PHP - Simple Login Script But Form Wont Post Data :(

Hi there,

I have a simple login script written but I get an error with it.  It does work but shows an error on some pages.

Let me explain.

Three Files:

Admin.php
Login.html
checklogin.php

When the user has logged in they go to checklogin.php.  If the username and password match 1 row in the database then it forwards the user to admin.php fine.  Except I keep getting mysql warning messages:

Warning: Cannot modify header information - headers already sent by (output started at /home/wormste1/public_html/tilburywebdesign/shop/templates/template1/admin/updatescompanyinformation.php:3) in /home/wormste1/public_html/tilburywebdesign/shop/templates/template1/admin/companyinfoupdated.php on line 3


At the start of each page I want password protected I put the following code:

<? 
session_start();
if(!session_is_registered(myusername)){
header("location:login.html");
}
?>

I can't work out why I am getting this error.

Many Thanks,
Ian

Hey I would just like to release a simple login/register script that will work just fine and has some nice systems in it.

The Login. (I will post the code then below tell you what you need to do to get it to work with MYSQL DATABASE)
Create a file and call it login with the suffix .php so if you have file extensions showing on your computer it will look like "login.php" then put this code inside of it.
Code: [Select]
<?php session_start(); ?>
<?php
function mysql_prep($value) {
$magic_quotes_active = get_magic_quotes_gpc();
$new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0
if($new_enough_php){ // PHP v4.3.0 or higher
if ($magic_quotes_active){ $value = stripslashes($value); }
$value = mysql_real_escape_string($value);
}else{ //Before PHP v4.3.0
//if magic quotes aren't already on then add slahes manually
if(!$magic_quotes_active){ $value = addslashes($value); }
// if magic quotes are active then the slashes already exist
}
return $value;
}

function redirect_to($location = NULL){
if($location != NULL){
header("Location: {$location}");
exit;
}
}
define("DB_SERVER","localhost");
define("DB_USER","root");
define("DB_PASS","yourpassword");
define("DB_NAME","yourdatabasename");
$connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS);
if(!$connection){
die("Database Connection Failed: " . mysql_error());
}
$db_select = mysql_select_db("bcooperz", $connection);
if(!$db_select){
die("Connection to database failed: " . mysql_error());
}
?>
<?php
if(isset($_SESSION['user_id'])){
redirect_to("staff.php");
}
?>
<?php
if (isset($_POST['submit'])){
$errors = array();

// Perform validations on the form
$required_fields = array('username', 'password');
foreach($required_fields as $fieldname){
if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){
$errors[] = $fieldname;
}
}

$field_with_lengths = array('username' => 30, 'password' => 30);
foreach($field_with_lengths as $fieldname => $maxlength) {
if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) {
$errors[] = $fieldname; }
}

$username = trim(mysql_prep($_POST['username']));
$password = trim(mysql_prep($_POST['password']));
$hashed_password = sha1($password);

if (empty($errors)){
// Checks database to see if username and password exist their
$query = "SELECT id, username FROM users WHERE username='$username' AND hashed_password='$hashed_password' LIMIT 1";
$result_set = mysql_query($query, $connection);
if(!$result_set){
die("Database Query Failed: " . mysql_error());
}
if (mysql_num_rows($result_set) == 1) {
// The Username and Password have been found in the database and the user is verified
// Only 1 Match
$found_user = mysql_fetch_array($result_set);
$_SESSION['user_id'] = $found_user['id'];
$_SESSION['username'] = $found_user['username'];
redirect_to("staff.php");
}else{
// Username and Password was not found in the database.
$message = "Username/Password Combination Incorrect.<br/>Please make sure your caps lock key is off and try again.";
echo $message;
}
}else{
$count = count($errors);
if($count == 1){
echo "Their Was {$count} Error In The Form" . "<br />";
print_r(implode(", ", $errors));
}else{
echo "Their Was {$count} Error's In The Form" . "<br />";
echo "<b>";
print_r(implode(", ", $errors));
echo "</b>";
}
}
}else{
// The Form Has Not Been Submitted
if(isset($_GET['logout']) && $_GET['logout'] == 1){
echo "You Are Now Logged Out";
}
if(isset($_GET['nowlogged']) && $_GET['nowlogged'] == 1){
echo "You Need to Login to reach this page.";
}
$username = "";
$password = "";
}
?>
<html>
<head>
<title>Register</title>
</head>
<body>

