My login table has Username and Password fields. I want to display the user's full name rather than their username when they logĀ in with their username and password. Instead of saying Welcome USERNAME on the next page, I want to say Welcome FULLNAME.
Here is the index.php or the login page in html:
<form action="" method="POST">
<div class="rows grid">
<div class="row">
<label for="username">User Name</label>
<input type="text" id="username" name="userName" placeholder="Enter Username" required>
</div>
<!--Password-->
<div class="row">
<label for="password">Password</label>
<input type="password" id="password" name="passWord" placeholder="Enter Password" required>
</div>
<!--Submit Button-->
<div class="row">
<input type="submit" id="submitBtn" name="submit" value="Login" required>
<!--Register Link-->
<span class="registerLink">Don't have an account? Register</span>
</div>
</div>
</form>
</div>
</div>
Here is the php:
<?php
// Submit
if(isset($_POST['submit'])){
// Store the names, password, email, number
$userName = $_POST['userName'];
$passWord = $_POST['passWord'];
// Selecting from database
$sql = "SELECT * FROM admin WHERE
usernames = '$userName' AND
passwords = '$passWord'";
// Exceute the query
$result = mysqli_query($conn, $sql);
// Count the number of the account of the same username and password
$count = mysqli_num_rows($result);
// Counts the results into arrys
$row = mysqli_fetch_assoc($result);
// Check if theres account in database
if ($count == 1){
$_SESSION['loginMessage'] = '<span class = "success">Welcome '.$userName.'</span>';
header('location:' .SITEURL. 'dashboard.php');
exit();
}
else{
$_SESSION['noAdmin'] = '<span class = "fail">Please check your username and password and try again.</span>';
header('location:' .SITEURL. 'index.php');
exit();
}
}
?>
Here is the register.php or register link:
<form action="" method="POST">
<div class="rows grid">
<!--Full Name-->
<div class="row">
<label for="fullname">Full Name</label>
<input type="text" id="fullname" name="fullName" placeholder="Enter Full Name" required>
</div>
<!--Username-->
<div class="row">
<label for="username">User Name</label>
<input type="text" id="username" name="userName" placeholder="Enter Username" required>
</div>
<!--Email-->
<div class="row">
<label for="email">Email</label>
<input type="email" id="email" name="emaiL" placeholder="Enter Email" required>
</div>
<!--Mobile Number-->
<div class="row">
<label for="number">Mobile Number</label>
<input type="number" id="number" name="numbeR" placeholder="Enter Mobile Number" required>
</div>
<!--Password-->
<div class="row">
<label for="password">Password</label>
<input type="password" id="password" name="passWord" placeholder="Enter Password" required>
</div>
<!--Submit Button-->
<div class="row">
<input type="submit" id="submitBtn" name="submit" value="Register" required>
<!--Try ko aban aban uni idelete-->
<span class="registerLink">Have an account already? Login</span>
</div>
</div>
</form>
Note: I want to display the input fullname in the welcome dashboard.
Please change your select query to parameterized prepared statement to avoid SQL injection attacks
To display the "fullname", just fetch the db record say into an associative array say $row and use $row["fullname"] (or $row["fullName"] if the field name is actually fullName)
Hence, change the block:
/// other code
$sql = "SELECT * FROM admin WHERE
usernames = '$userName' AND
passwords = '$passWord'";
// Exceute the query
$result = mysqli_query($conn, $sql);
// Count the number of the account of the same username and password
$count = mysqli_num_rows($result);
// Counts the results into arrys
$row = mysqli_fetch_assoc($result);
// Check if theres account in database
if ($count == 1){
$_SESSION['loginMessage'] = '<span class = "success">Welcome '.$userName.'</span>';
header('location:' .SITEURL. 'dashboard.php');
exit();
}
/// other code
to
<?php
/// other code
$sql = "SELECT * FROM admin WHERE usernames = ? AND passwords = ?";
$query = $conn->prepare($sql);
$query->bind_param("ss", $userName,$passWord );
$query->execute();
$result = $query->get_result();
$num = $result->num_rows;
if ($num == 1){
$row = $result->fetch_assoc();
$_SESSION['loginMessage'] = '<span class = "success">Welcome '.$row["fullname"].'</span>';
header('location:' .SITEURL. 'dashboard.php');
exit();
}
/// other code
?>
Related
Im using the following code to insert users into a table called 'accounts'
session_start();
include("include/connect.php");
//Posted information from the form put into variables
$username = mysqli_escape_string($conn, $_POST["username"]);
$email = mysqli_escape_string($conn,$_POST["email"]);
$password = mysqli_escape_string($conn,$_POST["password_1"]);
//check if user already exists
$usernameCheck="SELECT * FROM accounts WHERE username='$username'";
//query the db
$usernameResult = mysqli_query($conn, $usernameCheck) or die(mysqli_error($conn));
//if no users exits then add data
if(mysqli_num_rows($usernameResult) == 0){
