|
PHP - Login Checking Error
Code: [Select]
<?php session_start(); mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("cute") or die(mysql_error()); $username = $_POST['username']; $_POST['pass'] = md5($_POST['pass']); $password = $_POST['pass']; if (isset($_POST["submit"])) { $log1 = "SELECT * FROM regis WHERE username = '$username'"; $login1 = mysql_query($log1); $log2 = "SELECT * FROM regis WHERE password = '$password'"; $login2 = mysql_query($log2); $log3 = "SELECT * FROM regis WHERE username = '$username' AND password = '$password'"; $login3 = mysql_query($log3); $row = mysql_fetch_array($login3); $number = mysql_num_rows($login3); if($login1==FALSE) { echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('This.$username.is not available.')</SCRIPT>"); } if($login2==FALSE) { echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('This.$password.is incorrect.')</SCRIPT>"); } if ($number == 0) { print "This user does not exist in our database. <a href=registration.php><input type='button' value='Register'></a>"; } if ($number > 0) { $_SESSION['username'] = $row['username']; $_SESSION['password'] = $row['password']; $_SESSION['userlevel'] = $row['userlevel']; $_SESSION['is_logged_in'] = 1; if($_SESSION['userlevel']==1) { $_SESSION['is_logged_in'] = 1; header("Location: form2.php"); } else if($_SESSION['userlevel']== 0) { $_SESSION['is_logged_in'] = 1; header("Location: form3.php"); } } } else { ?> <html> <head> <script type="text/javascript"> function a() { var x = document.login.username.value; var y = document.login.pass.value; if(x==""&& y=="") { alert("Please insert all message!"); return false; } if(x=="") { alert("Please insert an username!"); return false; } if(y=="") { alert("Please insert an password!"); return false; } } </script> </head> <body> <center> <table border="0" align="center"> <form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" onsubmit="return a()"> <tr><td colspan=2><center><h1>Login</h1></center></td></tr> <tr><td>Username:<input type="text" name="username" maxlength="40"></td></tr> <tr><td>Password:<input type="password" name="pass" maxlength="50"></td></tr> <tr align=center><td><input type="button" value="Register" ONCLICK="window.location.href='registration.php'"></a> <input type="submit" name="submit" value="Login"></td> </tr> </form> </center> </body> <?php } ?> this is login code as im want it show the error if i put any username or password error but instead it will directly show this error "if ($number == 0) { print "This user does not exist in our database. <a href=registration.php><input type='button' value='Register'></a>"; } " but im want to show this if($login1==FALSE) { echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('This.$username.is not available.')</SCRIPT>"); } if($login2==FALSE) { echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('This.$password.is incorrect.')</SCRIPT>"); } error first. may i know which code or if statement im put wrong Similar TutorialsI've decided to rewrite one a couple of my forms, to make them more user friendly. But I am having problems returning the error. I've created an array ($e) which has the field name ($e['field_name']) for the error, but it isn't displaying any errors. Here's the code: case "contact": $e = array(); if(isset($_POST['sb'])){ $fullname = $sql->real_escape_string($_POST['fullname']); $email_a = $sql->real_escape_string($_POST['email']); $email_r = $sql->real_escape_string($_POST['email_r']); $orderid = $sql->real_escape_string($_POST['orderid']); $subject = $sql->real_escape_string($_POST['subject']); $problem = $sql->real_escape_string($_POST['problem']); # Error Message function show_error($error,$evar){ $err = ' <span style="color: #ff0000"><strong>'.$error.'