<form action="login.php" method="post">
Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br />
Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /><br />
<input type="submit" name="submit" value="Login" /><br />
</form>
<p>Haven't got an account? register <a href="register.php">here!</a></p>
</body>
</html>
Now once you have a file called "login.php" with the above code inside of it you will need to goto your mysql database and create a database with a table that has 3 fields in the following format.
- id - int(11) - Auto increment
- username - varchar(50)
- hashed_password - varchar(40)

Now search for this in the login.php code
Code: [Select]
define("DB_SERVER","localhost");
define("DB_USER","root");
define("DB_PASS","yourpassword");
define("DB_NAME","yourdatabasename");
And This:
Code: [Select]
$db_select = mysql_select_db("bcooperz", $connection);
And change these to your settings.

Once you have done all this create a new file called register with the suffix .php as well so if you have file extensions turned on it will look like "register.php"
And add this code inside it:
Code: [Select]
<?php
function mysql_prep($value) {
$magic_quotes_active = get_magic_quotes_gpc();
$new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0
if($new_enough_php){ // PHP v4.3.0 or higher
if ($magic_quotes_active){ $value = stripslashes($value); }
$value = mysql_real_escape_string($value);
}else{ //Before PHP v4.3.0
//if magic quotes aren't already on then add slahes manually
if(!$magic_quotes_active){ $value = addslashes($value); }
// if magic quotes are active then the slashes already exist
}
return $value;
}

function redirect_to($location = NULL){
if($location != NULL){
header("Location: {$location}");
exit;
}
}
?>
<?php
define("DB_SERVER","localhost");
define("DB_USER","root");
define("DB_PASS","maxcooper");
define("DB_NAME","bcooperz");
$connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS);
if(!$connection){
die("Database Connection Failed: " . mysql_error());
}
$db_select = mysql_select_db("bcooperz", $connection);
if(!$db_select){
die("Connection to database failed: " . mysql_error());
}
?>

<?php
if(isset($_POST['submit'])){

$username = trim(mysql_prep($_POST['username']));
$password = trim(mysql_prep($_POST['password']));
$hashed_password = sha1($password);
$confirmpass=$_POST['confirmpass'];
$query2 = "SELECT * FROM users WHERE username='$username'";
$result2 = mysql_query($query2);
$counted=mysql_num_rows($result2);

$errors = array();

// Perform validations on the form
$required_fields = array('username', 'password', 'confirmpass');
foreach($required_fields as $fieldname){
if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){
$errors[] = $fieldname;
}
}
if($confirmpass!=$_POST['password']){
$errors[] = "passdifference";
}
if($counted > 0){
$errors[] = "User Already Created";
}

$field_with_lengths = array('username' => 30, 'password' => 30);
foreach($field_with_lengths as $fieldname => $maxlength) {
if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) {
$errors[] = $fieldname; }
}


/* The Form Has Been Submitted */
if (empty($errors)){
$query = "INSERT INTO users (username,hashed_password) VALUES ('{$username}', '{$hashed_password}')";
$result = mysql_query($query, $connection);
if($result){
echo "User Successfully Created";
}else{
echo "The User Could Not Be Created" . "<br />";
echo mysql_error();
}
}else{
$count = count($errors);
if($count == 1){
echo "Their Was {$count} Error In The Form" . "<br />";
print_r(implode(", ", $errors));
}else{
echo "Their Was {$count} Error's In The Form" . "<br />";
echo "<b>";
print_r(implode(", ", $errors));
echo "</b>";
}
}
}else{
/* The Form Has Not Yet Been Submitted */
$username = "";
$password = "";
}
?>
<html>
<head>
<title>Register</title>
</head>
<body>

<form action="register.php" method="post">
Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br />
Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br />
Confirm Password: <input type="password" name="confirmpass" maxlength="30" value="" /><br /><br />
<input type="submit" name="submit" value="Register" /><br />
</form>
<p>Already have a account? login here <a href="login.php">here!</a></p>
</body>
</html>
Once you have done that and you have a file called "register.php" you will need to perform the final step which will be changing the database details once again on the second file ("register.php").

