i am trying to develop a login form so i got online and picked a code. i made a database called "company" with a table "login" having fields; Id, username and password. I have saved some entries in the table.
when i try to login i get a response; The page isn't redirecting properly;
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.This problem can sometimes be caused by disabling or refusing to accept cookies.
and i dont know whats wrong.
Below is my code:
index.php
<?php
include('login.php'); // Includes Login Script
if(isset($_SESSION['login_user'])){
header("location: profile.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login Form in PHP with Session</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="main">
<h1>PHP Login Session Example</h1>
<div id="login">
<h2>Login Form</h2>
<form action="" method="post">
<label>UserName :</label>
<input id="name" name="username" placeholder="username" type="text">
<label>Password :</label>
<input id="password" name="password" placeholder="**********" type="password">
<input name="submit" type="submit" value=" Login ">
<span><?php echo $error; ?></span>
</form>
</div>
</div>
</body>
</html>
login.php
<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
$error = "Username or Password is invalid";
}
else
{
// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$connection = mysqli_connect("localhost", "root", "", "company");
// To protect MySQL injection for Security purpose
// SQL query to fetch information of registerd users and finds user match.
$query = mysqli_query($connection, "select * from login where password='$password' AND username='$username'");
$rows = mysqli_num_rows($query);
if ($rows == 1) {
$_SESSION['login_user']=$username; // Initializing Session
} else {
$error = "Username or Password is incorrect";
}
mysqli_close($connection); // Closing Connection
}
}
?>
logout.php
<?php
session_start();
if(session_destroy()) // Destroying All Sessions
{
header("Location: index.php"); // Redirecting To Home Page
}
?>
profile.php
<?php
include('session.php');
?>
<!DOCTYPE html>
<html>
<head>
<title>Your Home Page</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="profile">
<b id="welcome">Welcome : <i><?php echo $login_session; ?></i></b>
<b id="logout">Log Out</b>
</div>
</body>
</html>
session.php
<?php
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$connection = mysqli_connect("localhost", "root", "","company");
session_start();// Starting Session
// Storing Session
$user_check=$_SESSION['login_user'];
// SQL Query To Fetch Complete Information Of User
$ses_sql=mysqli_query("select username from login where username='$user_check'", $connection);
$row = mysqli_fetch_assoc($ses_sql);
$login_session =$row['username'];
if(!isset($login_session)){
mysqli_close($connection); // Closing Connection
header('Location: index.php'); // Redirecting To Home Page
}
?>
thank you.
Problem solved.
I have connected to another table with more fields thats is; id, firstname, username and password.
I edited the session.php and changed the mysqli_query using Firstname where Username is $user_check. Im now printing the name of the logged in user.
Thank you guys.
Related
This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
PHP code is not being executed, but the code shows in the browser source code
(35 answers)
Closed 3 years ago.
I created a simple login page using mysql and php.
I do not use a register form so I manually added user data to DB i created prior to that.
The form should redirect me to welcome page or display a error message if the login was not successful, but the form just displays a php code (bellow). If nothing else, the form should at least return error message... I checked the php code and it seems fine to me so i do not know what more to do?
