im really new at this so i appriciate that if you could keep the answers really simple and basic so i can understand.
so i am trying to build a simple login platform but it doesnt work..
i think i have some sord of a problem with the sql code cause $rows tag doesnt count as one row that fit for the user that inculded in the database.
thx in advanced.
<?php
session_start();
?>
include "config.php";
$wrong_dt="";
if(isset($_POST['email']) && $_POST['email']!="" && isset($_POST['password']) && $_POST['password']!=""){
$pw = mysqli_prepare($conn , "SELECT `email` FROM `Users` WHERE `email` = ? AND `password` = ? LIMIT 1");
if($pw){
echo "good";
echo $_POST['email'];
echo $_POST['password'];
mysqli_stmt_bind_param($pw, "ss" , $_POST['email'] , $_POST['Password']);
mysqli_stmt_execute($pw);
$result= mysqli_stmt_get_result($pw);
echo mysqli_num_rows($result);
if(mysqli_num_rows($result) > `0){
$_SESSION['email']=$_POST['email'];
header("Location:Find.php");
}
else{
$wrong_dt="wrong details";
}
}
}
?>
MusicRun
</head>
<header>
<h1> MusicRun </h1>
<h5>Same Hobby.Same Music.</h5>
<p>MusicRun is a platform for people who likes running in a group with other people who likes the same music as they do</p>
</header>
<body background= "http://www.spyderonlines.com/images/nike_sports_athletics_run_running_81188.jpg">
<main>
<form method="post" action="login.php">
<div class="form-group">
<label for="exampleInputEmail1">Email address</label>
<input type="email" class="form-control" name="email" id="exampleInputEmail1" aria-describedby="emailHelp" placeholder="Enter email">
<small id="emailHelp" class="form-text text-muted">We'll never share your email with anyone else.</small>
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="password" class="form-control" name="password" id="exampleInputPassword1" placeholder="Password">
<button type="submit" class="btn btn-primary" id="loginBtn">Login</button>
</div>
<p><?php echo $wrong_dt ?></p>
<div class="newAccount">
<p>Not a User yet?</p>
<button type="button" class="btn btn-primary" id="login_button" onclick="window.location.href='http://matanhm.myweb.jce.ac.il/Final%20Project/register.php'">Sign up</button>
</div>
</form>
</main>
<footer>
</footer>
</body>
Related
Even though the if condition ($num>0) is true, I am not being redirected to the welcome.php, any help from fellow developers?
if(isset($_POST['login'])){
$password=$_POST['password'];
$email=$_POST['email'];
$ret= mysqli_query($con,"SELECT * FROM users WHERE email='$email' and password='$password'");
$num=mysqli_fetch_array($ret);
if($num>0)
{
$extra="welcome.php";
$_SESSION['login']=$_POST['email'];
$_SESSION['id']=$num['id'];
$_SESSION['full_name']=$num['full_name'];
$host=$_SERVER['HTTP_HOST'];
$uri=rtrim(dirname($_SERVER['PHP_SELF']),'/\\');
header("Location:http://$host$uri/$extra");
exit();
}
After login button is clicked, with the correct attributes, Im stuck on the same page, just blank white page.
<form name="login" action="" method="post">
<div class="uk-margin">
<div class="uk-inline">
<span class="uk-form-icon" uk-icon="icon: mail"></span>
<input class="uk-input" name="email" type="email" placeHolder="Enter your e-mail">
</div>
</div>
<div class="uk-margin">
<div class="uk-inline">
<span class="uk-form-icon" uk-icon="icon: lock"></span>
<input class="uk-input" name="password" type="password" placeHolder="Enter your password">
</div>
</div>
<input type="submit" name="login" value="LOG IN" >
</form>
replace header("location:http://$host$uri/$extra");
with header("Location: http://$host$uri/$extra");
I want user login with username password and 4 digit pin code and code is in my db. Here is my code sample. If any one here can help me I would very much appreciate it:
<?php
if (isset($_POST['login'])) {
$user = $_POST['user'];
$pass = $_POST['pass'];
$pincode = $_POST['pincode'];
if (empty($user) OR empty($pincode)) {
echo "<script>alert('Please Fill All Required Field')</script>";
} else {
$select_user = "select * from users WHERE Username = '$user' AND Password ='$pass' pin-code ='?' ";
$run_user_sql = mysqli_query($conn, $select_user);
$check_customer = mysqli_num_rows($run_user_sql);
if ($check_customer ==false) {
echo "<script>alert('Username/Password Wrong')</script>";
exit();
}
if ($check_customer == true) {
$_SESSION['user'] = $user;
echo "<script>alert('You Are Logged In')</script>";
echo "<script>window.open('index.php?dashboard','_self')</script>";
}
}
}
?>
<form action="" method="post">
<div class="form-group">
<div class="form-label-group">
<input type="text" class="form-control" name="user" placeholder="Username" >
<label">Username</label>
</div>
</div>
<div class="form-group">
<div class="form-label-group">
<input type="password" class="form-control" name="pass" placeholder="Password" >
<label >Password</label>
</div>
</div>
<div class="form-group">
<div class="form-label-group">
<input type="text" class="form-control" name="pincode" placeholder="4-Digit Pin Code" >
<label >4-Digit Pin Code</label>
</div>
</div>
<div class="form-group">
<div class="checkbox">
<label>
<input type="checkbox" value="remember-me">
Remember Password
</label>
</div>
</div>
<input type="submit" class="btn btn-primary btn-block" name="login" value="Login">
</form>
Your code seems to be okay, but with a lot of security risks. However, your SQL command is wrong. Change it to the following:
$select_user = "select * from users WHERE Username = '$user' AND Password ='$pass' AND `pin-code` ='{$pincode}'";
Hello guys After I login It redirect in a certain page but when I press back in browser I want to redirect it into my certain page not login page again. Thank you for helping me guys this problem takes me 4hrs and continuing Thank you!!!
