I designed a login form, but while processing it has a fatal error which I have no idea how to fix that.
here are my codes:
dbConnection.php:
<?php
$host = 'localhost';
$user = 'root';
$pass = '';
$dbname = 'fashionshop';
$conn = new mysqli($host,$user,$pass,$dbname);
if($conn->connect_error){
die('Connection Failed:' .$conn->connect_error);
}
//echo "Connected Successfully";
?>
userloginprocess.php:
<?php require_once 'dbConnection.php'; ?>
<?php
if(isset($_POST['client-login-submit'])){
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * FROM users
WHERE username = '".$username."' AND password1 = '".$password."' LIMIT 1";
$result = $conn->query($sql);
if($conn->num_rows($result) == 1){ // this is line 14
header('location:welcome.php');
}else{
header('location:error.php');
}
}else{
header('location:notworking.php');
}
?>
html form:
<form action="inc/userloginprocess.php" method="post">
<h1>LOG IN</h1>
<input placeholder="Username" type="text" name="username" id="username">
<input placeholder="Password" type="password" name="password" id="password">
<input type="submit" name="client-login-submit" value="LOG IN">
<p>Forget Your Password? RESET</p>
<p>SIGN UP</p>
</form>
and finally the error when I submit the form:
Fatal error: Uncaught Error: Call to undefined method mysqli::num_rows() in C:\xampp\htdocs\fashionshop\inc\userloginprocess.php:14 Stack trace: #0 {main} thrown in C:\xampp\htdocs\fashionshop\inc\userloginprocess.php on line 14
I would be grateful if you help me.
You are using the wrong object in getting the number of rows. Use $result instead of $conn.
Make
$conn->num_rows($result)
To:
$result->num_rows
Related
I need to сheck if username is already taken or not. And if it is ok, to redirect to another page but if not (here I am stuck) to make the "username is already taken" appear under the input line.
there is my php code:
<?php
$host = "localhost";
$dbusername = "postgres";
$dbpassword = "admroot";
$db = "local_db_server_test";
$con = pg_connect("host=$host dbname=$db user=$dbusername password=$dbpassword") or die ("Could not connect to Server\n");
if(!$con){ die('Error: Unable to open database'); }
else {
$username = $_POST['username'];
$password = $_POST['password'];
if(strlen($password) < 6) {
pg_close($con); // also can use die() but without header and redirection
header("Location:sign_up_pass_err.html");
}
$query = "INSERT INTO register(username, password) VALUES ('$username',crypt('$password',gen_salt('md5')))";
$result = pg_query($con, $query);
header("Location: login.html");
}
pg_close($con);
?>
And this is my html code:
<!DOCTYPE html>
<html>
<head></head>
<body>
<form action="sign_up.php" method="post">
<input type="text" name="username" placeholder="Username" required><br><br>
<input type="password" name="password" placeholder="Password" required><br><br>
<input type="submit" value="Sign up">
</form>
</body>
</html>
Fatal error: Uncaught Error: Call to undefined method PDO::statement() in /Applications/MAMP/htdocs/Snapshot/includes/functions.inc.php:13 Stack trace: #0 /Applications/MAMP/htdocs/Snapshot/login.php(16): canilogin('test#test.be', 'azertyui') #1 {main} thrown in /Applications/MAMP/htdocs/Snapshot/includes/functions.inc.php on line 13
Anyone knows how I can aroudn this problem? This is a login form, I've created an register form which works and saves the given input into an DB, the pw is saved as hashed as folowing $hash = password_hash($password,PASSWORD_DEFAULT);
Now I'm trying to create a login which doesn't seem to work at all after submitting it throws the error above then. Anyone can see what I did wrong? I'm working with OOP in mind.
Login.php:
<?php
include_once("includes/functions.inc.php");
// get username and password from $_POST
if(!empty($_POST)){
$username = $_POST['email'];
$password = $_POST['password'];
// check if a user can login (function)
if(canilogin($username, $password)){
session_start();
$_SESSION['username'] = $username;
$_SESSION['loggedin'] = true;
// setcookie("login", $cookieval, time()+60*60*24*7); //1 week
header('Location: index.php');
}
else{
$error = true;
// if no -> $error tonen
}
}
?><!DOCTYPE html>
<html lang="en"
<body class="login">
<div class="grid container_login">
<div class="login_grid">
<form class="form_login" action="" method="post">
<?php if( isset($error) ): ?>
<div class="form__error">
<p>
Sorry, we can't log you in with that email address and password. Can you try again?
</p>
</div>
<?php endif;?>
<div>
<label for="email">EMAIL</label><br/>
<input type="text" id="email" name="email" placeholder="Lucasdebelder#snapshot.be">
</div>
<div>
<label for="password">PASSWORD</label><br/>
<input type="password" id="password" name="password" placeholder="Atleast 8 characters">
</div>
<div>
<input type="submit" value="LOG IN" class="btn_login">
</div>
</form>
</div>
</body>
</html>
An extra file I used in includes/functions.inc.php to save the functions.
<?php
function canilogin( $username, $password){
$conn = new PDO('mysql:host=localhost; dbname=snapshot', 'root', 'root');
$statement = $conn->prepare("select * from users where email = :username");
$statement->bindValue(':username', 'username');
$statement->execute();
$result = $conn->statement($statement);
if($result->num_rows != 1){
return false;
}
$user = $result->fetch_assoc();
if(password_verify($password, $user['password'])){
return true;
}
else{
return false;
}
}
?>
replace the line that contain this code
$result = $conn->statement($statement);
by
if($statement->execute()){
$user = $statement->fetch(PDO::FETCH_ASSOC);
// and continue with your code that test the password
} else {
return false;
}
Please someone can check whether my session is working or not.