I am using Index.php, login.php, session.php, profile.php (welcome page) and logout.php. I am adding all of these here:
INDEX.PHP
<?php
include('login.php');
if(isset($_SESSION['login_user'])){
header("location: profile.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Prijava</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="login">
<img src="http://granital.owjej.org/wp-content/uploads/2019/02/granital1-1-300x75.png" class="logo" alt="" width="300" height="75" />
<h2>Prijava v sistem</h2>
<form action="login.php" method="post">
<input id="name" name="username" placeholder="Uporabniško ime" type="text">
<input id="password" name="password" placeholder="Geslo" type="password"><br><br>
<input name="submit" type="submit" value=" Prijava">
<span><?php echo $error; ?></span>
</form>
</div>
</body>
</html>
LOGIN.PHP
<?php
session_start();
$error = '';
if (isset($_POST['submit'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
$error = "Username or Password is invalid";
} else {
$username = $_POST['username'];
$password = $_POST['password'];
$conn = mysqli_connect("localhost", "owjej_david", "dadadada", "owjej_kalkulator");
$query = "SELECT username, password from login where username=? AND password=? LIMIT 1";
$stmt = $conn->prepare($query);
$stmt->bind_param("ss", $username, $password);
$stmt->execute();
$stmt->bind_result($username, $password);
$stmt->store_result();
if ($stmt->fetch()) {
$_SESSION['login_user'] = $username;
header("location: profile.php");
}
mysqli_close($conn);
}
}
?>
LOGOUT.PHP
<?php
session_start();
if(session_destroy()) {
header("Location: index.php");
}
?>
PROFILE.PHP
<?php
include('session.php');
if(!isset($_SESSION['login_user'])){
header("location: index.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Your Home Page</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="profile">
<b id="welcome">Welcome : <i><?php echo $login_session; ?></i></b>
<b id="logout">Log Out</b>
</div>
</body>
</html>
SESSION.PHP
<?php
$conn = mysqli_connect("localhost", "owjej_david", "dadadada", "owjej_kalkulator");
session_start();
$user_check = $_SESSION['login_user'];
$query = "SELECT username from login where username = '$user_check'";
$ses_sql = mysqli_query($conn, $query);
$row = mysqli_fetch_assoc($ses_sql);
$login_session = $row['username'];
?>
I keep getting redirected to a page that contains this php code, so I think something might be wrong with my php code?
ERROR HERE
Thanks for your help and sorry for a long post.
Whats the best way to display user-friendly error messages when username or password is empty for example or failed to login.
Is there a way to set textbox with specific text when error apears?
Index.php file. Has a textbox called "Error" and i want to display error msg when error happens into the textbox.
<?php
include 'login.php';
?>
<html>
<head>
<title>Form site</title>
<link rel="stylesheet" type ="text/css" href="style.css">
</head>
<body>
<img src="imge/logo.png" id="logo" width="270" height="130">
<div id ="frm">
<form method="post" action="login.php">
<p>
Username : <input type="text" name="username" id="username" ><br><br>
Password : <input type="password" name="password" id="password"><br><br>
<input type="submit" value="Login" id="btn" name="submit">
<input type="text" value="Error" id="Error" name="Error">
</p>
</div>
</form>
</body>
</html>
Login.php file. Where i handle the errors. Is there a way when error happens to echo it to the textbox? At the moment i have no clue how to handle and inform user about these errors. Any suggestions will be appreciated! :)
<?php
if($_SERVER["REQUEST_METHOD"] == "POST"){
if(empty($_POST['username']) || empty($_POST['password'])){
header("Location: index.php");
// FIRST ERROR
}
else
{
//Define $user and $pass
$user=$_POST['username'];
$pass=$_POST['password'];
//Establishing Connection with server by passing server_name, user_id and pass as a patameter
$conn = mysqli_connect("localhost", "root", "");
//Selecting Database
$db = mysqli_select_db($conn, "loginsystem");
//sql query to fetch information of registerd user and finds user match.
$query = mysqli_query($conn, "SELECT * FROM users WHERE Password ='$pass' AND Username ='$user'");
$rows = mysqli_num_rows($query);
if($rows == 1){
header("Location: welcome.php"); // Redirecting to other page
}
else
{
header("Location: index.php");
//SECOND ERROR
}
mysqli_close($conn); // Closing connection
}
}
?>
Use php to echo a JavaScript alert as follows:
if(empty($_POST['username']) || empty($_POST['password']))
{ echo “ alert(‘Invalid combination’) ”; }
At University here we have some mysql table structures that has been created by a previous coder/guy. The structure itself is clean and perfect. We use the data from MySQL in order to login into the system. the login system which is in PHP works fine with $username and $password with sessions.
Problem:
We have table for each of us (users) with a expire date. The date which we need everytime swap our security cards. However, i would like to fetch/echo this expire date table and insert into everyones profile.php as soon they login.
The problem here is that it looks like the previous coder has used json.
Example:
table structure: username, password, expdate
Only the table expdate is coded in json (i think), because it has something like: 1544301180 or NULL -> which NULL indicates UNLIMITED and 1544301180 some kind of date. This date is at the moment non-human readable.