$AddUser = "INSERT INTO `accounts` (`username`, `email`, `password`) VALUES ('$username', '$email', '$password')";
$newUserSend = mysqli_query($conn, $AddUser) or die(mysqli_error($conn));
mysqli_close($conn);
$_SESSION["user_session"]= $username;
}
However every time it runs it inserts a row with the correct data and then a blank row below. For example
ID Name email password
1 test test#test.com test
2
This is the form where the data is posted from:
<form method="POST" class="signup-form" action="RegisterProcess.php">
<h2 class="form-title">Create account</h2>
<div class="form-group">
<input type="text" value="<?php echo $username; ?>" class="form-input" name="username" placeholder="Your Name" required/>
</div>
<div class="form-group">
<input type="email" value="<?php echo $email; ?>" class="form-input" name="email" placeholder="Your Email Address" required/>
</div>
<div class="form-group">
<input type="password" class="form-input" name="password_1" placeholder="Your Password" required/>
<span toggle="#password" class="zmdi zmdi-eye field-icon toggle-password"></span>
</div>
<div class="form-group">
<input type="password" class="form-input" name="password_2" placeholder="Confirm your password" required/>
<span toggle="#password" class="zmdi zmdi-eye field-icon toggle-password"></span>
</div>
<div class="form-group">
<input type="submit" class="form-submit" value="Sign up"/>
</div>
</form>
Im using the following code to insert users into a table called 'accounts'
session_start();
include("include/connect.php");
//Posted information from the form put into variables
$username = mysqli_escape_string($conn, $_POST["username"]);
$email = mysqli_escape_string($conn,$_POST["email"]);
$password = mysqli_escape_string($conn,$_POST["password_1"]);
//check if user already exists
$usernameCheck="SELECT * FROM accounts WHERE username='$username'";
//query the db
$usernameResult = mysqli_query($conn, $usernameCheck) or die(mysqli_error($conn));
//if no users exits then add data
if(mysqli_num_rows($usernameResult) == 0){
$AddUser = "INSERT INTO `accounts` (`username`, `email`, `password`) VALUES ('$username', '$email', '$password')";
$newUserSend = mysqli_query($conn, $AddUser) or die(mysqli_error($conn));
mysqli_close($conn);
$_SESSION["user_session"]= $username;
}
However every time it runs it inserts a row with the correct data and then a blank row below. For example
ID Name email password
1 test test#test.com test
2
This is the form where the data is posted from:
<form method="POST" class="signup-form" action="RegisterProcess.php">
<h2 class="form-title">Create account</h2>
<div class="form-group">
<input type="text" value="<?php echo $username; ?>" class="form-input" name="username" placeholder="Your Name" required/>
</div>
<div class="form-group">
<input type="email" value="<?php echo $email; ?>" class="form-input" name="email" placeholder="Your Email Address" required/>
</div>
<div class="form-group">
<input type="password" class="form-input" name="password_1" placeholder="Your Password" required/>
<span toggle="#password" class="zmdi zmdi-eye field-icon toggle-password"></span>
</div>
<div class="form-group">
<input type="password" class="form-input" name="password_2" placeholder="Confirm your password" required/>
<span toggle="#password" class="zmdi zmdi-eye field-icon toggle-password"></span>
</div>
<div class="form-group">
<input type="submit" class="form-submit" value="Sign up"/>
</div>
</form>
I'm currently trying to complete this project for school and I would really appreciate some help.
I have been trying to learn PHP so I could extract data from my HTML and put it into my MySQL (which I'm accessing through XAMP). I have a problem that says:
The requested URL was not found on this server.
The link on the referring page seems to be wrong or outdated. Please inform the author of that page about the error.
If you think this is a server error, please contact the webmaster.' when I press the register button. I don't know what this means? I have a table called usertable in the database Login so I feel like it should work.
This is my PHP code:
<?php
session_start();
$con = mysqli_connect('localhost', 'root', 'ocr2020');
mysqli_select_db($con, 'login');
$name = $_POST['user'];
$pass = $_POST['pass'];
$fname= $_POST['forename'];
$sname = $_POST['surname'];
$mobile = $_POST['mobile'];
$email = $_POST['email'];
$dateofB= $_POST['dateB'];
$s= "select * from usertable where name='$name'";
$s2= "select * from usertable";
$result= mysqli_query($con,$s);
$num= mysqli_num_rows($result);
$num2= mysqli_num_rows($s2);
$id= $num2+1;
if($num==1){
echo" Username Is No Longer Available";
}else{
$reg= " insert into usertable(patientID, Forename, Surname, Username, Password, Email, Mobile,
DateOfBirth) values ('$id', '$fname', '$sname', '$name', '$pass', '$email', '$mobile', '$dateOfB')";
mysqli_query($con, $reg);
echo" Registration Successful";
}
?>
As I said, I would really appreciate any help or advice. Thanks!