Thanks, Bcooperz. Please tell me if this works

I have a form on my website which actions login.php. The login.php code is below:

<?php
include('includes/classes.php.inc');
session_start();
$link = new BaseClass();
$data = $link->query("SELECT * FROM logins");
$pass_accepted = false;
if($_REQUEST['username'] && $_REQUEST['password']){
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
while($row = mysql_fetch_array($data)){
if(($row['username']==$useranme)&&($row['password']==$password){
echo 'Password correct!';
$_SESSION['loggedin']=true;
$pass_accepted = true;
} 
}
} else {
echo 'You did not enter a username or password!';
}
if(!$pass_accepted){ echo 'Your password is incorrect'; }
echo '<br>Please <a href="index.php">click here</a> to return to page'; 
?>

I have checked that my references are all correct however even when I enter the correct password it returns saying the password is incorrect. Any idea on why this could be? I am happy to answer any follow up questions.

Regards

Hi Everyone,

Just wondered if someone could quickly help me out, im building a simple login system for my website but having a little bit of trouble, the error i keep getting is:

Quote

Cannot modify header information - headers already sent by (output started at /home/sites/cuju8.com/public_html/include.php:18) in /home/sites/cuju8.com/public_html/login.php on line 12


I have done some research but cant find the answer to this, my login script is as follows:

Code: [Select]
<?php
require_once('include.php');
$error = '';
$form = $_POST['submit'];
$email = $_POST['email'];
$password = $_POST['password'];

if( isset($form) ) {
if( isset($email) && isset($password) && $email !== '' && $password !== '' ) {
$sql = mysql_query("SELECT * FROM `usersystem` WHERE email='$email' and password='$password';");

if( mysql_num_rows($sql) != 0 ) { //success
$_SESSION['logged-in'] = true;
[b]header('Location: members.php');[/b]
exit;
} else { $error = "Incorrect login info"; }
} else { $error = 'All information is not filled out correctly';}
}
?>
I think its the header location code thats causing the problem but im not sure where to move it too.

If anyone could help i would really appreciate it.

Cheers

Alright, so I play a browser game called Politics and War. I run an alliance that has 74 members. In that alliance we offer a bank service for all our members, but I - being the leader - am the only one who can access the bank. I have been building a site that works with the game API to gather data for members and create a dashboard. One of the features I am trying to build is allowing them to withdraw from their account instantly.

 

So, what I need:

To be able to submit a POST request to login to the site (specifically on this page --> https://politicsandwar.com/login) with my username and password, but then I need to keep the session active and navigate to a different page (the alliance bank page). On that page I first need to scrape a value from a hidden input (token) and then I need to submit a POST request to this same page while still being logged in. 

 

I am not asking someone to do it for me, but rather someone to help me know how to go about this. I have never submitted post requests with PHP, but I have used PHP cURL in the past. I also have made POST requests with JS, but never PHP.

 

Thank you so much for anyone that is able to help!

 <td> <button onclick="alertdialog()"><span class="glyphicon glyphicon-trash"> </span></button></td>
<script>
function alertdialog(){
    window.confirm("Are you sure you want to delete this post?");
}
</script>   This is my code. I need to have a callback to a PHP script when a user decides to delete a post. I think html POST is the most unobtrustive way to do this. What's the easiest / most robust way to send data to a script when the user clicks OK?   Appreciated. Mark  

Ok so I already have a "post" action URL, here it is below.

<form method="post" action="http://survey.leisuretrends.com/RemoteSurvey.asp?survey=321&survey_version=1330">

The idea is to put a simple e-mail form on my personal website:



And have the post action to go to the URL above (its a marketing company for email submissions / newsletters)

Here is what I have so far, but I know something is not right:

Quote

<form>
<input type="text" />
<input type="submit" />
<form method="post" />
<form action="http://survey.leisuretrends.com/RemoteSurvey.asp?survey=321&survey_version=1330"/>
</form>


Any help would be greatly appreciated.  Thank you for your patience with me

I've managed to isolate a problem I'm having with my php script. It would seem the script randomly restarts itself with blank post data while it's running.

