PHP - Php Login Error
Hey php masters !
i ran into a problem while making my login page, im new to php so please dont rage at me the code that i think gives the problem is this: if ($numrows!=0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } if ($username==$dbusername&&$password==$dbpassword) { echo "du er logget ind $username" } else echo "Adgangskoden er Forkert"; } else die("Denne burger findes ikke"); } else die("Angiv venligst brugernavn og adgangskode"); ?> Hope you can help me - MinG Similar TutorialsI keep getting an error code when running my php, it states: Parse error: syntax error, unexpected $end in W:\www\blog\login.php on line 33 Line 33 is </html> Code: [Select] <?php mysql_connect ("localhost", "root", ""); mysql_select_db("blog"); ?> <html> <head> <title>Login</title> </head> <body> <?php if(isset($_POST['submit'])){ $name = $_POST['name']; $pass = $_POST['password']; $result = mysql_query("SELECT * FROM users WHERE name='$name' AND pass='$pass'"); $num = mysql_num_rows($result); if($num == 0){ echo "Bad login, go <a href='login.php'>back</a>"; }else{ session_start(); $SESSION ['name'] = $name; header("Location: admin.php"); } ?> <form action='login.php' method='post'> Username: <input type='text' name='name' /><br /> Password: <input type='password' name='password' /><br /> <input type='submit' name='sumbit' value='Login!' /> </form> </body> </html>Can any one advise me whats wrong? ok so when user get there email or password wrong are they just submit with filling anything out they go to login.php?login_failed but it gives me This webpage has a redirect loop Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects. Code: [Select] <?php session_start(); $email = $_SESSION['email']; ?> <?php $email = mysql_real_escape_string($_POST['email']); $password = mysql_real_escape_string($_POST['password']); if(!empty($email) && isset($email) &&!empty($password) && isset($password)){ $password = md5("$password"); require "includes/init/db_con.php"; $query = mysql_query("SELECT * FROM users WHERE email = '$email'"); $numrows = mysql_num_rows($query); if($numrows != 0){ $row = mysql_fetch_assoc($query); $dbemail = $row ['email']; $dbpassword = $row ['password']; if($dbemail === $email && $dbpassword === $password){ $_SESSION['email'] = $dbemail; header("location: http://localhost/control/home.php"); }else { header('Location: login.php?login_failed'); } }else { header('Location: login.php?login_failed'); } }else { header('Location: login.php?login_failed'); } ?> <?php require "includes/overall/header.php";?> <?php if($_GET['login_failed']){ echo "Login Box will appear with messages"; } ?> <?php require "includes/overall/footer.php";?> Hi
I'm getting this error but i'm sure the file is there, this is my code where i'm having this problem
elseif($_POST["page"] == "users_login") { $user_utilizador = trim(strip_tags($_POST['email'])); $user_password = trim(strip_tags($_POST['passwd'])); $encrypted_md5_password = md5($user_password); $validate_user_information = mysql_query("select * from `utilizador` where `utilizador` = '".mysql_real_escape_string($user_utilizador)."' and `password` = '".mysql_real_escape_string($encrypted_md5_password)."'"); echo $validate_user_information; if(mysql_num_rows($validate_user_information) == 1) { $get_user_information = mysql_fetch_array($validate_user_information); $_SESSION["VALID_USER_ID"] = $user_utilizador; $_SESSION["USER_FULLNAME"] = strip_tags($get_user_information["nome"]); echo 'index.php?uid='.$_SESSION["USER_FULLNAME"].'&'; echo 'login_process_completed_successfully=yes'; } else { echo '<br><div class="info">Desculpe, a informação fornecida está errada. Corrije-a por favor. Obrigado.</div><br>'; } }So after the login process it should open the index.php I have try with header(Location: index,php) and the details are displayed in the same page as the login... any help please? Thanks Hi, well i don't get an error from PHP but it says the username or password is incorrect
Login script
<?php require 'connect.php'; error_reporting(E_ALL | E_NOTICE); ini_set('display_errors', '1'); ini_set('memory_limit', '-1'); include 'footer.php'; if(isset($_POST['submit'])) { session_start(); if(!$_POST['username'] OR !