Edit:
Here is the updated code having taken on everyone's comments:
<?php
ini_set('display_errors', 1);
ini_set('log_errors',1);
error_reporting(E_ALL);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);.
session_start();
$con = mysqli_connect('localhost', 'root', 'ocr2020');
mysqli_select_db($con, 'login');
$name = $_POST['user'];
$pass = $_POST['pass'];
$fname= $_POST['forename'];
$sname = $_POST['surname'];
$mobile = $_POST['mobile'];
$email = $_POST['email'];
$dateofB= $_POST['dateB'];
$s= "select * from usertable where name='$name'";
$result= mysqli_query($con,$s);
$num= mysqli_num_rows($result);
if($num>0){
echo" Username Is No Longer Available";
}else{
$reg= " insert into usertable(patientID, Forename, Surname, Username, Password, Email, Mobile, DateOfBirth) values ('$id', '$fname', '$sname', '$name', '$pass', '$email', '$mobile', '$dateOfB')";
mysqli_query($con, $reg);
echo" Registration Successful";
}
?>
Here is the code from the login.php page which is where I press the 'register button' and it creates the problem:
<html>
<section id="loginBox">
<div class="container">
<div class="login-box">
<div class="row">
<div class="col-md-6 login-left">
<h3> Login Here </h3>
<form action="registration.php" method="POST">
<div class="form-group">
<label> Username </label>
<input type="text" name="user" placeholder="Enter your username" class="form-control" required>
</div>
<div class="form-group">
<label> Password </label>
<input type="password" name="password" placeholder="Enter your password" class="form-control" required>
</div>
<button type="submit" class="btn btn-primary"> Login </button>
</form>
</div>
<div class="col-md-6 login-right">
<h3> Register Here </h3>
<form action="validation.php" method="POST">
<div class="form-group">
<label> Username </label>
<input type="text" name="user" placeholder="Enter your username" class="form-control" required>
</div>
<div class="form-group">
<label> Password </label>
<input type="password" name="password" placeholder="Enter your password" class="form-control" required>
</div>
<div class="form-group">
<label> Forename </label>
<input type="text" name="forename" placeholder="Enter your forename" class="form-control" required>
</div>
<div class="form-group">
<label> Surname </label>
<input type="text" name="surname" placeholder="Enter your surname" class="form-control" required>
</div>
<div class="form-group">
<label> Mobile</label>
<input type="text" name="mobile" placeholder="Enter your mobile" class="form-control" required>
</div>
<div class="form-group">
<label> Email </label>
<input type="text" name="email" placeholder="Enter your email" class="form-control" required>
</div>
<div class="form-group">
<label> Date of Birth</label>
<input type="date" name="dateB" placeholder="Enter your date of birth" class="form-control" required>
</div>
<button type="submit" class="btn btn-primary"> Register </button>
</form>
</div>
</div>
</div>
</div>
</section>
</body>
</html>
I want user login with username password and 4 digit pin code and code is in my db. Here is my code sample. If any one here can help me I would very much appreciate it:
<?php
if (isset($_POST['login'])) {
$user = $_POST['user'];
$pass = $_POST['pass'];
$pincode = $_POST['pincode'];
if (empty($user) OR empty($pincode)) {
echo "<script>alert('Please Fill All Required Field')</script>";
} else {
$select_user = "select * from users WHERE Username = '$user' AND Password ='$pass' pin-code ='?' ";
$run_user_sql = mysqli_query($conn, $select_user);
$check_customer = mysqli_num_rows($run_user_sql);
if ($check_customer ==false) {
echo "<script>alert('Username/Password Wrong')</script>";
exit();
}
if ($check_customer == true) {
$_SESSION['user'] = $user;
echo "<script>alert('You Are Logged In')</script>";
echo "<script>window.open('index.php?dashboard','_self')</script>";
}
}
}
?>
<form action="" method="post">
<div class="form-group">
<div class="form-label-group">
<input type="text" class="form-control" name="user" placeholder="Username" >
<label">Username</label>
</div>
</div>
<div class="form-group">
<div class="form-label-group">
<input type="password" class="form-control" name="pass" placeholder="Password" >
<label >Password</label>
</div>
</div>
<div class="form-group">
<div class="form-label-group">
<input type="text" class="form-control" name="pincode" placeholder="4-Digit Pin Code" >
<label >4-Digit Pin Code</label>
</div>
</div>
<div class="form-group">
<div class="checkbox">
<label>
<input type="checkbox" value="remember-me">
Remember Password
</label>
</div>
</div>
<input type="submit" class="btn btn-primary btn-block" name="login" value="Login">
</form>
Your code seems to be okay, but with a lot of security risks. However, your SQL command is wrong. Change it to the following:
$select_user = "select * from users WHERE Username = '$user' AND Password ='$pass' AND `pin-code` ='{$pincode}'";
I want show message about existing username under username input tag and when show the message other the data doesn't lose. But this codes don't work.