I've managed to mimick the problem using a very basic php script which just pauses and writes to a log:

<?php

$q = $_POST['q'];

if ($q==""){
  writelog ("MISFIRE!!!");
  die;
}

writelog("\n*** Error check started ***");

for ($i = 1; $i <= 50; $i++) {
   writelog ($i);
     sleep(rand(2,20));
}

 function writelog($towrite)
{
  $tdate=date('d/m/Y H:i:s');
  $file = 'log/testlog.txt';
  $current = $towrite." --- ".$tdate."\n";
  file_put_contents($file, $current, FILE_APPEND);
}

writelog("*** Error check ended ***");
?>

To rule out any problems with my AJAX htmlhttp requests, I simply send the script some irrelevant post data using Chrome's Advanced Restful client.

This is the ouput of the log from an example test run:

*** Error check started *** --- 05/06/2014 18:27:30

1 --- 05/06/2014 18:27:30
2 --- 05/06/2014 18:27:44
3 --- 05/06/2014 18:27:49
4 --- 05/06/2014 18:27:59
5 --- 05/06/2014 18:28:04
6 --- 05/06/2014 18:28:22
7 --- 05/06/2014 18:28:33
8 --- 05/06/2014 18:28:39
9 --- 05/06/2014 18:28:52
10 --- 05/06/2014 18:29:08
11 --- 05/06/2014 18:29:22
12 --- 05/06/2014 18:29:30
13 --- 05/06/2014 18:29:43
MISFIRE!!! --- 05/06/2014 18:29:46
14 --- 05/06/2014 18:29:56
15 --- 05/06/2014 18:30:07
16 --- 05/06/2014 18:30:09
17 --- 05/06/2014 18:30:15
18 --- 05/06/2014 18:30:32
19 --- 05/06/2014 18:30:52
20 --- 05/06/2014 18:30:54

Note the logged "Misfire" after the 13th entry.  This shows the script tried to run again with blank post data, the same problem I'm having in my more complex script.

Why could this be happening? It's not anyone else calling the script, nobody knows about the site and I've ruled it out by logging the IP in my real script.
Edited by holdorfold, 05 June 2014 - 02:29 PM.

Hi all,

Thanks for reading. I'm hella frustrated at this script I wrote: for some reason, it will not work correctly.

Basically, it works. The first 4 names in the table on the database show up when searched. But, anything past these four names in the database will not show up as a result when searched! I'm pulling my hair out here!

It's really simple - take a gander:

Code: [Select]
if (isset($_POST['submit'])) {

$search = $_POST['search'];

$searchQuery = mysql_query("SELECT * FROM Accounts WHERE FullName='$search'");

if (mysql_num_rows($searchQuery) == 0) {
$result = "Your search returned no results. Please try again.";
} else {

$results = 1;

while ($getSearchResults = mysql_fetch_array($searchQuery)) {

$fullName = $getSearchResults['FullName'];

$result = "Name: ".$fullName."";

}

}

}

?>

...and the HTML form...

Code: [Select]
<form action="search.php" method="post">

<p>Search: <input type="text" name="search" size="35" maxlength="100" /></p>
<p><input type="submit" value="Search" name="submit" /></p>

<?php echo $result; ?>

</form>

Does anyone have any ideas? 

I have the simple code below which seems to have worked on forms from a contact page on a website.

Unfortunately, it seems to only send the forms if all fields are entered. I have played with the code but cannot seem to get it to send any field that has been completed on submit.

Can someone help please?

<?php

$emailAddress = "bigL@gmail.com"; 
$thankyouPage = "";


session_start();
 if (!empty($_POST)) {
  foreach ($_POST as $key=>$value) {
      $_POST[$key] = stripslashes($_POST[$key]);
    $_POST[$key] = htmlspecialchars($_POST[$key],ENT_QUOTES);
  }
}
if (isset($_POST['send']) AND isset($_SESSION['msgCount'])) {
  if ($_SESSION['msgCount'] >= "3") $alert = "Only 3 messages can be s
+ent per session.";
  if (empty($alert)) {
    $_SESSION['msgCount']++;
    putenv('TZ=EST5EDT'); // eastern time
    $headers  = 'MIME-Version: 1.0' . "\r\n";
    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"
+;
    $message = "<table cellpadding='5' border='1'>";
    foreach ($_POST as $key => $value)
      if (!preg_match("(^send)",$key)) {
        $value = wordwrap($value,65,"<br />");
        $message .="<tr><td><b>$key</b></td><td>$value</td></tr>";


