I'm building a simple user login page when I put in my username and password nothing happens, it seems like its not connected to the database
here's my html code with some CSS and my php code that is below this code:
<!DOCTYPE html>
<html lang="en">
<head>
<!-- Required meta tags -->
<meta charset="utf-8">
<meta name="viewport"
content="width=device-width, initial-scale=1, shrink-to-fit=no">
<!-- Bootstrap CSS -->
<link rel="stylesheet" href="/css/bootstrap.min.css">
<title>Intacs Login</title>
<!-- inner css -->
<style>
#login_logo {
margin: 15px 10px 10px 0;
display: block;
margin-left: auto;
margin-right: auto;
}
.container{
background-color: white;
border-radius: 30px;
border-color: lightgray;
border-style:outset;
width: 320px;
margin-top: 30px;
margin:auto;
padding-top: 50px;
padding-bottom: 50px;
}
#login_table{
margin-top: auto;
margin-left: auto;
margin-right: auto;
}
#login_remember{
text-align: center;
}
</style>
</head>
<body>
<!-- Optional JavaScript -->
<!-- jQuery first, then Popper.js, then Bootstrap JS -->
<script src="/js/jquery-3.3.1.slim.min.js"></script>
<script src="/js/popper.min.js"></script>
<script src="/js/bootstrap.min.js"></script>
<!-- HTML code -->
<div class="container">
<div id="login_form">
<div id="login_block">
<img id="login_logo" src="img/Intacs Master Logo.jpg"
width="187" height="63"> <!--div container-->
</div>
</div>
<table id="login_table" cellspacing="1" cellpadding="3" border="0">
<tbody>
<tr>
<form method="post" action="connect.php"> <!--form to connect to php file called connect.php -->
<th>Username: </th>
<td>
<input type="text" name="username" id="usernamefield" class="loginfield" validate="/^[a-z0-9_]{2,}$/i" valmsg="Please enter a valid username." value="" size="14" maxlength="32">
</td>
</tr>
<tr>
<th>Password: </th>
<td nowrap="nowrap">
<input type="password" name="password"
id="passwordfield" class="loginfield" validate="/^[^\s]{4,}$/"
valmsg="Please enter a valid password." value="" size="14"
maxlength="32">
</td>
</form>
</tr>
</tbody>
</table>
<div id="login_remember"><input type="checkbox" name="remember" value="1"> Remember me</div>
<br />
<center><input type="submit" value="Submit"></center>
</body>
</html>
<?php
function Db() {
$host = "localhost:8888";
$username = "root";
$password = "";
$db = "intacslogin";
$conn = new mysqli($host, $username, $password, $db);
if(!$conn){
die("Could not connect");
}
}
if(isset($_POST['login'])){
$uid = trim ($_POST['username']);
$pwd = trim($_POST['password']);
if($uid ==""){
$err[] = "Username is missing";
} else if($pwd == ""){
$err[] = "Password is missing";
} else{
$db = Db();
$uid = $db->real_escape_string($uid);
$pwd = $db->real_escape_string($pwd);
$sql = "SELECT * FROM users
WHERE username = '$uid'
and password = '$pwd'";
$result = $db->query($sql);
}
}
?>
Please Help thanks and happy coding thanks for your help.
Its a small personal project
<?php
//THIS FUNCTION SHOULD RETURN A CONNECTION TO BE USED IN A QUERY
function Db() {
$host = "localhost:8888";
$username = "root";
$password = "";
$db = "intacslogin";
//MAKE SURE U CONFIRM A SUCCESSFULL CONNECTION LIKE SO
if ($conn = new mysqli($host, $username, $password, $db)) {
return $conn;
}else {
return false;
}
//if(!$conn){
// die("Could not connect");
//}
}
if(isset($_POST['login'])){
$uid = trim ($_POST['username']);
$pwd = trim($_POST['password']);
if($uid ==""){
$err[] = "Username is missing";
} else if($pwd == ""){
$err[] = "Password is missing";
} else{
if (!$conn) {
//you can die() becouse it returned false
}else {
//proced when we a valid connection
//dont use $db use $conn
$uid = $conn->real_escape_string($uid);
$pwd = $conn->real_escape_string($pwd);
$sql = "SELECT * FROM users
WHERE username = '$uid'
and password = '$pwd'";
$result = $conn->query($sql);
}
}
}
?>
Related
MY dbMySql.PHP FILE CODING
<?php
define('DB_SERVER','localhost');
define('DB_USER','root');
define('DB_PASS' ,'');
define('DB_NAME', 'dbtuts');
class DB_con
{
function __construct()
{
global $conn;
$conn = mysql_connect(DB_SERVER,DB_USER,DB_PASS) or die('localhost connection problem'.mysql_error());
mysql_select_db(DB_NAME);
}
public function insert($fname,$lname,$city)
{
$sql = "INSERT users(first_name,last_name,user_city)VALUES('$fname','$lname','$city')";
$res = mysql_query($sql);
return $res;
}
public function select()
{
// $db=new DB_con();
// $db->__construct();
$sql = "SELECT * FROM users";
$res=mysql_query($sql);
// return $conn;
return $res;
}
}
?>
MY index.php FILE
<?php
include_once 'dbMySql.php';
$con = new DB_con();
$table = "users";
$res=$con->select($table);
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<center>
<div id="header">
<div id="content">
<label></label>
</div>
</div>
<div id="body">
<div id="content">
<table align="center">
<tr>
<th colspan="3">ADD</th>
</tr>
<tr>
<th>First Name</th>
<th>Last Name</th>
<th>City</th>
</tr>
<?php
while($row=mysql_fetch_row($res))
{
?>
<tr>
<td><?php echo $row[1]; ?></td>
<td><?php echo $row[2]; ?></td>
<td><?php echo $row[3]; ?></td>
</tr>
<?php
}
?>
</table>
</div>
</div>
<div id="footer">
<div id="content">
<hr /><br/>
<label>Appxone Private Limited</label>
</div>
</div>
</center>
</body>
</html>
MY add_data.php FILE CODING
<?php
include_once 'dbMySql.php';
$con = new DB_con();
// data insert code starts here.