Here is my code for existing username:
<?php
//click register button
if(isset($_POST['register']))
{
//Retrieve the field values from our registration form.
$username = $_POST['username'];
//Now, we need to check if the supplied username already exists.
$sql = "SELECT COUNT(user_username) AS num FROM users WHERE user_username = :username";
$stmt = $dbh->prepare($sql);
$stmt->bindValue(':username', $username);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($row['num'] > 0){
echo "<script>";
echo "$(document).ready(function(){document.getElementById('existing_username').innerHTML = 'existing'})";
echo "</script> ";
//the following code is work but other data like name, password is lost in input element
//echo '<div class="alert alert-danger"> <b>'.$username.'</b> This username already exist!</div>';
} }
?>
And here is my code for input data:
<form action="register.php" method="post">
<div class="row">
<div class="col-sm-6">
<div class="form-group">
<label for="username"><b>USERNAME</b></label>
<input class="form-control" type="text" id="username" name="username">
</div>
</div>
</div>
<span class="text-danger" id="existing_username"></span>
<button class="btn btn-primary" type="submit" name="register" value="Register">Register</button>
</form>
when show the message other the data doesn't lose
What data?!
ok,so you should store the error message which is Username exist in a variable,like below :
<?php
//click register button
if(isset($_POST['register']))
{
//Retrieve the field values from our registration form.
$username = $_POST['username'];
//Now, we need to check if the supplied username already exists.
$sql = "SELECT COUNT(user_username) AS num FROM users WHERE user_username = :username";
$stmt = $dbh->prepare($sql);
$stmt->bindValue(':username', $username);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($row['num'] > 0){
echo "<script>";
echo "$(document).ready(function(){document.getElementById('existing_username').innerHTML = 'existing'})";
echo "</script> ";
$error = "<b>".$username."</b> :This username already exist!";
//this code is work but other data is lost
} }
?>
<form action="register.php" method="post">
<div class="row">
<div class="col-sm-6">
<div class="form-group">
<label for="username"><b>USERNAME</b></label>
<input class="form-control" type="text" id="username" name="username">
</div>
</div>
</div>
</form>
Check this answers too Embed Php in Html
You need to provide value attribute for your form fields. For example:
<input class="form-control" type="text" id="username" name="username" value="<?php echo $username ?>">
OR
<input class="form-control" type="text" id="name" name="name" value="<?php echo $name ?>">
etc.
Of course you need to define these variables in you code first. If form have been submitted - take them from $_POST. If not - set them as empty values.
Code example with 2 fields:
<?php
$name = null;
$username = null;
//click register button
if (isset($_POST['register'])) {
//Retrieve the field values from our registration form.
$name = $_POST['name'];
$username = $_POST['username'];
//Now, we need to check if the supplied username already exists.
$sql = "SELECT COUNT(user_username) AS num FROM users WHERE user_username = :username";
$stmt = $dbh->prepare($sql);
$stmt->bindValue(':username', $username);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row['num'] > 0) {
echo "<script>";
echo "$(document).ready(function(){document.getElementById('existing_username').innerHTML = 'existing'})";
echo "</script> ";
$error = "<b>".$username."</b> :This username already exist!";
//this code is work but other data is lost
}
}
?>
<form action="register.php" method="post">
<div class="row">
<div class="col-sm-6">
<div class="form-group">
<label for="name"><b>NAME</b></label>
<input class="form-control" type="text" id="name" name="name" value="<?php echo $name ?>">
</div>
</div>
</div>
<div class="row">
<div class="col-sm-6">
<div class="form-group">
<label for="username"><b>USERNAME</b></label>
<input class="form-control" type="text" id="username" name="username" value="<?php echo $username ?>">
</div>
</div>
</div>
<span class="text-danger" id="existing_username"></span>
<button class="btn btn-primary" type="submit" name="register" value="Register">Register</button>
</form>