      }
    $message .= "</table>";   
    $message .= "<br />Time of the message: ".date(" F d  h:ia")."<br
+/>";
    $message .= "IP Address: ".$_SERVER['REMOTE_ADDR']."<br />";
    $message .= "Hostname: ".gethostbyaddr($_SERVER['REMOTE_ADDR'])."<
+br />";
    $subject = $_SERVER['HTTP_HOST']." Message";
    mail($emailAddress,$subject,$message,$headers);
    if (!empty($thankyouPage)) {
      header('location: '.$thankyouPage);
      die();
    }
    unset($_POST);

    $alert = "Your enquiry has been sent, we will respond as soon as p
+ossible.";
  }
}
if (!isset($_SESSION['msgCount'])) $_SESSION['msgCount'] = 0;
?>

How can I encrypt POST data from a form? Basically, I want to ensure that the data on the form is not in plain text ever. Is this possible?

<form method="post">
<input type="text" name="email" size="40">
<input type="password" name="password"/>
...


Basically, when this posts, I want to do a foreach on $_POST and see something like:
password = 1f3870be274f6c49b3e31a0c6728957f
  and not
password = stringTheUserTyped

I hope what I'm asking for is clear.
(PHP 5.2.14)

Thanks!

I needed a server side PHP validation script for my form to use on top of client side Javascript as a backup. I found a nice package where I just include the validator and set a few options then it does the rest. However it doesn't seem to work with the action="whateveraction.php" for the form. It will skip all the validation and immediately go to the action script. So I left that blank as you can see in the form below and figured I would send the post data somehow to the script using PHP when the validation is successful. However I am stumped on how to do that can I get some coding help?

This is the small validation script. I will attach the formvalidator.php in this post.
Code: [Select]
<?php
require_once "formvalidator.php";
if(isset($_POST['submit']))
{
    $validator = new FormValidator();
    $validator->addValidation("age","req","Please fill in your Age");
    $validator->addValidation("mcid","req","Please fill in your Minecraft Username");
    $validator->addValidation("description","req","Please fill in a Description");
    if($validator->ValidateForm())
    {

      //need something here to have it send the post data to /mcbuildapp/form_submit.php

    }
    else
    {
        echo "<div class=blockrow><b><font size=5>Form Errors:</font><b></div>";

        $error_hash = $validator->GetErrors();
        foreach($error_hash as $inpname => $inp_err)
        {
          echo "<div class=blockrow><p><font color=red>$inp_err</font></p>\n</div>";
        }
    }
}

Then the form if it matters....
Code: [Select]
<div class="blockrow">
<font size=4><b>Minecraft Building Rights Application</b></font>
<br />
<br />
<b>Failing to fill in any of these fields sufficiently will result in an automatic denial of your application!</b><br />
<b>Think of it this way, being lazy and applying wrong is only wasting your time. Take the time to do it correctly the first time.</b>
 
<br />
<br />

<b><font color=red>To ensure proper user authentication and security you must first join the server at least once before applying for your building rights to work!</font></b>
<br />
<br />
<form action="" id="mcbuilderapp" name="mcbuilderapp" method="post">

<label><b>Your Minecraft Username (required)</b><br />
Use exact capitalization and punctuation that matches your Minecraft.net account!</label>
 
<br />
<br />
 
<input type="text" name="mcid" id="mcid" maxlength="25"/>
 
<br />
<br />
 
<label><b>Your Age (required)</b></label>
 
<br />
<br />
                 
<input type="text" name="age" id="age" maxlength="3"/>
   
<br />
<br />
 
<label><b>Describe Yourself (required)</b><br />
Describe yourself in <b>no less</b> than 3 sentences using <b>correct grammar</b>.</label>
 
<br />
<br />
 
<textarea name="description" id="description" minlength="10" maxlength="1000" cols=60 rows=5 wrap="physical">
</textarea>
 
<br />
<br />
 
<input type="submit" name="submit" value="Submit" />
</form>
</div>
MOD EDIT: PHP manual tags changed to code tags . . .

[attachment deleted by admin]

I have a form with lots of fields.

How would I run a loop to get each field name and data into an array, so i can then send it off to a function to process each field name / data differently. Instead of typing all the variables in the main function name for each post.

Would a foreach statement work?