if(isset($_POST['btn-save']))
{
$fname = $_POST['first_name'];
$lname = $_POST['last_name'];
$city = $_POST['city_name'];
$res=$con->insert($fname,$lname,$city);
if($res)
{
?>
<script>
alert('Record inserted...');
window.location='index.php'
</script>
<?php
}
else
{
?>
<script>
alert('error inserting record...');
window.location='index.php'
</script>
<?php
}
}
// data insert code ends here.
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PHP Data Insert and Select Data Using OOP - By Cleartuts</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<center>
<div id="header">
<div id="content">
<label>PHP Data Insert and Select Data Using OOP - By Cleartuts</label>
</div>
</div>
<div id="body">
<div id="content">
<form method="post">
<table align="center">
<tr>
<td><input type="text" name="first_name" placeholder="First Name" required /></td>
</tr>
<tr>
<td><input type="text" name="last_name" placeholder="Last Name" required /></td>
</tr>
<tr>
<td><input type="text" name="city_name" placeholder="City" required /></td>
</tr>
<tr>
<td>
<button type="submit" name="btn-save"><strong>SAVE</strong></button></td>
</tr>
</table>
</form>
</div>
</div>
</center>
</body>
</html>
MY style.css Coding is
#charset "utf-8";
/* CSS Document */
*
{
margin:0;
padding:0;
}
#header
{
width:100%;
height:50px;
background:#00a2d1;
color:#f9f9f9;
font-family:"Lucida Sans Unicode", "Lucida Grande", sans-serif;
font-size:35px;
text-align:center;
}
#header a
{
color:#fff;
text-decoration:blink;
}
#body
{
margin-top:50px;
}
table
{
width:40%;
font-family:Tahoma, Geneva, sans-serif;
font-weight:bolder;
color:#999;
margin-bottom:80px;
}
table a
{
text-decoration:none;
color:#00a2d1;
}
table,td,th
{
border-collapse:collapse;
border:solid #d0d0d0 1px;
padding:20px;
}
table td input
{
width:97%;
height:35px;
border:dashed #00a2d1 1px;
padding-left:15px;
font-family:Verdana, Geneva, sans-serif;
box-shadow:0px 0px 0px rgba(1,0,0,0.2);
outline:none;
}
table td input:focus
{
box-shadow:inset 1px 1px 1px rgba(1,0,0,0.2);
outline:none;
}
table td button
{
border:solid #f9f9f9 0px;
box-shadow:1px 1px 1px rgba(1,0,0,0.2);
outline:none;
background:#00a2d1;
padding:9px 15px 9px 15px;
color:#f9f9f9;
font-family:Arial, Helvetica, sans-serif;
font-weight:bolder;
border-radius:3px;
width:100%;
}
table td button:active
{
position:relative;
top:1px;
}
#footer
{
margin-top:50px;
position:relative;
bottom:30px;
font-family:Verdana, Geneva, sans-serif;
}
all code is working and data insert successfully and show but if you see above first file i am using mysql,i want to use mysqli but issue is that when show $conn as a global variable (because mysqli needed 2 parameters) and use in mysqli($sql,$conn),error show undefined variable $conn why?