index.php
<div class="container">
<div class="margin-top">
<div class="row">
<div class="span12">
<div class="login">
<div class="log_txt">
<p><strong>Please Enter the Details Below..</strong></p>
</div>
<form class="form-horizontal" method="POST">
<div class="control-group">
<label class="control-label" for="inputEmail">Username</label>
<div class="controls">
<input type="text" name="username" id="username" placeholder="Username" required>
</div>
</div>
<div class="control-group">
<label class="control-label" for="inputPassword">Password</label>
<div class="controls">
<input type="password" name="password" id="password" placeholder="Password" required>
</div>
</div>
<div class="control-group">
<div class="controls">
<button id="login" name="submit" type="submit" class="btn"><i class="icon-signin icon-large"></i> Submit</button>
</div>
</div>
<?php
if (isset($_POST['submit'])){
$username = $_POST['username'];
$password = $_POST['password'];
$result = mysqli_query($dbcon,"SELECT * FROM users WHERE username='$username' AND password='$password'")or die(mysqli_error());
$num_row = mysqli_num_rows($result);
$row=mysqli_fetch_array($result);
if( $num_row > 0 ) {
?>
header('location:attendance.php');
$_SESSION['id']=$row['user_id'];
}
else{ ?>
<div class="alert alert-danger">Access Denied</div>
<?php
}}
?>
</form>
</div>
</div>
</div>
</div>
</div>
You can maintain the session, if session is valid u can return the user to Homepage else return to Login page.
Your best bet is to check to see if the user is logged in right at the top of your script and redirect them at that point instead of rendering you page.
And look into escaping your inputs against SQL injection before you put this where people can get to it.
<?php
if(!empty($_SESSION['id']))
{
header('Location: attendance.php');
}
?>
At the head of your file should do it.
I am writing a basic PHP login/Registration script and for some reason as soon as I add a PHP command the HTML isn't loaded. I had a look at the source but there is nothing loaded at all. I am hoping I have missed something very basic, but I am also having a couple of teething issues with the version of PHP installed on the web server.
<?php
require_once('connect.php');
if(isset($_POST) & !empty($_POST)){
$username = mysql_real_escape_string($_POST['username']);
$email = mysql_real_escape_string($_POST['email']);
$password =md5($_POST['password']);
$sql = "INSERT INTO 'login' (username, email, password) VALUES ('$username, $email, $password)";
$result = mysql_query($connection, $sql);
if($result){
echo "User Rego Secusseflllgk";
}else{
echo "User rego faile";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>USer Reg in PHP & MySQL</title>
</head>
<center>
<body>
<div class="container">
<form class="form-signin" method="POST">
<h2 class="form-sigin-heading">Please register</h2>
<div class="input-group">
<span class="input-group-addon" id="basic-addon1">#</span>
<input type="test" name="username" class="form-control" placeholder="Username" required>
</div>
<label for="inputEmail" class="sr-only">Password</label>
<input type="email" name="email" id="inputEmail" class="form-control" placeholder="Email address" required autofocus>
<label for="inputPassword" class="sr-only">Password</label>
<input type="password" name="password" id="inputPassword" class="form-control" placeholder="Password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Register</button>
<a class="btn btn-lg btn-primary btn-block" href="login.php">Login</a>
</form>
</div>
</body>
</html>
I tried to print the POST request but this didnt shed any light on the issue
print_r($_POST);
You are using deprecated functions and your if-statement is incorrect.