How can I implement it?
I will show you the complete php content:
INDEX.PHP (where people do the login)
<?php
include('login.php'); // Includes Login Script
if(isset($_SESSION['login_user'])){
header("location: profile.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login Form in PHP with Session</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="main">
<h1>PHP Login Session Example</h1>
<div id="login">
<h2>Login Form</h2>
<form action="" method="post">
<label>UserName :</label>
<input id="name" name="username" placeholder="username" type="text">
<label>Password :</label>
<input id="password" name="password" placeholder="**********" type="password">
<input name="submit" type="submit" value=" Login ">
<span><?php echo $error; ?></span>
</form>
</div>
</div>
</body>
</html>
LOGIN.PHP (the config and connection to mysql db)
<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
$error = "Username or Password is invalid";
}
else
{
// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$connection = mysql_connect("localhost", "changed", "changed");
// To protect MySQL injection for Security purpose
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
// Selecting Database
$db = mysql_select_db("unibebio", $connection);
// SQL query to fetch information of registerd users and finds user match.
$query = mysql_query("select * from users where password='$password' AND username='$username'", $connection);
$rows = mysql_num_rows($query);
if ($rows == 1) {
$_SESSION['login_user']=$username; // Initializing Session
header("location: profile.php"); // Redirecting To Other Page
} else {
$error = "Username or Password is invalid";
}
mysql_close($connection); // Closing Connection
}
}
?>
SESSION.PHP (user session checker)
<?php
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$connection = mysql_connect("localhost", "changed", "changed");
// Selecting Database
$db = mysql_select_db("unibebio", $connection);
session_start();// Starting Session
// Storing Session
$user_check=$_SESSION['login_user'];
// SQL Query To Fetch Complete Information Of User
$ses_sql=mysql_query("select username from users where username='$user_check'", $connection);
$row = mysql_fetch_assoc($ses_sql);
$login_session =$row['username'];
if(!isset($login_session)){
mysql_close($connection); // Closing Connection
header('Location: index.php'); // Redirecting To Home Page
}
?>
All this works fine, till we are landing in PROFILE.PHP, which we need to show human readable expiration date format. But i have no clue how to do it and or implement it:
<?php
include('session.php');
?>
<!DOCTYPE html>
<html>
<head>
<title>UNIBE BIOCHEMIE</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="profile">
<b id="welcome">Welcome : <i><?php echo $login_session; ?></i></b>
<b id="logout">Log Out</b>
</div>
</body>
</html>
As you can see, it works and it echo's the username from the table of that specific user.
But how can I do the same for the expiration date that is (I think) json encoded?
As I said, the table structure is: username, password, expdate
I'm trying out a login page example in php. I get the error: This webpage has a redirect loop
Details say: Error code: ERR_TOO_MANY_REDIRECTS
Here's my code:
index.php
<?php
include('login.php'); // Includes Login Script
if(isset($_SESSION['login_user'])){
header("location: profile.php");
}
?>
<form action="" method="post">
<label>UserName :</label>
<input id="name" name="username" placeholder="username" type="text">
<label>Password :</label>
<input id="password" name="password" placeholder="**********" type="password">
<input name="submit" type="submit" value=" Login ">
<span><?php echo $error; ?></span>
</form>
login.php
<?php
session_start();
$error='';
if (isset($_POST['submit'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
$error = "Username or Password is invalid";
}
else
{
$username=$_POST['username'];
$password=$_POST['password'];
$connection = mysql_connect("localhost", "root", "");
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$db = mysql_select_db("rjtest", $connection);
$query = mysql_query("select * from login where myPassword='$password' AND myUserName='$username'", $connection);
$rows = mysql_num_rows($query);
if ($rows == 1) {
$_SESSION['login_user']=$username;
header("location: profile.php");
} else {
$error = "Username or Password is invalid";
}
}
}
?>
profile.php
<?php
include('session.php');
?>
<!DOCTYPE html>
<html>
<head>
<title>Your Home Page</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="profile">
<b id="welcome">Welcome : <i><?php echo $login_session; ?></i></b>
<b id="logout">Log Out</b>
</div>
</body>
</html>
session.php
<?php
$connection = mysql_connect("localhost", "root", "");
$db = mysql_select_db("rjtest", $connection);
session_start();
$user_check=$_SESSION['login_user'];
$ses_sql=mysql_query("select myUsername from login where myUsername='$user_check'", $connection);
$row = mysql_fetch_assoc($ses_sql);
$login_session =$row['username'];
if(!isset($login_session)){
header('Location: index.php');
}
?>
And logout.php
<?php
session_start();
if(session_destroy())
{
header("Location: index.php");
}
?>
I can't seem figure out why. The site where I got this code is now inactive, so that's why Im asking this here. Hope you guys could help me out. Sorry for the long post though.