Use $this for access variables in your class
define('DB_SERVER','localhost');
define('DB_USER','root');
define('DB_PASS' ,'');
define('DB_NAME', 'dbtuts');
class DB_con {
private $conn;
function __construct() {
$this->conn = mysqli_connect(DB_SERVER,DB_USER,DB_PASS) or die('localhost connection problem'.mysql_error());
mysqli_select_db($this->conn, DB_NAME);
}
public function insert($fname,$lname,$city) {
$sql = "INSERT users(first_name,last_name,user_city)VALUES('$fname','$lname','$city')";
$res = mysqli_query($this->conn, $sql);
return $res;
}
public function select() {
// $db=new DB_con();
// $db->__construct();
$sql = "SELECT * FROM users";
$res = mysqli_query($this->conn, $sql);
// return $conn;
return $res;
}
}
i tried create login page, but it says "Notice: Undefined variable: error in .....\login.php on line 68"
after i re-check me already declare that $error variable before, what kind solution to solve this problem ?
line 68 is :
<div style = "font-size:11px; color:#cc0000; margin-top:10px"><?php if($error){echo $error;} ?></div>
and here's the code
<?php
include("connection.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST") {
// username and password sent from form
$myusername = mysqli_real_escape_string($db,$_POST['username']);
$mypassword = mysqli_real_escape_string($db,$_POST['password']);
$sql = "SELECT id FROM tb_user WHERE username = '$myusername' and password = '$mypassword'";
$result = mysqli_query($db,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$active = $row['active'];
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1) {
session_register("myusername");
$_SESSION['login_user'] = $myusername;
header("location: welcome.php");
}else {
$error = "user atau password anda salah";
}
}
?>
<html>
<head>
<title>Login Page</title>
<style type = "text/css">
body {
font-family:Arial, Helvetica, sans-serif;
font-size:14px;
}
label {
font-weight:bold;
width:100px;
font-size:14px;
}
.box {
border:#666666 solid 1px;
}
</style>
<div align = "center">
<div style = "width:300px; border: solid 1px #333333; " align = "left">
<div style = "background-color:#333333; color:#FFFFFF; padding:3px;"><b>Login</b></div>
<div style = "margin:30px">
<form action = "" method = "post">
<label>UserName :</label><input type = "text" name = "username" class = "box"/><br /><br />
<label>Password :</label><input type = "password" name = "password" class = "box" /><br/><br />
<input type = "submit" value = " Submit "/><br />
</form>
<div style = "font-size:11px; color:#cc0000; margin-top:10px"><?php if($error){echo $error;} ?></div>
</div>
</div>
</div>
// try out this
<div style = "font-size:11px; color:#cc0000; margin-top:10px"><?php if(isset($error)){echo $error;} ?></div>
Check to see if it's empty first to avoid the notice
if(!empty($error)){echo $error;}
Try this :
if(isset($_REQUEST['error']))
$error= $_REQUEST['error'];
else
$error= "";
I am beginner in php.
I am trying to make a login form(index1.php).
It works fine if i redirect it to login.php using "action" attribute in form tag.
But i also want some validations on same index form.So, i am redirecting it to "login.php" using header function and not in "action" attribute.
No matter if i enter correct username and password or not, it is giving me errors of invalid variables '$username' and '$password' while executing the last else too of login.php(//that user doesnt exist).
Please help me in knowing whats wrong with my code and what should i do to make it run with login.php?
Here is the code of index1.php
<!DOCTYPE HTML>
<html>
<head><br>
<style>
.error {color: #FF0000;}
</style>
</head>
<body style="font-family: verdana, sans-serif;";>
<hr />
<div style="width: 77%; height: 300px; padding: 30px; border: 5px solid #e3e3e3; background-color: #F8F8F8 ; color: #000; margin: 100px;" align="center">
<br>
<?php
$username=$password="";
$Err="";
if($_SERVER['REQUEST_METHOD']== "POST")
{
$valid = true;
if ((empty($_POST["username"])) || (empty($_POST["password"])))
{
$Err = "Please Enter your username and password";
$valid = false;
}
else
{
$username = test_input($_POST["username"]);
$password = test_input($_POST["password"]);
}
if($valid)
{
header("location:login.php");
}
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<span class="error"><?php echo $Err; ?></span>
<h2>Login</h2>
<form action="menubar.php?page=index1" method="post">
<font size="3">Username:<input type="text" name="username" style="padding: 4px;"/><p>
Password: <input type="password" name="password" style="padding: 4px;"/><p>
<input type="submit" value="Login" style="padding: 4px; width: 5em; height: 1.9em;"/></font>
</form>
<h5> No Account?Register!</h5>
</div>
</body>
</html>
And here is the code of login.php.
<?php
session_start();
$username=$_POST["username"];
$password=$_POST["password"];
$message[]="Fill up both username and password";
$connect=mysql_connect("localhost","root","") or die("Couldnt connect to Database");
mysql_select_db("login") or die("Couldnt find Database");
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if($numrows!==0)//username exists in database
{
while($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if($username==$dbusername&&$password==$dbpassword)//valid username and password
{
$_SESSION['username'] = $username;
header("Location: menubar.php?page=home");
}
else//incorrect password or username
die("incorrect password or username");
}
else//that user doesnt exit
die("that user doesnt exit");//
?>
Okay, Now i used 'sqli' instead
Here is that updated login.php code
<?php
session_start();
$username=$_POST["username"];
$password=$_POST["password"];
$message[]="Fill up both username and password";
$connect=mysqli_connect("localhost","root","") or die("Couldnt connect to Database");
mysqli_select_db($connect,'login') or die("Couldnt find Database");
$query = mysqli_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysqli_num_rows($query);
if($numrows!==0)//username exists in database
{
while($row = mysqli_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if($username==$dbusername&&$password==$dbpassword)//valid username and password
{
$_SESSION['username'] = $username;
header("Location: menubar.php?page=home");
}
else//incorrect password or username
die("incorrect password or username");
}
else//that user doesnt exit
die("that user doesnt exit");//
?>
Now after updating i am not getting errors of invalid variables .