$_POST['password']) { echo "Please make sure you enter both a username and password!"; exit(); } $username = trim($_POST['username']); $password = trim($_POST['password']); $username = mysqli_real_escape_string($conn, $_POST['username']); $password = mysqli_real_escape_string($conn, $_POST['password']); $stmt = $conn->prepare("SELECT username,password,user_level,active FROM usrs_usr WHERE username=? AND password=?"); $stmt->bind_param("ss", $username, $password); $stmt->execute(); $row = $stmt->fetch(); $userlevel = $row['user_level']; $active = $row['active']; if($stmt->num_rows > 0) { if($row['user_level'] == 1) { $_SESSION['user_level'] = 1; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; echo "<meta http-equiv='refresh' content=0;admin.php>"; exit(); } else if($row['user_level'] == -1) { $_SESSION['user_level'] = -1; $_SESSION['active'] = 0; $_SESSION['loggedIn'] = 0; echo "<meta http-equiv='refresh' content=0;banned.php>"; exit(); } $_SESSION['user_level'] = 0; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; echo "<meta http-equiv='refresh' content=0;index.php>"; exit(); } else { die("#~ Username or password is incorrect ~#"); } } ?> Hello! I started to have problems on my admin login page. I see 3 warnings and below that, my login (but is not working now). Here´s what you see on https://www.bariloche.esp.br/administrator/login https://fonts.googleapis.com A PHP Error was encounteredSeverity: Warning Message: session_start(): Cannot send session cookie - headers already sent by (output started at /home/bariloch/public_html/administrator/index.php:2) Filename: Session/Session.php Line Number: 143 Backtrace:
File: /home/bariloch/public_html/administrator/application/controllers/Login.php
File: /home/bariloch/public_html/administrator/index.php Severity: Warning Message: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/bariloch/public_html/administrator/index.php:2) Filename: Session/Session.php Line Number: 143 Backtrace:
File: /home/bariloch/public_html/administrator/application/controllers/Login.php
File: /home/bariloch/public_html/administrator/index.php Severity: Warning Message: Cannot modify header information - headers already sent by (output started at /home/bariloch/public_html/administrator/index.php:2) Filename: helpers/url_helper.php Line Number: 564 Backtrace:
File: /home/bariloch/public_html/administrator/application/views/login.php
File: /home/bariloch/public_html/administrator/application/controllers/Login.php
File: /home/bariloch/public_html/administrator/index.php Code: [Select] <?php session_start(); mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("cute") or die(mysql_error()); $username = $_POST['username']; $_POST['pass'] = md5($_POST['pass']); $password = $_POST['pass']; if (isset($_POST["submit"])) { $log1 = "SELECT * FROM regis WHERE username = '$username'"; $login1 = mysql_query($log1); $log2 = "SELECT * FROM regis WHERE password = '$password'"; $login2 = mysql_query($log2); $log3 = "SELECT * FROM regis WHERE username = '$username' AND password = '$password'"; $login3 = mysql_query($log3); $row = mysql_fetch_array($login3); $number = mysql_num_rows($login3); if($login1==FALSE) { echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('This.$username.is not available.')</SCRIPT>"); } if($login2==FALSE) { echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('This.$password.is incorrect.')</SCRIPT>"); } if ($number == 0) { print "This user does not exist in our database. <a href=registration.php><input type='button' value='Register'></a>"; } if ($number > 0) { $_SESSION['username'] = $row['username']; $_SESSION['password'] = $row['password']; $_SESSION['userlevel'] = $row['userlevel']; $_SESSION['is_logged_in'] = 1; if($_SESSION['userlevel']==1) { $_SESSION['is_logged_in'] = 1; header("Location: form2.php"); } else if($_SESSION['userlevel']== 0) { $_SESSION['is_logged_in'] = 1; header("Location: form3.php"); } } } else { ?> <html> <head> <script type="text/javascript"> function a() { var x = document.login.username.value; var y = document.login.pass.value; if(x==""&& y=="") { alert("Please insert all message!"); return false; } if(x=="") { alert("Please insert an username!"); return false; } if(y=="") { alert("Please insert an password!"); return false; } } </script> </head> <body> <center> <table border="0" align="center"> <form name="login" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" onsubmit="return a()"> <tr><td colspan=2><center><h1>Login</h1></center></td></tr> <tr><td>Username:<input type="text" name="username" maxlength="40"></td></tr> <tr><td>Password:<input type="password" name="pass" maxlength="50"></td></tr> <tr align=center><td><input type="button" value="Register" ONCLICK="window.location.href='registration.php'"></a> <input type="submit" name="submit" value="Login"></td> </tr> </form> </center> </body> <?php } ?> this is login code as im want it show the error if i put any username or password error but instead it will directly show this error "if ($number == 0) { print "This user does not exist in our database. <a href=registration.php><input type='button' value='Register'></a>"; } " but im want to show this if($login1==FALSE) { echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('This.