</strong></span>'; return $err; } # Check for isset if(!isset($_POST['fullname'])){ $e['fullname'] = show_error('Please enter your full name',$e['fullname']); } if(!isset($_POST['email_a'])){ $e['email_a'] = show_error('Please enter your email address.',$e['email_a']); } if(!isset($_POST['email_r'])){ $e['email_r'] = show_error('Please re-enter your email address.',$e['email_r']); } if(!isset($_POST['subject'])){ $e['subject'] = show_error('Select a subject.',$e['subject']); } if(!isset($_POST['problem'])){ $e['problem'] = show_error('Describe your problem.',$e['problem']); } if(isset($_POST['email']) AND isset($_POST['email_r']) AND $email_a != $email_r){ $e['email_r'] = show_error('Your email addresses do not match.',$e['email_r']); } } $content = '<h2> Customer Support - Contact</h2> <p> For technical support, sales and product related questions: <a href="'.$tech_support.'" target="_blank">Technical Support</a>.</p> <p> For downloading, ordering, refund or other store related questions, please fill out the form below:</p> <form method="post" name="csupport"> <p> Please enter your full name:<br /> <input name="fullname" type="text" value="'.$fullname.'" />'.$e['fullname'].'</p> <p> Please enter your email address:<br /> <input name="email_a" type="text" value="'.$email_a.'" />'.$e['email_a'].'<br /> Please re-enter your email address:<br /> <input name="email_r" type="text" value="'.$email_r.'" />'.$e['email_r'].'</p> <p> Please enter your order number:<br /> <input name="orderid" type="text" value="'.$orderid.'" /></p> <p> Please select a subject for your enquiry:<br /> <select name="subject"><option selected="selected" value="">--Select--</option><option value="Billing Question">Billing Question</option><option value="Cancel / Refund Order">Cancel / Refund Order</option><option value="Download Question">Download Question</option><option value="Password Issues">Password Issues</option><option value="Order Question">Order Question</option><option value="Shipping Question">Shipping Question</option><option value="Other">Other</option></select>'.$e['subject'].'</p> <p> Describe your problem as best you can:<br /> <textarea cols="45" name="problem" rows="4">'.$problem.'</textarea>'.$e['problem'].'</p> <p> <input name="sb" type="hidden" value="sb" /><input name="submit" type="submit" value="Submit" /></p> </form> '; $title = 'Contact Support'; break; Can anyone see what the problem is? Thanks can somebody please tel me how to make sure a field is a number? I have some error checking like if(empty($postcode)) { $errors[] = "Please enter your postcode"; } if(strlen($tel)<11) { $errors[] = "Please enter a phone number that is the correct length"; } But I dont know and cant find how to check for a number only. This topic has been moved to HTML Help. http://www.phpfreaks.com/forums/index.php?topic=334287.0 I have created a form where the user enters their first name, last name, work hours, and rate. I want to add a check so that once submit is pressed, the page will return an error if one of the fields was left blank. How can I do it?? I have been trying for hours... Here is my code: <html> <title> Pay Calculator </title> <form method='post' action='pay2.php'> First Name: <input type='text' name='first' value="<?php echo ($_POST['first']); ?>" <br/> Last Name: <input type='text' name='last' value="<?php echo ($_POST['last']); ?>" <br/> Hours of Work: <input type='text' name='hours' value="<?php echo ($_POST['hours']); ?>" <br/> Hourly Pay Rate: <input type='text' name='rate' value="<?php echo ($_POST['rate']); ?>" <br/> <input type='submit' value='submit'> </form> </html> <?php $pay = $_POST['pay']; $hours = $_POST['hours']; $extra = $_POST['extra']; $rate = $_POST['rate']; if ($hours > 40){ $extra=$hours-40; $hours=40; $pay=($extra*1.5*$rate)+($hours*$rate); } else { $pay=$hours*$rate; } if (empty($_POST['$first'])) {print "**Please enter your first name\n";} echo "\n Your pay is: <br /> $ $pay <br />" ; ?> Hi, I wrote a simple code to check to see if the user filled in the name field, but when I uploaded the file, it just displays the code. here 's the code. Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <?php $errors=array(); if(isset($_POST['submit'])) { validate_input(); if(count($errors) !=0) { display_form(); } else { display_form(); } } function validate_input() { global $errors; if($_POST['name'] == " "){ $errors['name']="dipshit, put your name"; } ?> <form action="" method="post" name="test"> Name: <input name="name" type="text" size="10" maxlength="15" value="<?php echo $_POST[name]; ?>"/><br /> <?php echo $errors['name']; ?> <input name="submit" type="button" value="submit" /> </form> </body> </html> First, I'd like to apologize for my behavior, I didn't really "do anything wrong per se" I just get impulsive sometimes haha bad start