But it still not going on correctly.No matter whether i enter correct username and password or not, it is executing the innermost if i.e. (//valid username and password)
Thanks....
As already suggested, put all your PHP code before any HTML output
You are not passing the POST variables with the header() function, you can either use sessions or POST to the same page
So your code would be something like this
<?php
$username=$password="";
$Err="";
if($_SERVER['REQUEST_METHOD']== "POST")
{
$valid = true;
if ((empty($_POST["username"])) || (empty($_POST["password"])))
{
$Err = "Please Enter your username and password";
$valid = false;
}
else
{
$username = test_input($_POST["username"]);
$password = test_input($_POST["password"]);
}
if($valid)
{
include("login.php");
}
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<!DOCTYPE HTML>
<html>
<head><br>
<style>
.error {color: #FF0000;}
</style>
</head>
<body style="font-family: verdana, sans-serif;";>
<hr />
<div style="width: 77%; height: 300px; padding: 30px; border: 5px solid #e3e3e3; background-color: #F8F8F8 ; color: #000; margin: 100px;" align="center">
<br>
<span class="error"><?php echo $Err; ?></span>
<h2>Login</h2>
<form action="menubar.php?page=index1" method="post">
<font size="3">Username:<input type="text" name="username" style="padding: 4px;"/><p>
Password: <input type="password" name="password" style="padding: 4px;"/><p>
<input type="submit" value="Login" style="padding: 4px; width: 5em; height: 1.9em;"/></font>
</form>
<h5> No Account?Register!</h5>
</div>
</body>
</html>
The problem in your code is in login.php, $_POST["username"] and $_POST["password"] was never been set so it the best thing you could do is not to use header and just use require_once
<!DOCTYPE HTML>
<html>
<head><br>
<style>
.error {color: #FF0000;}
</style>
</head>
<body style="font-family: verdana, sans-serif;";>
<hr />
<div style="width: 77%; height: 300px; padding: 30px; border: 5px solid #e3e3e3; background-color: #F8F8F8 ; color: #000; margin: 100px;" align="center">
<br>
<?php
$username=$password="";
$Err="";
if($_SERVER['REQUEST_METHOD']== "POST"){
$valid = true;
if ((empty($_POST["username"])) || (empty($_POST["password"]))){
$Err = "Please Enter your username and password";
$valid = false;
}else{
$username = test_input($_POST["username"]);
$password = test_input($_POST["password"]);
}
if($valid)
{
require_once('login.php');
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<span class="error"><?php echo $Err; ?></span>
<h2>Login</h2>
<form action="menubar.php?page=index1" method="post">
<font size="3">Username:<input type="text" name="username" style="padding: 4px;"/><p>
Password: <input type="password" name="password" style="padding: 4px;"/><p>
<input type="submit" value="Login" style="padding: 4px; width: 5em; height: 1.9em;"/></font>
</form>
<h5> No Account?Register!</h5>
</div>
</body>
</html>
It is very important to note that you should have not sent any output to the client before setting the header-
header("Location: menubar.php?page=home");//or login.php
So before sending any data validate your data and set the header, if invalid data else send the normal data.