$username.is not available.')</SCRIPT>"); } if($login2==FALSE) { echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('This.$password.is incorrect.')</SCRIPT>"); } error first. may i know which code or if statement im put wrong I had a success page redirect after the login...but the login happens even if the username and password is not entered. you can check it in colonialcasa.org here's the code for the login.php page ( i have obviously changed the server name, database and password for privacy reasons ) <? /*simple checking of the data*/ if(isset($_POST['login']) & isset($_POST['pass'])) { /*Connection to database logindb using your login name and password*/ $db=mysql_connect('servername','login','password') or die(mysql_error()); mysql_select_db('mpahost_logindb'); /*additional data checking and striping*/ $_POST['login']=mysql_real_escape_string(strip_tags(trim($_POST['login']))); $_POST['pass']=mysql_real_escape_string(strip_tags(trim($_POST['pass']))); $q=mysql_query("SELECT * FROM login WHERE login='{$_POST['login']}' AND pass='{$_POST['pass']}'",$db) or die(mysql_error()); /*If there is a matching row*/ if(mysql_num_rows($q) > 0) { $_SESSION['login'] = $_POST['login']; $login='Welcome back '.$_SESSION['login']; } else { $login= 'Wrong login or password'; } mysql_close($db); } /*Use of Sessions*/ if(!session_id()) header("Location: advocates.html"); // success page. put the URL you want header("Cache-control: private"); //avoid an IE6 bug (keep this line on top of the page) $login='NO data sent'; //you may echo the data anywhere in the file echo $login; ?> I have created a PHP & MySql login but its not working. If I put the right email/password still its showing "Wrong Username or Password" everytime. Bacause I'm beginner to this I don't really know how to solve this issue. Thanks in advance. Here is my coding <?php // Start PHP session at the beginning session_start(); // Create database connection using config file include_once("connection.php"); // If form submitted, collect email and password from form if (isset($_POST['login'])) { $email = $_POST['email']; $password = $_POST['password']; // Check if a user exists with given username & password $result = mysqli_query($conn, "select 'Email', 'Password' from tblstudent where Email='$email' and Password='$password'"); // Count the number of user/rows returned by query $user_matched = mysqli_num_rows($result); // Check If user matched/exist, store user email in session and redirect to sample page-1 if ($user_matched > 0) { $_SESSION["email"] = $email; header("location: welcome.php"); } else { echo "User email or password is not matched <br/><br/>"; } } ?> Edited May 4 by Barand code tags added I don't know how to solve this error;
Parse error: syntax error, unexpected '$db' (T_VARIABLE)
code:
When i press login i get Fatal error: Call to a member function query() on a non-object in /home/a5347792/public_html/login.php on line 15
<?php $dbConnection['username'] = "root"; $dbConnection['password'] = ""; $dbConnection['host'] = "localhost"; $dbConnection['db'] = "joke"; if(isset($_POST['rbLgn'])) { $login = true; if(isset($_POST['username'])) { $username = $_POST['username']; } if(isset($_POST['password'])) { $password = $_POST['password']; } if(isset($username) && isset($password)) { $query = $db->query("SELECT * FROM `users` WHERE `username`='{$username}' AND `password`='{$password}' LIMIT 1"); if($query->num_rows > 0) { echo "User found - logging in."; } else { echo "User not found, credentials: " . $username . " | " . $password; } } } ?> Edited by mac_gyver, 25 October 2014 - 10:21 AM. code tags when posting code please Hi, Im using the code below to check a users username and password is ligit before adding their username to their session. <?php $con = mysql_connect("localhost","user","password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("hiddenbid", $con); $username = mysql_real_escape_string($_POST['username']); $password = md5($_POST['password']); $mysql = mysql_query("SELECT * FROM users WHERE name = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql)=1){ $_SESSION['USERID'] = $username; print "<b>Welcome</b>, you are signed in as " . $_SESSION['USERID'] . "."; print "<br /><br />Redirecting..."; header ("location:index.php"); } else{ header ("location:signin.php"); } ?