I am so close to finishing this website, which I will use to sell myself as a person who fixes computers
I am stuck on this problem, for all the pages
Either I can error check but data is not recorded in the tables
Or the error checking works but data is not recorded
The problem seems to be "triggered" by removing $errors[]="";
Also I'd like to say hello to QuickOldCar
Anyway here is the php parts of a single web page, this problem is shared on all of them except the index page which has successful error checking, session data retrieval and redirecting / updating data
I've spent days trying to fix this amongst other things (pretty sad right) this is literally one of the final problems to be solved before I'm ready to get his website indexed / advertise it
Thanks for any help
<?php
ob_start();
session_start();
global $nameErr,$emailErr,$commentsErr,$hourErr,$minuteErr;
global $name,$comments,$email,$hour,$minute;
mysqli_report(MYSQLI_REPORT_ALL);
error_reporting(E_ALL);
error_reporting(-1);
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$servername = "localhost";
$username = " ";
$password = " ";
$dbname = " ";
global $link;
$link = new mysqli("$servername", "$username", "$password", "$dbname");
if($_SERVER['REQUEST_METHOD']=='POST'){
$errors = array();
if (empty($_POST["name"])) {
$nameErr = "Name is required";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "The form of the name entered is not acceptable";
}
}
if (empty($_POST["email"])) {
$emailErr = "An email is required";
} else {
$email = test_input($_POST["email"]);
}
if (empty($_POST["comments"])) {
$commentsErr = "A comment is required.";
} else {
$comments = test_input($_POST["comments"]);
// check if name only contains letters and whitespace
}
$test = $_POST['hour'];
$test1 = '$test';
if (empty($_POST['hour'])) {
$hourErr = "Please specify an hour between 12 and 8";
} else {
if (ctype_digit($_POST['hour'])) {
$hour = test_input($_POST['hour']);
}else {
$hourErr = "Only numbers are allowed";
}
}
if (empty($_POST['minute'])) {
$minuteErr = "Please specify a minute between 1 and 60";
} else {
if (ctype_digit($_POST['minute'])) {
$minute = test_input($_POST['minute']);
}
else {
$minuteErr = "Only numbers are allowed";
}
}
if(empty($errors)){
$link = new mysqli("$servername", "$username", "$password", "$dbname");
$name = test_input($_POST['name']);
$email = test_input($_POST['email']);
$comments = test_input($_POST['comments']);
$hour = test_input($_POST['hour']);
$minute = test_input($_POST['minute']);
// use the submitted data here... insert into database, send email, ...
$stmt = mysqli_prepare($link, "INSERT INTO Dropoff VALUES (?,?,?,?,?)");
$stmt->bind_param('sssii',$name,$email,$comments,$hour,$minute);
$stmt->execute();
$to = ' ';
$subject = 'Dropoff scheduled';
$message = "Check the database";
$message = wordwrap($message,70,"\r\n");
$headers = 'From: service@jakes-bytes.us'."\r\n\r\n";
mail($to,$subject,$message,$headers);
$to = $email;
$subject = 'Jakes Bytes Your Dropoff Has Been Scheduled';
$message = "Thank you for choosing Jakes Bytes computer repair shop.\r\n\r\nAttached is the information you have sent.\r\n\r\n
\r\n\r\nBelow is our address. Look for the Greek letters on our building.\r\n\r\nJake's Bytes is a private business. Please call upon arrival.\r\n\r\nThank you.\r\n\r\n169 Highgate Ave. Buffalo, NY 14215\r\n\r\nJake's Bytes is a property of Normalbus";
$message = wordwrap($message,70,"\r\n");
$headers = 'From: '."\r\n\r\n";
mail($to,$subject,$message,$headers);
// set up a status message to be displayed one time
$_SESSION['status_message'] = "Drop off scheduled successfully";