Update: Below is complete tested code
index1.php
<?php session_start();?>
<!DOCTYPE HTML>
<html>
<head><br>
<style>
.error {color: #FF0000;}
</style>
</head>
<body style="font-family: verdana, sans-serif;";>
<hr />
<div style="width: 77%; height: 300px; padding: 30px; border: 5px solid #e3e3e3; background-color: #F8F8F8 ; color: #000; margin: 100px;" align="center">
<br>
<?php if(isset($_SESSION['message'])){ echo "<span class='error'>".$_SESSION['message']."</span>"; $_SESSION['message']=null;}?>
<h2>Login</h2>
<form action="login.php" method="post">
<font size="3">Username:<input type="text" name="username" style="padding: 4px;"/><p>
Password: <input type="password" name="password" style="padding: 4px;"/><p>
<input type="submit" value="Login" style="padding: 4px; width: 5em; height: 1.9em;"/></font>
</form>
<h5> No Account?Register!</h5>
</div>
</body>
</html>
login.php
<?php
session_start();
$username=$password="";
$Err="";
if($_SERVER['REQUEST_METHOD']== "POST")
{
$valid = true;
if ((empty($_POST["username"])) || (empty($_POST["password"])))
{
$Err = "Please Enter your username and password";
$valid = false;
}
else
{
$username = test_input($_POST["username"]);
$password = test_input($_POST["password"]);
}
if($valid) {
$valid = false;//reset $valid value to validate for Database test
//$username=$_POST["username"];
//$password=$_POST["password"];
//$message[]="Fill up both username and password";
$connect=mysqli_connect("localhost","root","") or die("Couldnt connect to Database");
mysqli_select_db($connect,'login') or die("Couldnt find Database");
//Note: mysqi_query() returns results of query
$result = mysqli_query($connect, "SELECT * FROM users WHERE username='$username'");//update here pass the $connect parameter
$numrows = mysqli_num_rows($result);//change here
if($numrows!==0)//username exists in database
{
$dbusername = null;//move it up for visibility after while block
$dbpassword = null;
while($row = mysqli_fetch_assoc($result))//Note here pass the result
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if($username == $dbusername&&$password==$dbpassword)//valid username and password
{
$_SESSION['username'] = $username;
header("Location: menubar.php?page=home");//the landing page
die();
}
else{
//incorrect password or username
$Err = "incorrect password or username";
$valid = false;
}
}
else {
//that user doesnt exit
$Err = "that user doesnt exit";
$valid = false;
}
//header("location:index.php");
}
if(!$valid) {
$_SESSION['message'] = $Err;//Put the message in $_SESSION variable
header("location:index1.php");
}
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
menubar.php
<?php
session_start();
$page=isset($_GET["page"])?$_GET["page"]:"";
if(isset($page)) {
header("location: ".$page.".php");
} else {
header("location: 404.php");
}
?>
That is because you have an output:
?>
<?php
results in blank line output.
header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP
Combine all your PHP codes and make sure you don't have any spaces at the beginning of the file.
also after header('location: index.php'); add exit(); if you have any other scripts bellow.
Also move your redirect header after the last if.
I want to be able to change the PHP variables $dispname and $banstat in the code below with a HTML form.
<?php
if (isset($_GET['p']) && $_GET['p'] == "login") {
$servername = "localhost";
$username = "foo";
$password = "bar";
$dbname = "wordpress";
$banstat = '1';
$dispname = "Brendan";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "UPDATE wp_oxygenpurchaseusers SET user_url=$banstat WHERE display_name=$dispname";
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
}
?>
</script>
<link href="http://jotform.us/static/formCss.css?3.3.8019" rel="stylesheet" type="text/css" />
<link type="text/css" rel="stylesheet" href="http://jotform.us/css/styles/nova.css?3.3.8019" />
<link type="text/css" media="print" rel="stylesheet" href="http://jotform.us/css/printForm.css?3.3.8019" />
<style type="text/css">
.form-label-left{
width:150px !important;
}
.form-line{
padding-top:12px;
padding-bottom:12px;
}
.form-label-right{
width:150px !important;
}
.form-all{
width:650px;
color:#555 !important;
font-family:"Lucida Grande", "Lucida Sans Unicode", "Lucida Sans", Verdana, sans-serif;
font-size:14px;
}
</style>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="post">
<input type="hidden" name="formID" value="51970718174158" />
<div class="form-all">
<ul class="form-section page-section">
<li id="cid_4" class="form-input-wide" data-type="control_head">
<div class="form-header-group">
<div class="header-text httal htvam">
<h2 id="header_4" class="form-header">
Ban Tool
</h2>
</div>
</div>
</li>
<form action="<?php echo $_SERVER['PHP_SELF']; ?> method="post">
Name: <input type="text" name="dispname"><br>
E-mail: <input type="text" name="banstat"><br>
<input type="submit">
</form>
<li style="display:none">
Should be Empty:
<input type="text" name="website" value="" />
</li>
</ul>
</div>
<input type="hidden" id="simple_spc" name="simple_spc" value="51970718174158" />
<script type="text/javascript">
document.getElementById("si" + "mple" + "_spc").value = "51970718174158-51970718174158";
There were some multiple issues in your code.