> Anyway, it doesnt work as I get the following error: Fatal error: Can't use function return value in write context in C:\Program Files\Abyss Web Server\htdocs\signinconfirmer.php on line 35 Any ideas what is causing this please? Also can I add a pause after the redirect message before it takes the user to the index.php page? Thanks in advance. Hi There I have a simple cms system that I have built but for some reason the login script wont let me login to the cms. Strange thing is the script seems to works on the original database but when I changed the details to a new db it doesnt work. I have made the necessary changes for the connecting to the db etc but it just wont let me login. Can anyone help The url is drmonlinemarketing.com/cms2/loginadmin.php try login with username demo password test thanks shalli Hi all, I've got a website, which used to work ... I have a login script which did log each user in fine, but now for some odd reason its not loggin them in, I've looked over the script quite a few times but carnt see why its not loggin then it as it use to. <?php session_start(); include_once"includes/config.php"; if (strip_tags($_GET['logout']) == "yes"){ session_destroy(); }elseif (isset($_SESSION['username'])){ header("Location: index2.php"); exit(); } if ($_POST['Submit'] && strip_tags($_POST['username']) && strip_tags($_POST['password'])){ $username = mysql_real_escape_string(addslashes(strip_tags($_POST['username']))); $password = md5(addslashes(strip_tags($_POST['password']))); $select = mysql_query("SELECT * FROM users WHERE online > '$timenow' ORDER by rank desc"); $num = mysql_num_rows($select); $date = gmdate('Y-m-d h:i:s'); $ip = $REMOTE_ADDR; ///check INFO $sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' LIMIT 1"); $login_check = mysql_num_rows($sql); $inf = mysql_fetch_object($sql); if ($login_check == "0"){ $message="<table width='30%' class='table' align='center' cellpadding='0' cellspacing='0' border='1'> <tr> <td class='header' align='center'>Error</td> </tr> <tr> <td align='center'>You could not be logged in.</td> </tr> <table><br />"; }elseif ($login_check != "0"){ if ($login_check > "0"){ if ($inf->status == "Banned"){ $encoded=md5(strtolower($username)); header("Location: banned.php?banned=$username&encoded=$encoded"); exit(); } session_register('username'); $_SESSION['username'] = $inf->username; $timestamp = time()+20; $get = mysql_query("SELECT * FROM users WHERE username='$username' LIMIT 1"); $got = mysql_fetch_object($get); $loginnumber = $got->loginnumber+1; mysql_query("UPDATE users SET online='$timestamp' WHERE username='$username'"); mysql_query("UPDATE users SET lastlogin='$date' WHERE username='$username'"); mysql_query("UPDATE users SET l_ip='$ip' WHERE username='$username'"); mysql_query("UPDATE users SET loginnumber='$loginnumber' WHERE username='$username'"); header("Location: index2.php"); } else { $message= "<table width='30%' class='table' align='center' cellpadding='0' cellspacing='0' border='1'> <tr> <td class='header' align='center'>Error</td> </tr> <tr> <td align='center'>You could not be logged in.</td> </tr> <table><br />"; }}} ?> <html> <head> <title>Login </title> <link href='style.css' rel='stylesheet' type='text/css'> </head> <body class='body'> <form action='' method='post' name='form1'> <?php echo ($message); ?> <table width='702' class='table' align='center' cellpadding='0' cellspacing='0' border='1'> <tr> <td class='header' align='center' colspan='2'>Welcome To Speed-Drive</td> </tr> <tr> <td align='center' colspan='2'><img src='images/banner.png'></td> </tr> <tr> <td class='header' align='center' colspan='2'>Speed-drive Login</td> </tr> <tr> <td width='50%' align='right'>Username:</td><td width='50%' align='left'><input name="username" class='input' type="text" maxlength="15" id="username"></td> </tr> <tr> <td width='50%' align='right'>Password:</td><td width='50%' align='left'><input name="password" class='input' type="password" maxlength="30" id="password"></td> </tr> <tr> <td colspan='2' align='center' class='omg'><input type="submit" class='button' name="Submit" value="Submit"></td> </tr> <tr> <td class='header' align='center' colspan='2'>Help</td> </tr> <tr> <td align='center' colspan='2'><a href='register.php'>Register</a> .|. <a href='lost.php'>Lost Password</a> .|. <a href='tos.php'>TOS</a></td> </tr> <tr> <td align='center' colspan='2'><br /><font color='pink'><strong><h3>This website is currently <u></font><font color='red'>closed</font><font color='pink'></u>!<br /><br />You will <u></font><font color='red'>Not</font><font color='pink'></u> be able to Register untill the website is completed.<br /><br /></font></h3> Thank you for understanding.</strong></td> </tr> </table> </form> </body> </html> Is there a small error in the script or is the Script fine? Thanks for all the help given. When I log in on my web-site it takes me to a php login-check page This is the error code that I am getting; Quote Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in D:\xampp\htdocs\login-check.php on line 26 This is the php code that i am using; Code: [Select] <?php $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="deliverpizza"; // Database name $tbl_name="customer, admin, staff"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_privelage.php"); } else { } ?