// after successfully processing any post form data, redirect to the same exact url of this page to clear the post data
$host = $_SERVER['HTTP_HOST'];
$uri = $_SERVER['REQUEST_URI']; // the path/file?query string of the page
header("Location: http://$host$uri");
exit;
$link->close();
}
}
?>
<HTML>
<html break>
<?php
if(!empty($errors)){
foreach($errors as $error){
echo '<span style="color: red">'.htmlspecialchars($error).'</span>'.'</br>'.'</br>';
}
}
if(isset($_SESSION['status_message'])){
echo '<span style="color: #ccfb5d">'.htmlspecialchars($_SESSION['status_message']).'</span>'.'</br>'.'</br>';
unset($_SESSION['status_message']); // clear the message
}
?>
<html resume>
</html>
Awe it's too bad the code paste box doesn't have highlighting, I've been spending time at other PHP forums and codingforums uses highlighting which is very helpful
Edited by mac_gyver, 28 December 2014 - 10:41 AM. link removed The below is flagging errors #3 and #9. Error #3 is being thrown even though the emails match. Code: [Select] <?php session_start(); $_SESSION['submitted']="yes"; $error=$_GET['error']; $date_rma="5/10/2011"; $content=' <div class="content_text"> <div class="content_header">Request RMA Number</div> <p>Enter the information you used on PayPal, that you completed your order with. The information must match, or a RMA Number will not be issued.</p> <form action="./rma_process.php" method="post"> <p><label>Name:</label> <input type="text" name="name" size="30" value="'.(isset($_SESSION['name']) ? $_SESSION['name'] : '').'" />'; if($error[0]==1){ $content.=' <span class="red bold">This field is required.</span>'; } $content.='</p> <p><label>E-Mail Address:</label> <input type="email" name="email" size="35" value="'.(isset($_SESSION['email']) ? $_SESSION['email'] : '').'" />'; if($error[1]==1){ $content.=' <span class="red bold">This field is required.</span>'; } $content.='</p> <p><label>Confirm E-Mail Address:</label> <input type="email" name="confirm_email" size="35" value="'.(isset($_SESSION['confirm_email']) ? $_SESSION['confirm_email'] : '').'" />'; if($error[2]==1){ $content.=' <span class="red bold">This field is required.</span>'; } if($error[3]==1){ $content.=' <span class="red bold">E-Mail addresses do not match.</span>'; } $content.='</p> <p><label>Phone Number:</label> <input type="text" name="phone" size="15" value="'.(isset($_SESSION['phone']) ? $_SESSION['phone'] : '').'" /> Ext. <input type="text" name="ext" size="4" value="'.(isset($_SESSION['ext']) ? $_SESSION['ext'] : '').'" />'; if($error[4]==1){ $content.=' <span class="red bold">A properly formatted phone number is required.</span>'; } $content.='</p> <p><label>Date of Purchase (MM/DD/YYYY):</label><input type="text" name="month" size="2" maxlength="2" value="'.(isset($_SESSION['month']) ? $_SESSION['month'] : '').'" /> <input type="text" name="day" size="2" maxlength="2" value="'.(isset($_SESSION['day']) ? $_SESSION['day'] : '').'" /> <input type="text" name="year" size="5" maxlength="4" value="'.(isset($_SESSION['year']) ? $_SESSION['year'] : '').'" />'; if($error[5]==1 || $error[6]==1 || $error[7]==1){ $content.=' <span class="red bold">A properly formatted date is required.</span>'; } $content.='</p><p><label>List the Products you wish to return. Sperate with a comma. <br />Use either the whole product name, or the GHP# Product Code:</label>'; if($error[8]==1){ $content.=' <span class="red bold">This field is required.</span>'; } $content.='<textarea name="products_returning" rows="10" cols="60"> '.(isset($_SESSION['products_returning']) ? $_SESSION['products_returning'] : '').''; $content.=' </textarea> <input type="hidden" name="submitted" value="yes" /> </p> <p><input type="submit" value="Submit" name="Submit" /></p> </form> </div> '; ?> Code: [Select] <?php session_start(); $name = $_POST['name']; $_SESSION['name']=$name; if($name==""){ $error0=1; } else{ $error0=0; } $email = $_POST['email']; $_SESSION['email']=$email; if($email==""){ $error1=1; } else{ $error1=0; } $confirm_email = $_POST['confirm_email']; $_SESSION['confirm_email']=$confirm_email; if($confirm_email==""){ $error2=1; } else{ $error2=0; } if($email!