Try
<?php
if (isset($_GET['p']) && $_GET['p'] == "login")
{
/* Database Connection Info */
$servername = "localhost";
$username = "foo";
$password = "bar";
$dbname = "wordpress";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error)
{
die("Connection failed: " . $conn->connect_error);
}
/* getting form values */
$banstat = mysqli_real_escape_string($conn, $_GET['banstat']);//'1';
$dispname = mysqli_real_escape_string($conn, $_GET['dispname']);
$sql = "UPDATE wp_oxygenpurchaseusers SET user_url='$banstat' WHERE display_name='$dispname'";
if ($conn->query($sql) === TRUE)
{
echo "Record updated successfully";
}
else
{
echo "Error updating record: " . $conn->error;
}
$conn->close();
}
?>
</script>
<link href="http://jotform.us/static/formCss.css?3.3.8019" rel="stylesheet" type="text/css" />
<link type="text/css" rel="stylesheet" href="http://jotform.us/css/styles/nova.css?3.3.8019" />
<link type="text/css" media="print" rel="stylesheet" href="http://jotform.us/css/printForm.css?3.3.8019" />
<style type="text/css">
.form-label-left{
width:150px !important;
}
.form-line{
padding-top:12px;
padding-bottom:12px;
}
.form-label-right{
width:150px !important;
}
.form-all{
width:650px;
color:#555 !important;
font-family:"Lucida Grande", "Lucida Sans Unicode", "Lucida Sans", Verdana, sans-serif;
font-size:14px;
}
</style>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="get">
<input type="hidden" name="formID" value="51970718174158" />
<div class="form-all">
<ul class="form-section page-section">
<li id="cid_4" class="form-input-wide" data-type="control_head">
<div class="form-header-group">
<div class="header-text httal htvam">
<h2 id="header_4" class="form-header">
Ban Tool
</h2>
</div>
</div>
</li>
Name: <input type="text" name="dispname"><br>
E-mail: <input type="text" name="banstat"><br>
<li style="display:none">
Should be Empty:
<input type="text" name="website" value="" />
</li>
<input type="submit">
</form>
</ul>
</div>
Errors in your code
You open two forms.
You are using post method in form but using get method in php code.
Your variables were not updating.
You need get $_POST and set variable
$dispname = $_POST['name'];
Errors in your code:
You open two forms and just close one
If you want use post instead get check $_POST
<?php
if (isset($_GET['p']) && $_GET['p'] == "login") {
if ($_POST) {
//update variables and update bd
}
}
?>
Okay, so I took both of the other answers provided from #javi and #Hassan and used them to re-write it, I took the majority of the code from Hassan's and then changed a few things using Javi's and put this together. I figured maybe someone else could use this. Thanks again guys.
<?php
if (isset($_GET['p']) && $_GET['p'] == "login") {
if ($_POST) {
$servername = "localhost";
$username = "foo";
$password = "bar";
$dbname = "wordpress";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$banstat = $_POST['banstat'];
$dispname = $_POST['dispname'];
$sql = "UPDATE wp_oxygenpurchaseusers SET user_url=$banstat WHERE user_login='$dispname'";
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
}
}
?>
</script>
<link href="http://jotform.us/static/formCss.css?3.3.8019" rel="stylesheet" type="text/css" />
<link type="text/css" rel="stylesheet" href="http://jotform.us/css/styles/nova.css?3.3.8019" />
<link type="text/css" media="print" rel="stylesheet" href="http://jotform.us/css/printForm.css?3.3.8019" />
<style type="text/css">
.form-label-left{
width:150px !important;
}
.form-line{
padding-top:12px;
padding-bottom:12px;
}
.form-label-right{
width:150px !important;
}
.form-all{
width:650px;
color:#555 !important;
font-family:"Lucida Grande", "Lucida Sans Unicode", "Lucida Sans", Verdana, sans-serif;
font-size:14px;
}
</style>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="post">
Display Name: <input type="text" name="dispname"><br>
Ban Status: <input type="text" name="banstat"><br>
<input type="submit">
</form>
<li style="display:none">
Should be Empty:
<input type="text" name="website" value="" />
</li>
</ul>
I want to create login and logout session
My table in mysql database is looking like this
CREATE TABLE members (
id int(10) NOT NULL auto_increment,
username varchar(20) NOT NULL,
password varchar(20) NOT NULL, PRIMARY KEY (id) )
ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ;
and mysql connection named as loginproc.php
<?php
// Inialize session
session_start();
// Include database connection settings
$hostname = 'localhost'; // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet.
$dbname = 'database'; // Your database name.
$username = 'root'; // Your database username.
$password = ''; // Your database password. If your database has no password, leave it empty.
// Let's connect to host
mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
/ Select the database
mysql_select_db($dbname) or DIE('Database name is not available!');
// Retrieve username and password from database according to user's input
$login = mysql_query("SELECT count(*) FROM members WHERE (username = '" . mysql_real_escape_string($_POST['user']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['pass'])) . "')");
$result=mysql_fetch_array($login);
// Check username and password match
if (mysql_num_rows($result) == 1) {
// Set username session variable
$_SESSION['username'] = $_POST['user'];
// Jump to secured page
header('Location: securedpage.php');
}
else {
// Jump to login page
header('Location:career.php');
}
?>
Then created securedpage.php
<?php
// Inialize session
session_start();
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['user'])) {
header('Location: career.php');
}
?>
<html>
<head>
<title>Secured Page</title>
</head>
<body>
<p>This is secured page with session: <b><?php echo $_SESSION['username']; ?></b>
<br>You can put your restricted information here.</p>
<p>Logout</p>
</body>
</html>
index.php
<html>
<head>
</head>
<body>
<form action="loginproc.php" method="post">
UserName:<input type="text" name="user" >
<p> </p>
Password:<input type="password" name="pass" >
<p> </p>
<input type="submit" value=" Login Here " >
<span class="style30">| New?</span>
<a href="signup.php"><span class="style32">Start Here</span>
</form></body></html>
and finally logout page named as logout.php
<?php
// Inialize session
session_start();
// Delete certain session
unset($_SESSION['username']);
// Delete all session variables
// session_destroy();
// Jump to login page
header('Location: index.php');
?>
Now my problem is when i am entering username and password it will stay only at index.php , it is not going to another page. please see this code and tell me when i am doing wrong.
