query("SELECT * FROM users WHERE name = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql)=1){ $_SESSION['USERID'] = $username; print "<b>Welcome</b>, you are signed in as " . $_SESSION['USERID'] . "."; print "<br /><br />Redirecting..."; header ("location:index.php"); } else{ header ("location:signin.php"); } ?> Anyway, it doesnt work as I get the following error: Fatal error: Can't use function return value in write context in C:\Program Files\Abyss Web Server\htdocs\signinconfirmer.php on line 35 Any ideas what is causing this please? Also can I add a pause after the redirect message before it takes the user to the index.php page? Thanks in advance. ok..ive done this a million times..i have a working example here and i copied it and amended it for this new project but for some reason i cant get a form to post data to another page. this is the error message i get Notice: Undefined index: username in C:\wamp\www\uni\fyp\site\mobile\login.php on line 16 Notice: Undefined index: password in C:\wamp\www\uni\fyp\site\mobile\login.php on line 17 here is my form code: <form method="post" action="login.php"> <table align="center" cellpadding="0" cellspacing="0"> <tr> <td style="vertical-align:top;">Username: </td><td><input type="text" name="username" value="" /></td> </tr> <tr> <td style="vertical-align:top;">Password: </td><td><input type="password" name="password" value="" /><br /><input type="submit" id="submit" value="Login" /></td> </tr> </table> </form> and here is the code within the login.php where the form should post to $username = $_POST['username']; $password = $_POST['password']; // Help protect against MySQL injection $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); // Selecting data from database where correct username and password are found $sql="SELECT * FROM customer WHERE username='$username' and password='$password'"; $result=mysql_query($sql) or die(mysql_error()); i cant see anything wrong..been looking for hours...please please help me Hi everybody, my goal is to get the IP of someone accesing the site, writing the time and date along with his IP into the database. Of course, I would be adding the script to my frontpage when I make it work. But I get this error: Quote Parse error: syntax error, unexpected T_VARIABLE in D:\Program Files\xampp\xampp\htdocs\script1.php on line 8 I've checked line 8, I dont find anything in it that is out of place. Here is the code: <?php $ip = $_SERVER['REMOTE_ADDR']; $date = date("m.d.y"); $time = time(); mysql_connect ("localhost", "root", "********") or die ('Error: '. mysql_error()); mysql_select_db ("ip"); $query = "INSERT INTO ipdo (time, date, ip) VALUES ('"$time"', '"$date"', '"$ip"')"; mysql_query($query) or die ('Error updating database'); echo "Database updated with: " .$ip. "" ; ?> This is the first script I write entirely on my own, so be gentle Help? PHP = 5.5.14
MySQL = 5.2.17
I've cloned a mysqli_connect() statement in a 'require' file placed in a non-public access location on the server. It's the same format (and location) currently working fine with another application, EXCEPT i changed the database name to what I need to use for this application, AND added the $con= part on the front end to substitute for the commented out $con= line in the example code I'm modifying to insert data into a new MySQL DB Table.
The dB Table is fine and I have Inserted data via myPHPAdmin with no problems. Only two form variables are in the simple PHP script thus far just to test if it will work before proceeding.
I've used pseudonames for the actual /home/.... location and filename, and am now Baffled about the Line 2 Error Message I'm getting (below the code).
<?php
require '/home/myusername/domains/mydomain.com/myclonedrequire.php';
//$con=mysqli_connect("example","uid","pwd","my_db");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$year = mysqli_real_escape_string($con, $_POST['year']);
$callsign = mysqli_real_escape_string($con, $_POST['callsign']);
$sql="INSERT INTO `lqplogs` (`year`, `callsign`)
VALUES ('$year', '$callsign');
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
echo "1 record added";
mysqli_close($con);
?>
ERROR Message:
Warning: Unexpected character in input: '\' (ASCII=92) state=1 in (above file & location) on line 2
There are NO '\' characters in any of my files.