I am not sure as i am still beginner.
login.php is the main page for user to login the username and password :
<body>
<form action="" method="post">
<div class="imgcontainer">
<img src="KBR2xN6.jpg" alt="Avatar" class="avatar">
</div>
<div class="container">
<label><b>Username</b></label>
<input type="text" placeholder="Enter Username" name="name" required>
<br />
<label><b>Password</b></label>
<input type="password" placeholder="Enter Password" name="pass" required>
<button type="submit">Login</button>
<button type="reset" class="cancelbtn">Reset</button>
</div>
</form>
</body>
As for connections.php is to connect to the local server :
$host = "localhost";
$username = "root";
$password = "";
$database = "netbook 1 malaysia";
try {
$connect = new PDO("mysql:host=$host; dbname=$database", $username, $password);
$connect->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $ex) {
echo 'Connection Failed : '.$ex->getMessage();
}
As for session.php i am not sure:
session_start();
include('connections.php');
$username = $_POST['name'];
$password = $_POST['pass'];
$sql = "SELECT * FROM pengguna WHERE username = '$username' AND password = '$password'";
$result = $connect->query($sql);
if($result->rowcount()>0){
foreach($result AS $data){
$_SESSION['name'] = $data['name'];
$_SESSION['pass'] = $data['pass'];
echo "<script>alert('Login Success');
window.location.href='view.php';
</script>";
}
}
else {
echo "<script>alert('Login Failed');
window.location.href='login.php';
</script>";
}
Check for me please.
Just add this code to your view.php file.
session_start();
print_r($_SESSION);
If it prints values you saved in session then its working.
I'm having massive issues with creating this login system for my website and we are required to use php and oracle.
The table itself is very simple and only has a Username and Password value attached to it.
This is the code I am using and the main issue that comes with it is that the variable $password always returns a blank value.
<?php
/* Set oracle user login and password info */
$dbuser = "*MY USERNAME*";
$dbpass = "*MY PASSWORD*";
$dbname = "SSID";
$db = oci_connect($dbuser, $dbpass, $dbname);
if (!$db) {
echo "An error occurred connecting to the database";
exit;
}
$user = $_POST['user'];
$pass = $_POST['pass'];
$sql_login = "SELECT Username FROM users WHERE Username='%".$user."%'";
$login_stmt = oci_parse($db, $sql_login);
if(!$login_stmt)
{
echo "An error occurred in parsing the sql string.\n";
exit;
}
oci_execute($login_stmt);
while(oci_fetch_array($login_stmt))
{
$password = oci_result($login_stmt,"Password");
}
if ($password == "")
{
echo 'Password = blank';
}
if ($pass == $password)
{
echo 'Logged In';
}
else
{
echo 'Login Failed';
}
?>
I am using this command to try and write a value to the variable but I am having no luck.
while(oci_fetch_array($login_stmt))
{
$password = oci_result($login_stmt,"Password");
}
The form used is below, but I don't think there is a problem with it.
<form name="register" method="post" action="inc/login.php">
<div class="form_row">
<label class="contact"><strong>Username:</strong></label>
<input type="text" name="user" class="contact_input" />
</div>
<div class="form_row">
<label class="contact"><strong>Password:</strong></label>
<input type="password" name="pass" class="contact_input" />
</div>
<div class="form_row">
<div class="terms">
<input type="checkbox" name="terms" />
Remember me
</div>
</div>
<div class="form_row">
<input type="submit" class="register" value="login" />
</div>
</form>
problem is sql return 0 rows, bacase if u using in where clause % U must use like operator, not =
use this sql:
$sql_login = "SELECT Username FROM users WHERE Username like '%".$user."%'";
Here is good informatioun about this:
Equals(=) vs. LIKE
In $password = oci_result($login_stmt,"Password"); the word "Password" must be written on CAPS so it will be something like
$password = oci_result($login_stmt,"PASSWORD");
Worked that way for me
The "dbcred.php" class
<?php
# pdo_testdb_connect.php - function for connecting to the "test" database
function testdb_connect ()
{
$dbh = new PDO("mysql:host=localhost;dbname=dbname", "root", "");
return ($dbh);
}
?>
PHP
<?php
#connect mysql
require_once "dbcred.php";
$dbh = testdb_connect ();
session_start();
$username = $_POST['regduser'];
$userpass = md5($_POST['regdpass']);
$result = mysql_query("SELECT * FROM Student WHERE regduser= '$username' AND regdpass = '$regdpass'");
if (mysql_num_rows($result)!= 1) { $error = "Login failed";
#include "loginform.php";
} else {
$_SESSION['username'] = "$username";
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
#include "membersection.php";
}
?>
HTML
<form action="inc/check_regUsr.php" method="post" id="userLogon">
<div class="field required">
Username: <input type="text" name="regduser" tabindex="1" /><br />
</div>
<div class="field required">
Password: <input type="text" name="regdpass" tabindex="2" /><br />
</div>
<input type="submit" name="submitUser" />
</form>
When I try to submit valid credentials it says: Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in on line 12
Why does it not like this and how can I fix it?
Thank you
$result = mysql_query("SELECT * FROM Student WHERE regduser= '$username' AND regdpass = '$regdpass'");
I don't know how your database class is working. So I will write a general mysql connect code.
mysql_connect($host,$username,$password);
mysql_select_db($db);
No you can execute the query.