=$confirm_email){ $error3=1; } else{ $error3=0; } $phone = $_POST['phone']; $_SESSION['phone']=$phone; if($phone==""){ $error4=1; } else{ $error4=0; } $ext = $_POST['ext']; $_SESSION['ext']=$ext; $phone = $phone.' Ext.'.$ext; $month = $_POST['month']; $_SESSION['month']=$month; if($month=="" || !is_numeric($month)){ $error5=1; } else{ $error5=0; } $day = $_POST['day']; $_SESSION['day']=$day; if($day=="" || !is_numeric($day)){ $error6=1; } else{ $error6=0; } $year = $_POST['year']; $_SESSION['year']=$year; if($year=="" || !is_numeric($year)){ $error7=1; } else{ $error7=0; } $date="".$month."/".$day."/".$year.""; $products_returning = $_POST['products_returning']; $_SESSION['products_returning']=$products_returning; if($products_returning==""){ $error8=1; } else{ $error8=0; } if($_SESSION['submitted']=="yes"){ $error9=0; } else{ $error9=1; } $error="".$error0."".$error1."".$error2."".$error3."".$error4."".$error5."".$error6."".$error7."".$error8."".$error9.""; if($error!=="0000000000"){ header("Location: ./index.php?returns=rma&error=".$error0."".$error1."".$error2."".$error3."".$error4."".$error5."".$error6."".$error7."".$error8."".$error9.""); } else{ header("Location: ./index.php?returns=submitted"); } ?> I keep getting an error code when running my php, it states: Parse error: syntax error, unexpected $end in W:\www\blog\login.php on line 33 Line 33 is </html> Code: [Select] <?php mysql_connect ("localhost", "root", ""); mysql_select_db("blog"); ?> <html> <head> <title>Login</title> </head> <body> <?php if(isset($_POST['submit'])){ $name = $_POST['name']; $pass = $_POST['password']; $result = mysql_query("SELECT * FROM users WHERE name='$name' AND pass='$pass'"); $num = mysql_num_rows($result); if($num == 0){ echo "Bad login, go <a href='login.php'>back</a>"; }else{ session_start(); $SESSION ['name'] = $name; header("Location: admin.php"); } ?> <form action='login.php' method='post'> Username: <input type='text' name='name' /><br /> Password: <input type='password' name='password' /><br /> <input type='submit' name='sumbit' value='Login!' /> </form> </body> </html>Can any one advise me whats wrong? In an .html, before : <!-- BEGIN myquery --> I need to stop output and check the content of "myquery" Is there a command for that ? Thank You. Hello! I started to have problems on my admin login page. I see 3 warnings and below that, my login (but is not working now). Here´s what you see on https://www.bariloche.esp.br/administrator/login https://fonts.googleapis.com A PHP Error was encounteredSeverity: Warning Message: session_start(): Cannot send session cookie - headers already sent by (output started at /home/bariloch/public_html/administrator/index.php:2) Filename: Session/Session.php Line Number: 143 Backtrace:
File: /home/bariloch/public_html/administrator/application/controllers/Login.php
File: /home/bariloch/public_html/administrator/index.php Severity: Warning Message: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/bariloch/public_html/administrator/index.php:2) Filename: Session/Session.php Line Number: 143 Backtrace:
File: /home/bariloch/public_html/administrator/application/controllers/Login.php
File: /home/bariloch/public_html/administrator/index.php Severity: Warning Message: Cannot modify header information - headers already sent by (output started at /home/bariloch/public_html/administrator/index.php:2) Filename: helpers/url_helper.php Line Number: 564 Backtrace:
File: /home/bariloch/public_html/administrator/application/views/login.php
File: /home/bariloch/public_html/administrator/application/controllers/Login.php
File: /home/bariloch/public_html/administrator/index.php Hi, well i don't get an error from PHP but it says the username or password is incorrect
Login script
<?php
require 'connect.php';
error_reporting(E_ALL | E_NOTICE);
ini_set('display_errors', '1');
ini_set('memory_limit', '-1');
include 'footer.php';
if(isset($_POST['submit'])) {
session_start();
if(!$_POST['username'] OR !$_POST['password']) {