Here is the simple Form file code:
<?php ?> <html: <head><title></title></head> <body> <form action="insert.php" method="post"> YEAR: <input type="text" name="year"> CALLSIGN: <input type="text" name="callsign"> <input type="submit"> </form> </body> </html> <?php ?>Thanks for any assistance! -FreakingOUT Hello guys, Is there on web any updated tutorial on how can I add Facebook login on my simple php login script? I keep getting an error code when running my php, it states: Parse error: syntax error, unexpected $end in W:\www\blog\login.php on line 33 Line 33 is </html> Code: [Select] <?php mysql_connect ("localhost", "root", ""); mysql_select_db("blog"); ?> <html> <head> <title>Login</title> </head> <body> <?php if(isset($_POST['submit'])){ $name = $_POST['name']; $pass = $_POST['password']; $result = mysql_query("SELECT * FROM users WHERE name='$name' AND pass='$pass'"); $num = mysql_num_rows($result); if($num == 0){ echo "Bad login, go <a href='login.php'>back</a>"; }else{ session_start(); $SESSION ['name'] = $name; header("Location: admin.php"); } ?> <form action='login.php' method='post'> Username: <input type='text' name='name' /><br /> Password: <input type='password' name='password' /><br /> <input type='submit' name='sumbit' value='Login!' /> </form> </body> </html>Can any one advise me whats wrong? Dear PHPFreaks, I am new to PHP. Currently I'm trying to get a PHP login to write to file and use that file to register member and then allow users to login by reading through the file. Here is the code so far. Any help would be grateful. <body> <form action="register.php" method="post"> <h2>Register:</h2> <p> <label for="runame">Username:</label> <input name="runame" id="runame" value="" type="text" /> </p> <p> <label for="rpword">Password:</label> <input name="rpword" id="rpword" type="password" /> </p> <p> <input name="register" value="Register here" type="submit" /> </p> </form> </body> register.php <?php if (isset($_POST['submit'])) { $runame = $_POST['uname']; $rpword = $_POST['pword']; $category = "user"; } $fh = fopen("password.txt","a+"); $data = $runame . ":" . $rpword . ":" . $category . "\n"; fwrite($fh, $data); fclose($fh); ?> My error happens on line #81 Hello, I created a simple login script, taht has a hard coded user/pass. Yet for some reason it will not work, keeps redirecting to the main login page Here is the code Login Page Code: [Select] <table width='400' border='0' align='center' cellpadding='0' cellspacing='0'> <tr> <td>UserName:</td> <td><form action="loginscript.php" method="post"> <input name="username" type="text" size="10"></td> </tr> <tr> <td>Password:</td> <td><input name="password" type="password" size="10"></td> </tr> <tr> <td colspan='2' align='center'><input name="Submit" type="submit" value="Submit"></form></td> </tr> </table> Login Script Code: [Select] <?php session_start(); $pass = strtolower($_POST['password']); $name = strtolower($_POST['username']); if($name == "test" && $pass == "test"){ header ("location: select.php"); } else{ // invalid login, so go back ... header ("location: index.php"); } ?> Select.php Code: [Select] <?php session_start(); if(isset($_SESSION['myuser'])){ } else{ header ("location: index.php"); } ?> ANy ideas why it is not working. It doesnt seem like it is going through the login on the loginscript as all it does is redirect back to index page over and over again I am trying to learn php and I cannot figure out how to get a simple login form going. I am getting this error.
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given
I have no clue what I am doing wrong. I am following the "HowTo".
Here is my code
Index.php ( Login Form )
<form name="form1" method="post" action="checklogin.php">
<div id="wrappermiddle">
<h2>Login</h2>
<div id="username_input">
<div id="username_inputleft"></div>
<div id="username_inputmiddle">
<input name="myusername" type="text" id="myusername" value="Email Address">
<img id="url_user" src="./images/mailicon.png" alt="">
</div>
<div id="username_inputright"></div>
</div>
<div id="password_input">
<div id="password_inputleft"></div>
<div id="password_inputmiddle">
<input name="mypassword" type="text" id="mypassword" value="Password">
<img id="url_password" src="./images/passicon.png" alt="">
</div>
<div id="password_inputright"></div>
</div>
<div id="submit">
<input type="image" src="./images/submit.png" name="Submit" value="Login">
</form>
</div>
checklogin.php
<?php
$host="localhost"; // Host name
$username="MY DB USER"; // Mysql username
$password="Password"; // Mysql password
$db_name="MY DB Name"; // Database name
$tbl_name="admin"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
Any help would be greatly appreciated.
Edited by Oblivion13, 07 October 2014 - 05:25 PM. |
|||||||