Use if(isset($_POST) && !empty($_POST)){
The mysql_query should be mysqli_query, the function you use:
http://php.net/manual/en/function.mysql-query.php
mixed mysql_query ( string $query [, resource $link_identifier = NULL ] )
VS the new one:
http://php.net/manual/en/mysqli.query.php
mixed mysqli_query ( mysqli $link , string $query [, int $resultmode = MYSQLI_STORE_RESULT ] )
You are placing the connection first, and than the Query, which doesn't work for mysql_query. In mysqli_query that mark-up does work.
Check and review below code,
<?php
require_once('connect.php');
if(isset($_POST) & !empty($_POST)){
$username = mysql_real_escape_string($_POST['username']);
$email = mysql_real_escape_string($_POST['email']);
$password =md5($_POST['password']);
$sql = "INSERT INTO login (username, email, password) VALUES ('".$username."', '".$email."', '".$password."')";
$result = mysql_query($sql);
if($result){
echo "User Rego Secusseflllgk";
}else{
echo "User rego faile";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>USer Reg in PHP & MySQL</title>
</head>
<center>
<body>
<div class="container">
<form class="form-signin" method="POST">
<h2 class="form-sigin-heading">Please register</h2>
<div class="input-group">
<span class="input-group-addon" id="basic-addon1">#</span>
<input type="test" name="username" class="form-control" placeholder="Username" required>
</div>
<label for="inputEmail" class="sr-only">Email</label>
<input type="email" name="email" id="inputEmail" class="form-control" placeholder="Email address" required autofocus>
<label for="inputPassword" class="sr-only">Password</label>
<input type="password" name="password" id="inputPassword" class="form-control" placeholder="Password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Register</button>
<a class="btn btn-lg btn-primary btn-block" href="login.php">Login</a>
</form>
</div>
</body>
</html>
use this
if(isset($_POST['email']) && !empty($_POST['email'])){
After submit in signup page my signUp page redirects to info.php where I want to collect additional info of user using email id he gives on signup page but when I tried to get the email id of user through sessions, session return empty value.
THIS IS MY SIGNUP CODE
<?php
session_start();
if(isset($_POST['submit'])){
$name= $_POST['_user'];
$email = $_POST['_email'];
$pass = $_POST['_password'];
//Insert Data
$sql = "INSERT INTO signup(name,email,password)
VALUES('$name','$email','$pass')";
//Data Validation
if(mysqli_query($conn,$sql)){
echo "<script>alert('SignUp Successfull')</script>";
$_SESSION['user_email'] = $email;
header('Location: info.php');
}
else{
echo "<script>window.alert('You are already a user.')</script>";
}
}
mysqli_close($conn);
?>
AND THIS MY INFO.PHP CODE
<?php
session_start();
if(isset($_POST['_submit'])){
if(empty($_POST['_address']) || empty($_POST['_country']) || empty($_POST['_number']) || empty($_POST['_cnic']) || empty($_POST['_passport'])){
echo "<script>window.alert('All fields are required')</script>";
}
else{
$address = $_POST['_address'];
$country = $_POST['_country'];
$number = $_POST['_number'];
$cnic = $_POST['_cnic'];
$passport = $_POST['_passport'];
$email=$_SESSION['user_email'];
$query = "INSERT INTO info(email,address,country,mobile,cnic,passport)
VALUES('$email','$address','$country','$number','$cnic','$passport')";
if(mysqli_query($conn,$query)){
header('Location: ../index.php');
}
else{
echo "<script>window.alert('Error While Entering the data!.')</script>";
}
}
}
mysqli_close($conn);
?>
In addition I use this global session variable for login page and it works fine.
UPDATE
SIGNUP HTML CODE
<div class="outside">
<form class="form-horizontal" role="form" method="post">
<div class="form-group">
<label class="control-label col-sm-3 glyphicon glyphicon-user" for="name"></label>
<div class="control-label col-sm-8">
<input type="text" name="_user" class="form-control" id="name" placeholder="Full Name">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-3" for="email">
<img class="glyphicon1" src="../assests/at-sign.png">
</label>
<div class="control-label col-sm-8">
<input type="email" name="_email" class="form-control" id="email" placeholder="Enter Email">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-3 glyphicon glyphicon-lock" for="password"></label>
<div class="control-label col-sm-8">
<input type="password" name="_password" class="form-control" id="password" placeholder="Enter Password">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-3 col-sm-3">
<button name="submit" id="submit" value="Upload" type="submit" class="btn btn-default">Confirm SignUp</button>
</div>
</div>
<p>Already a User? LogIn</p>
</form>
</div>
Use this for Returns the auto generated id used in the last query
mysqli_insert_id($link)