Thanks.
I have a solution for your problem. You have to bit modify your code as mentioned below -
<?php
// Inialize session
session_start();
//----***Use variabel to capture start time *****------
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['user'])) {
header('Location: career.php');
}
?>
And in logout page add one entry as -
<?php
// Inialize session
session_start();
// Delete certain session
unset($_SESSION['username']);
//---****Use end time variable ---------
// Subtract previous start time variable and end time variale
// Delete all session variables
// session_destroy();
// Jump to login page
header('Location: index.php');
?>
Don't use this line
$result=mysql_fetch_array($login);
This will fetch the result into $result as an array, and later own you are using mysql_num_rows() function (which is used for resource , i.e in your case $login)
You the following code
$login = mysql_query("SELECT count(*) FROM members WHERE (username = '" . mysql_real_escape_string($_POST['user']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['pass'])) . "')");
// Check username and password match
if (mysql_num_rows($login) == 1) {
// Set username session variable
$_SESSION['username'] = $_POST['user'];
// Jump to secured page
header('Location: securedpage.php');
}
else {
// Jump to login page
header('Location:career.php');
}
You have a problem here:
$login = mysql_query("SELECT count(*) FROM members WHERE (username = '". mysql_real_escape_string($_POST['user']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['pass'])) . "')");
$result=mysql_fetch_array($login);
// Check username and password match
if (mysql_num_rows($result) == 1) {
your query will always retrieves 1 row on mysql_num_rows($result) because it retrieves the count of users with the condition, if no one match the username and password, the query retrieves
|count(*)|
+--------+
|0 |
and it is 1 row
I see two problems:
mysql_num_rows takes resource type as parameter. You are passing the result of mysql_fetch_array which can either be an array or FALSE.
You're using deprecated mysql extension. You should be using either MySQLi or PDO for new code.
To fix the mysql_num_rows problem in point 1, use if (mysql_num_rows($login)) {:
$login = mysql_query("SELECT count(*) FROM members WHERE (username = '" . mysql_real_escape_string($_POST['user']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['pass'])) . "')");
$result=mysql_fetch_array($login);
// Check username and password match
if (mysql_num_rows($login) == 1) {
index.php
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title></title>
<link rel="stylesheet" href="css/style.css">
<link href='https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,800' rel='stylesheet' type='text/css'>
<link rel="icon" type="image/png" sizes="32x32" href="img/favicon-32x32.png">
<style>
.head{
margin:auto;
margin-top: 40px;
margin-bottom: 40px;
width: 500px;
height: 50px;
text-align:center;
}
</style>
</head>
<body>
<div class="head"><h1> <span class="strong"></span></h1></div>
<div style="padding:0;" align="center" class="login-page">
<img src="img/oms.png"><br><br>
<div class="form" >
<form class="login-form" name="frm" action="Logging.php" method="POST">
<input type="text" placeholder="username" name="usrname"/>
<input type="password" placeholder="password" name="password"/>
<button type="submit" onclick="return logincheck()">login</button>
<p class="message"> Forgot Password Click here</p>
</form>
</div>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
<script type="text/javascript">
function logincheck()
{
var x = document.frm.usrname.value;
var y = document.frm.password.value;
if(x =="" || x == null){
alert("Enter the Username ");
return false;
}
else if(y=="" || y == null){
alert("Enter the Password ");
return false;
}else{
return true;
}
}
$('.message a').click(function(){
$('form').animate({height: "toggle", opacity: "toggle"}, "slow");
});
</script>
</body>
<?php include 'footer1.php';?>
</html>
Logging.php
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title></title>
<link rel="stylesheet" href="css/style.css">
<link href='https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,800' rel='stylesheet' type='text/css'>
<link rel="icon" type="image/png" sizes="32x32" href="img/favicon-32x32.png">
<style>
.head{
margin:auto;
margin-top: 40px;
margin-bottom: 40px;
width: 500px;
height: 50px;
text-align:center;
}
</style>
</head>
<body>
<div class="head"><h1> <span class="strong"></span></h1></div>
<div style="padding:0;" align="center" class="login-page">
<img src="img/oms.png"><br><br>
<div class="form" >
<form class="login-form" name="frm" action="Logging.php" method="POST">
<input type="text" placeholder="username" name="usrname"/>