I have a Login page which i want to check if the user details (username, password and activation) are valid then redirect user dependent on his/her "accessLevel" (admin, member and none)   Admin will be directed to "index.php" Member will be directed to "tasks.php" and none will be redirected to "notActive.php"   here is my current code which half works;

<?php
include ('connect.php');
if(isset($_POST['submit'])) {
    // Initialize a session:
session_start();

// Define $username and $password 
$username=$_POST['username']; 
$password=$_POST['password']; 

// To protect MySQL injection
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM ecmt_members WHERE username='$username' and password='$password' AND Activation IS NULL";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $username and $password, table row must be 1 row
if($count==1){

// Register $username, $password and redirect to file "index.php"
$role = mysql_fetch_array($result);
$_SESSION['username']= $username; 
$_SESSION['password']= $password;
//$_SESSION['role']= $role['accessLevel'];
 
 if($role['accessLevel'] == "admin"){
	 $_SESSION['adminuser']=$role['accessLevel'];
		header("location:index.php");
			exit();
      }
 elseif($role['accessLevel'] == "member"){
	 $_SESSION['user']=$role['accessLevel'];
		header("location:tasks.php");
			exit();
     }

else {
echo "Error: Username, Password or Access Level incorrect! Go Home, you're Drunk!!!";
}

	}
    } // End of the main Submit conditional.
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login Form</title>

<!-- jQUERY -->
<script src="//code.jquery.com/jquery-latest.js"></script>
<!-- Add Main CSS -->
<link rel="stylesheet" type="text/css" href="../tool/css/main.css">
<!-- Font-Awesome -->
<link href="//maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css" rel="stylesheet">
	<style>
		body { 
			background: url(../tool/images/bg1.jpg) no-repeat center center fixed; 
			-webkit-background-size: cover;
			-moz-background-size: cover;
			-o-background-size: cover;
			background-size: cover;
		}
.exactCenter { width:auto; height:auto; position: fixed; top: 50%; left: 50%; margin-top: -200px; ; }

	</style>
</head>
<body>
<div class="exactCenter">
<div id="login-container">
<img src="../tool/images/bigLogo.png" /><br />

<form action="login.php" method="post" class="form">
  <fieldset class="group">
      <input class="input" type="text" id="username" name="username" size="25" placeholder="username"/>
<img src="../tool/images/spacer.png" width="5" height="5" />
      <input class="input" type="password" id="password" name="password" size="25" placeholder="password"/>
<img src="../tool/images/spacer.png" width="5" height="5" />
     </fieldset>    
      <input type="hidden" name="formsubmitted" value="TRUE" />
      <button type="submit" name="submit" class="btn btn-blue" ><i class="fa fa-unlock-alt"></i> Login</button>
<img src="../tool/images/spacer.png" width="5" height="5" />   
<a href="Register.php"><button type="button" class="btn btn-green" ><i class="fa fa-hand-o-up"></i> Register</button></a>
</form>

</div></div>
</body>
</html>

When i test it with admin login credentials i get the page refresh again without error, when i login with member credentials it shows tasks.php and when i try to log in with unactivated account "acivation column is not NULL" i get a page refresh also with no error.   Can someone help me make it work for each role and perhaps have some sort of error reporting depending on error.   im pulling my hair out here and this is the first time i have worked with login conditions, and im VERY confused.
Edited by jacko_162, 28 October 2014 - 05:12 PM.

Ok from one brick wall to the next. After lots of help with my last query I moved onto the next task an I'm completely stuck again.

I have a form thats created with a loop.  Here is that form


 <form action="" method="post" id="">
        <?php 
 for ($i = 1; $i <= $totalRows_rs_cacheNum; $i++) {
    echo "<label>Cache ".$i."</label>
          <span id='sprytextfield".$i."'>
         <input name='cache[$i]' type='text' value='".$_POST['cache[$i]']."'/>
         <span class='textfieldRequiredMsg'>Required!</span></span>
         <div class='clear'></div>";
}
?>
 <input name="nextbtn" type="submit" value="Next" />


When a user enters data in all the fields, If one piece of information is incorrect an error pops up saying one of the fields you entered does not match the fields in the database. At the same time however i wish to keep the data they have entered in each of the fields.

Normally you'd just write

value="<?php echo $_POST['fieldName'];?>"

but for some reason in this case it does not work. can someone point me in the right direction.  I've tried Google many different terms but I can not find the correct term to find my answer.  Hence me asking you guys again.

Thanks