echo "Please make sure you enter both a username and password!";
exit();
}
$username = trim($_POST['username']);
$password = trim($_POST['password']);
$username = mysqli_real_escape_string($conn, $_POST['username']);
$password = mysqli_real_escape_string($conn, $_POST['password']);
$stmt = $conn->prepare("SELECT username,password,user_level,active FROM usrs_usr WHERE username=? AND password=?");
$stmt->bind_param("ss", $username, $password);
$stmt->execute();
$row = $stmt->fetch();
$userlevel = $row['user_level'];
$active = $row['active'];
if($stmt->num_rows > 0) {
if($row['user_level'] == 1) {
$_SESSION['user_level'] = 1;
$_SESSION['active'] = 1;
$_SESSION['loggedIn'] = 1;
echo "<meta http-equiv='refresh' content=0;admin.php>";
exit();
} else if($row['user_level'] == -1) {
$_SESSION['user_level'] = -1;
$_SESSION['active'] = 0;
$_SESSION['loggedIn'] = 0;
echo "<meta http-equiv='refresh' content=0;banned.php>";
exit();
}
$_SESSION['user_level'] = 0;
$_SESSION['active'] = 1;
$_SESSION['loggedIn'] = 1;
echo "<meta http-equiv='refresh' content=0;index.php>";
exit();
} else {
die("#~ Username or password is incorrect ~#");
}
}
?>
Hey php masters ! i ran into a problem while making my login page, im new to php so please dont rage at me the code that i think gives the problem is this: if ($numrows!=0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } if ($username==$dbusername&&$password==$dbpassword) { echo "du er logget ind $username" } else echo "Adgangskoden er Forkert"; } else die("Denne burger findes ikke"); } else die("Angiv venligst brugernavn og adgangskode"); ?> Hope you can help me - MinG ok so when user get there email or password wrong are they just submit with filling anything out they go to login.php?login_failed but it gives me This webpage has a redirect loop Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects. Code: [Select] <?php session_start(); $email = $_SESSION['email']; ?> <?php $email = mysql_real_escape_string($_POST['email']); $password = mysql_real_escape_string($_POST['password']); if(!empty($email) && isset($email) &&!empty($password) && isset($password)){ $password = md5("$password"); require "includes/init/db_con.php"; $query = mysql_query("SELECT * FROM users WHERE email = '$email'"); $numrows = mysql_num_rows($query); if($numrows != 0){ $row = mysql_fetch_assoc($query); $dbemail = $row ['email']; $dbpassword = $row ['password']; if($dbemail === $email && $dbpassword === $password){ $_SESSION['email'] = $dbemail; header("location: http://localhost/control/home.php"); }else { header('Location: login.php?login_failed'); } }else { header('Location: login.php?login_failed'); } }else { header('Location: login.php?login_failed'); } ?> <?php require "includes/overall/header.php";?> <?php if($_GET['login_failed']){ echo "Login Box will appear with messages"; } ?> <?php require "includes/overall/footer.php";?> Hi
I'm getting this error but i'm sure the file is there, this is my code where i'm having this problem
elseif($_POST["page"] == "users_login")
{
$user_utilizador = trim(strip_tags($_POST['email']));
$user_password = trim(strip_tags($_POST['passwd']));
$encrypted_md5_password = md5($user_password);
$validate_user_information = mysql_query("select * from `utilizador` where `utilizador` = '".mysql_real_escape_string($user_utilizador)."' and `password` = '".mysql_real_escape_string($encrypted_md5_password)."'");
echo $validate_user_information;
if(mysql_num_rows($validate_user_information) == 1)
{
$get_user_information = mysql_fetch_array($validate_user_information);
$_SESSION["VALID_USER_ID"] = $user_utilizador;
$_SESSION["USER_FULLNAME"] = strip_tags($get_user_information["nome"]);
echo 'index.php?uid='.$_SESSION["USER_FULLNAME"].'&';
echo 'login_process_completed_successfully=yes';
}
else
{
echo '<br><div class="info">Desculpe, a informação fornecida está errada. Corrije-a por favor. Obrigado.</div><br>';
}
}
So after the login process it should open the index.php
I have try with
header(Location: index,php) and the details are displayed in the same page as the login...
any help please?