<input type="password" placeholder="password" name="password"/>
<button type="submit" onclick="return logincheck()">login</button>
<p class="message"> Forgot Password Click here</p>
</form>
</div>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
<script type="text/javascript">
function logincheck()
{
var x = document.frm.usrname.value;
var y = document.frm.password.value;
if(x =="" || x == null){
alert("Enter the Username ");
return false;
}
else if(y=="" || y == null){
alert("Enter the Password ");
return false;
}else{
return true;
}
}
$('.message a').click(function(){
$('form').animate({height: "toggle", opacity: "toggle"}, "slow");
});
</script>
</body>
<?php include 'footer1.php';?>
</html>
Logout.php
<?php
include 'header.php';
include 'footer.php';
session_destroy();
echo "<script>alert('Successfully Logged Out');window.location.href='index.php'</script>";
?>
forgotpass1.php
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title></title>
<link rel="stylesheet" href="css/style.css">
<link href='https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,800' rel='stylesheet' type='text/css'>
<link rel="icon" type="image/png" sizes="32x32" href="img/favicon-32x32.png">
<style>
.head{
margin:auto;
margin-top: 40px;
margin-bottom: 40px;
width: 500px;
height: 50px;
text-align:center;
}
</style>
</head>
<body>
<div class="head"><h1> <span class="strong"></span></h1></div>
<div style="padding:0;" align="center" class="login-page">
<img src="img/oms.png"><br><br>
<div class="form" >
<form class="login-form" name="frm" action="validateemail1.php" method="POST">
<input type="text" placeholder="Email" name="email"/>
<table width="100%">
<tr><td align="left">
<button type="submit" name="Back" value="Back" onclick="history.go(-1);" >Back</button></td><td>  </td><td align="left"> <button type="submit" name="submit" onclick="return logincheck()">Send Email</button></td></tr></table>
</form>
</div>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
<script type="text/javascript">
function logincheck()
{
var y = document.frm.email.value;
if(y=="" || y == null){
alert("Enter the Email ");
return false;
}else{
return true;
}
}
$('.message a').click(function(){
$('form').animate({height: "toggle", opacity: "toggle"}, "slow");
});
</script>
</body>
</html>
<?php include 'footer1.php';?>
validateemail1.php
<?php
include 'dbConfig.php';
if (isset($_POST['submit'])){
$email=$_POST['email'];
$n=0;
$query=mysqli_query($con,"SELECT * FROM signup where email ='".$email."'");
while($row=mysqli_fetch_array($query))
{
$db_email=$row['email'];
if($db_email==$email)
{
$n++;
$to=$row['email'];
$subject = "Your Password ";
$txtn = '<table align="center" border="0" cellpadding="0" cellspacing="0" width="1000">
<tr>
<td align="center" bgcolor="#2ce0e8" style="padding: 7px 0 10px 0;background:#f55322 ">
<img src="http://saiss.co.in/supreme_oms/img/oms.png" alt="http://saiss.co.in/supreme_oms/index" width="84" height="36" style="display: block;" />
</td>
</tr>
<td bgcolor="#ffffff" style="padding: 20px 0 30px 0"><center>Hi ,'.$row["username"].'<br>
Your password is: '.$row["password"].'<br> Click to Login</center>
</td>
<tr>
<td bgcolor="#f55322" style="padding: 25px 0px 18px 23px;color: #fff;font-size: 12px;">
© <?php echo date("Y"); ?> OMS All RIGHTS RESERVED.
</td>
<td align="right">
</td>
</tr>
</table>';
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= 'From: <OMS>' . "\r\n";
mail($to,$subject,$txtn,$headers);
echo "<script>alert('We Sent Password To Your Email Address');window.location.href='index.php';</script>";
}
}
if($n==0)
{
echo "<script>alert('Your email is Not Matching with our database');window.location.href='index.php';</script>";
}
}
?>
Logging.php
<?php
session_start();
include 'dbConfig.php';
$logname = $_POST['usrname'];
$logpass = $_POST['password'];
if(isset($_POST['usrname'])) {
$name = $_POST['usrname'];
}
if(isset($_POST['password'])) {
$name = $_POST['password'];
}
if($logname != null && trim($logname) !="" && trim($logpass) !="" && $logpass !=null)
{
$getvalue ="";
$sql_query = "Select * from signup where username='".$logname."'and password ='".$logpass."'";
$changepass="";
$result_set = mysqli_query($con,$sql_query);
if(mysqli_num_rows($result_set)==0){
echo "<script>alert('Invalid Username/Password');window.location.href='index.php'</script>";
}else{
while($row=mysqli_fetch_row($result_set))
{
$getvalue = $row[0];
$changepass = $row[3];
}
$_SESSION["usrnam"] = $getvalue;
if($changepass=="Y"){
echo "<script>window.location.href='changepassword.php'</script>";
}else
{
echo "<script>window.location.href='dashboard.php'</script>";
}
}
}else{
echo "<script>alert('Invalid Username/Password');window.location.href='index.php'</script>";
}
?>