> Hi Everyone, Just wondered if someone could quickly help me out, im building a simple login system for my website but having a little bit of trouble, the error i keep getting is: Quote Cannot modify header information - headers already sent by (output started at /home/sites/cuju8.com/public_html/include.php:18) in /home/sites/cuju8.com/public_html/login.php on line 12 I have done some research but cant find the answer to this, my login script is as follows: Code: [Select] <?php require_once('include.php'); $error = ''; $form = $_POST['submit']; $email = $_POST['email']; $password = $_POST['password']; if( isset($form) ) { if( isset($email) && isset($password) && $email !== '' && $password !== '' ) { $sql = mysql_query("SELECT * FROM `usersystem` WHERE email='$email' and password='$password';"); if( mysql_num_rows($sql) != 0 ) { //success $_SESSION['logged-in'] = true; [b]header('Location: members.php');[/b] exit; } else { $error = "Incorrect login info"; } } else { $error = 'All information is not filled out correctly';} } ?> I think its the header location code thats causing the problem but im not sure where to move it too. If anyone could help i would really appreciate it. Cheers I have tried to create a basic login form. When I enter the username and password I get this error Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in login.php on line 10 Code: [Select] <?php require("connection.php"); if($_SERVER["REQUEST_METHOD"] == "POST") { $username=mysql_real_escape_string($_POST['username']); $password=mysql_real_escape_string($_POST['password']); $password=md5($password); $sql="SELECT id FROM user WHERE username='$username' and password='$password'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count==1) { header("location: dashboard.php"); } else { $error="Invalid username or password"; } } ?> <form action="login.php" method="POST"> <table class="ltext"> <tr> <td> Username </td> <td> <input type="text" name="usename" class="input" /> </td> </tr> <tr> <td> Password </td> <td> <input type="password" name="password" class="input" /> </td> </tr> </tr> <td> </td> <td> </td> </tr> <tr> <td> </td> <td> <input type="submit" value="Login" name="submit" class="input" /> <input type="reset" value="Clear" name="clear" class="input" /> </td> </tr> </table> </form> I can't figure out why I am getting that error message does anyone have any ideas? This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=349834.0 Hello all, my first post after joining this very informative site, unfortunatly I was unable to find the answer to my simple yet frastrating dilemma. I am in the process of building a website that will enable users to log-in through a dedicated loginU.php page, I have all of this working but I would like to display an error message on this page saying if the user has entered a wrong username/password, I have the message displaying on a blank white page, but I would like it to be displayed within the container I have created. the validation code is contained within a different login.php file. At the moment I am using an iframe to display the messages, which I know is not the right way to do it, so am asking for a better way to do it. here is what I have so far: loginU.php Code: [Select] <div id = "div-Login"> <form action="login.php" method="POST" target="loginerror"> <center><h2>Login Here</h2> <p> Username: <input type="text" name="username"><p> Password: <input type="password" name="password"><p> <input type="submit" name="submit" value="Login"> </center> <a href="register.html"><pre>need to register? Click Here!</pre></a> </form> <iframe name="loginerror" style="border: 0px; width: 200px; height: 100px; overflow: hidden;" src="login.php"></iframe> </div> login.php Code: [Select] if ($username==$dbusername&&$enc_password==$dbpassword) //if the username & encrpyted password matches the records in the database { if($admin !=0) //if the admin flag is true { $_SESSION['level']='ADMIN';//admin is logging in header ("Location: admin.php"); //the user is an admin, direct to admin page } else header ("Location: index.php"); //user is a customer, direct user to index page $_SESSION['username']=$dbusername; //set the session name to the database record username. } else //$nopass='TRUE'; //header ("location: loginU.php"); echo "Incorrect Password, Please try again"; // if incorrect password } else die ("That username doesn't exist"); // if user doesn't exist } else die ("Please enter a username and password"); //if either field is empty ?> |