Thanks
I don't know how to solve this error;
Parse error: syntax error, unexpected '$db' (T_VARIABLE)
code:
Hi There I have a simple cms system that I have built but for some reason the login script wont let me login to the cms. Strange thing is the script seems to works on the original database but when I changed the details to a new db it doesnt work. I have made the necessary changes for the connecting to the db etc but it just wont let me login. Can anyone help The url is drmonlinemarketing.com/cms2/loginadmin.php try login with username demo password test thanks shalli Hi, Im using the code below to check a users username and password is ligit before adding their username to their session. <?php $con = mysql_connect("localhost","user","password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("hiddenbid", $con); $username = mysql_real_escape_string($_POST['username']); $password = md5($_POST['password']); $mysql = mysql_query("SELECT * FROM users WHERE name = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql)=1){ $_SESSION['USERID'] = $username; print "<b>Welcome</b>, you are signed in as " . $_SESSION['USERID'] . "."; print "<br /><br />Redirecting..."; header ("location:index.php"); } else{ header ("location:signin.php"); } ?> Anyway, it doesnt work as I get the following error: Fatal error: Can't use function return value in write context in C:\Program Files\Abyss Web Server\htdocs\signinconfirmer.php on line 35 Any ideas what is causing this please? Also can I add a pause after the redirect message before it takes the user to the index.php page? Thanks in advance. Hi all, I've got a website, which used to work ... I have a login script which did log each user in fine, but now for some odd reason its not loggin them in, I've looked over the script quite a few times but carnt see why its not loggin then it as it use to. <?php session_start(); include_once"includes/config.php"; if (strip_tags($_GET['logout']) == "yes"){ session_destroy(); }elseif (isset($_SESSION['username'])){ header("Location: index2.php"); exit(); } if ($_POST['Submit'] && strip_tags($_POST['username']) && strip_tags($_POST['password'])){ $username = mysql_real_escape_string(addslashes(strip_tags($_POST['username']))); $password = md5(addslashes(strip_tags($_POST['password']))); $select = mysql_query("SELECT * FROM users WHERE online > '$timenow' ORDER by rank desc"); $num = mysql_num_rows($select); $date = gmdate('Y-m-d h:i:s'); $ip = $REMOTE_ADDR; ///check INFO $sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' LIMIT 1"); $login_check = mysql_num_rows($sql); $inf = mysql_fetch_object($sql); if ($login_check == "0"){ $message="<table width='30%' class='table' align='center' cellpadding='0' cellspacing='0' border='1'> <tr> <td class='header' align='center'>Error</td> </tr> <tr> <td align='center'>You could not be logged in.</td> </tr> <table><br />"; }elseif ($login_check != "0"){ if ($login_check > "0"){ if ($inf->status == "Banned"){ $encoded=md5(strtolower($username)); header("Location: banned.php?banned=$username&encoded=$encoded"); exit(); } session_register('username'); $_SESSION['username'] = $inf->username; $timestamp = time()+20; $get = mysql_query("SELECT * FROM users WHERE username='$username' LIMIT 1"); $got = mysql_fetch_object($get); $loginnumber = $got->loginnumber+1; mysql_query("UPDATE users SET online='$timestamp' WHERE username='$username'"); mysql_query("UPDATE users SET lastlogin='$date' WHERE username='$username'"); mysql_query("UPDATE users SET l_ip='$ip' WHERE username='$username'"); mysql_query("UPDATE users SET loginnumber='$loginnumber' WHERE username='$username'"); header("Location: index2.php"); } else { $message= "<table width='30%' class='table' align='center' cellpadding='0' cellspacing='0' border='1'> <tr> <td class='header' align='center'>Error</td> </tr> <tr> <td align='center'>You could not be logged in.</td> </tr> <table><br />"; }}} ?