Comment to answer:
What I think is going on is that your code is erroring out and you're not seeing it, causing it to fight against what it should be showing you as an error.
You have $login_session =$row['username']; using the "username" as the row, but you're not selecting it in your query select myUsername from login where myUsername.
So, I'm thinking that if that row doesn't in fact exist, you'd need to do
$login_session =$row['myUsername'];
I have just setup Apache and Mysql on my server and trying to create a website with a session based login system. I have followed the tutorial from this link: http://www.formget.com/login-form-in-php/
Everything seems fine except when testing the login. Once I have entered a correct username and password combination it fails to login succesfully as Chrome shows an error as such
I do not have an .htaccess file on my server, and I am sure the login details are correct as the URL shown on the address bar is pointing to the dashboard page (profile.php according to the tutorial) supposed to be shown on a successful login.
The source code for the login.php page where the querying of the database is done is as follows:
<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
$error = "Username or Password is invalid";
}
else
{
// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$connection = mysql_connect("localhost", "root", "");
// To protect MySQL injection for Security purpose
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
// Selecting Database
$db = mysql_select_db("company", $connection);
// SQL query to fetch information of registerd users and finds user match.
$query = mysql_query("select * from login where password='$password' AND username='$username'", $connection);
$rows = mysql_num_rows($query);
if ($rows == 1) {
$_SESSION['login_user']=$username; // Initializing Session
header("location: profile.php"); // Redirecting To Other Page
} else {
$error = "Username or Password is invalid";
}
mysql_close($connection); // Closing Connection
}
}
?>
The login page (index.php) is as follows:
<?php
include('login.php'); // Includes Login Script
if(isset($_SESSION['login_user'])){
header("location: profile.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login Form in PHP with Session</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="main">
<h1>PHP Login Session Example</h1>
<div id="login">
<h2>Login Form</h2>
<form action="" method="post">
<label>UserName :</label>
<input id="name" name="username" placeholder="username" type="text">
<label>Password :</label>
<input id="password" name="password" placeholder="**********" type="password">
<input name="submit" type="submit" value=" Login ">
<span><?php echo $error; ?></span>
</form>
</div>
</div>
</body>
</html>
When trying to login using Internet Explorer, IE gets stuck on trying to load the next page (just shows the waiting message with the loading icon).
I have chmod my files based on the link: http://fideloper.com/user-group-permissions-chmod-apache
(replaced /var/www with /var/www/html where all my files are at).
EDIT: Code for profile.php (and session.php)
<?php
include('session.php');
?>
<!DOCTYPE html>
<html>
<head>
<title>Your Home Page</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="profile">
<b id="welcome">Welcome : <i><?php echo $login_session; ?></i></b>
<b id="logout">Log Out</b>
</div>
</body>
</html>
session.php
<?php
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$connection = mysql_connect("localhost", "root", "");
// Selecting Database
$db = mysql_select_db("company", $connection);
session_start();// Starting Session
// Storing Session
$user_check=$_SESSION['login_user'];
// SQL Query To Fetch Complete Information Of User
$ses_sql=mysql_query("select username from login where username='$user_check'", $connection);
$row = mysql_fetch_assoc($ses_sql);
$login_session =$row['username'];
if(!isset($login_session)){
mysql_close($connection); // Closing Connection
header('Location: index.php'); // Redirecting To Home Page
}
?>