> <html> <head> <title>Login </title> <link href='style.css' rel='stylesheet' type='text/css'> </head> <body class='body'> <form action='' method='post' name='form1'> <?php echo ($message); ?> <table width='702' class='table' align='center' cellpadding='0' cellspacing='0' border='1'> <tr> <td class='header' align='center' colspan='2'>Welcome To Speed-Drive</td> </tr> <tr> <td align='center' colspan='2'><img src='images/banner.png'></td> </tr> <tr> <td class='header' align='center' colspan='2'>Speed-drive Login</td> </tr> <tr> <td width='50%' align='right'>Username:</td><td width='50%' align='left'><input name="username" class='input' type="text" maxlength="15" id="username"></td> </tr> <tr> <td width='50%' align='right'>Password:</td><td width='50%' align='left'><input name="password" class='input' type="password" maxlength="30" id="password"></td> </tr> <tr> <td colspan='2' align='center' class='omg'><input type="submit" class='button' name="Submit" value="Submit"></td> </tr> <tr> <td class='header' align='center' colspan='2'>Help</td> </tr> <tr> <td align='center' colspan='2'><a href='register.php'>Register</a> .|. <a href='lost.php'>Lost Password</a> .|. <a href='tos.php'>TOS</a></td> </tr> <tr> <td align='center' colspan='2'><br /><font color='pink'><strong><h3>This website is currently <u></font><font color='red'>closed</font><font color='pink'></u>!<br /><br />You will <u></font><font color='red'>Not</font><font color='pink'></u> be able to Register untill the website is completed.<br /><br /></font></h3> Thank you for understanding.</strong></td> </tr> </table> </form> </body> </html> Is there a small error in the script or is the Script fine? Thanks for all the help given. I had a success page redirect after the login...but the login happens even if the username and password is not entered. you can check it in colonialcasa.org here's the code for the login.php page ( i have obviously changed the server name, database and password for privacy reasons ) <? /*simple checking of the data*/ if(isset($_POST['login']) & isset($_POST['pass'])) { /*Connection to database logindb using your login name and password*/ $db=mysql_connect('servername','login','password') or die(mysql_error()); mysql_select_db('mpahost_logindb'); /*additional data checking and striping*/ $_POST['login']=mysql_real_escape_string(strip_tags(trim($_POST['login']))); $_POST['pass']=mysql_real_escape_string(strip_tags(trim($_POST['pass']))); $q=mysql_query("SELECT * FROM login WHERE login='{$_POST['login']}' AND pass='{$_POST['pass']}'",$db) or die(mysql_error()); /*If there is a matching row*/ if(mysql_num_rows($q) > 0) { $_SESSION['login'] = $_POST['login']; $login='Welcome back '.$_SESSION['login']; } else { $login= 'Wrong login or password'; } mysql_close($db); } /*Use of Sessions*/ if(!session_id()) header("Location: advocates.html"); // success page. put the URL you want header("Cache-control: private"); //avoid an IE6 bug (keep this line on top of the page) $login='NO data sent'; //you may echo the data anywhere in the file echo $login; ?> When i press login i get Fatal error: Call to a member function query() on a non-object in /home/a5347792/public_html/login.php on line 15
<?php
$dbConnection['username'] = "root";
$dbConnection['password'] = "";
$dbConnection['host'] = "localhost";
$dbConnection['db'] = "joke";
if(isset($_POST['rbLgn'])) {
$login = true;
if(isset($_POST['username'])) { $username = $_POST['username']; }
if(isset($_POST['password'])) { $password = $_POST['password']; }
if(isset($username) && isset($password)) {
$query = $db->query("SELECT * FROM `users` WHERE `username`='{$username}' AND `password`='{$password}' LIMIT 1");
if($query->num_rows > 0) {
echo "User found - logging in.";
}
else
{
echo "User not found, credentials: " . $username . " | " . $password;
}
}
}
?>
Edited by mac_gyver, 25 October 2014 - 10:21 AM. code tags when posting code please |
|||||||