Why do i get this when i print my session :
Array ( [name] => [pass] => ) ?
Below is my code
My main page for user to input, login.php:
<form action="" method="post">
<div class="imgcontainer">
<img src="KBR2xN6.jpg" alt="Avatar" class="avatar">
</div>
<div class="container">
<label><b>Username</b></label>
<input type="text" placeholder="Enter Username" name="name" required>
<br />
<label><b>Password</b></label>
<input type="password" placeholder="Enter Password" name="pass" required>
<button type="submit">Login</button>
<button type="reset" class="cancelbtn">Reset</button>
</div>
</form>
To connect to local server, connections.php:
$host = "localhost";
$username = "root";
$password = "";
$database = "netbook 1 malaysia";
try {
$connect = new PDO("mysql:host=$host; dbname=$database", $username, $password);
$connect->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $ex) {
echo 'Connection Failed : '.$ex->getMessage();
}
My session page, session.php:
session_start();
include('connections.php');
$username = $_POST['name'];
$password = $_POST['pass'];
$sql = "SELECT * FROM pengguna WHERE username = '$username' AND password = '$password'";
$result = $connect->query($sql);
if($result->rowcount()>0){
foreach($result AS $data){
$_SESSION['name'] = $data['name'];
$_SESSION['pass'] = $data['pass'];
echo "<script>alert('Login Success');
window.location.href='view.php';
</script>";
}
}
else {
echo "<script>alert('Login Failed');
window.location.href='login.php';
</script>";
}
Maybe my database failed ?
$result contains a resource, not database data directly.
When we expected just one row form database, no loop is needed. Using a loop you'll have just on name/pass in session, it'll be overwritten in your code for the last one.
$data = $result->fetch_assoc();
$_SESSION['name'] = $data['name'];
$_SESSION['pass'] = $data['pass'];
print_r($_SESSION);
Note that there is no reason to store password in session, the same as store password in database as a plaintext.
Where you print session array? if you print session on view.php file then make sure to start session on view.php file.
Related
Please someone can check whether my session is working or not.
I am not sure as i am still beginner.
login.php is the main page for user to login the username and password :
<body>
<form action="" method="post">
<div class="imgcontainer">
<img src="KBR2xN6.jpg" alt="Avatar" class="avatar">
</div>
<div class="container">
<label><b>Username</b></label>
<input type="text" placeholder="Enter Username" name="name" required>
<br />
<label><b>Password</b></label>
<input type="password" placeholder="Enter Password" name="pass" required>
<button type="submit">Login</button>
<button type="reset" class="cancelbtn">Reset</button>
</div>
</form>
</body>
As for connections.php is to connect to the local server :
$host = "localhost";
$username = "root";
$password = "";
$database = "netbook 1 malaysia";
try {
$connect = new PDO("mysql:host=$host; dbname=$database", $username, $password);
$connect->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $ex) {
echo 'Connection Failed : '.$ex->getMessage();
}
As for session.php i am not sure:
session_start();
include('connections.php');
$username = $_POST['name'];
$password = $_POST['pass'];
$sql = "SELECT * FROM pengguna WHERE username = '$username' AND password = '$password'";
$result = $connect->query($sql);
if($result->rowcount()>0){
foreach($result AS $data){
$_SESSION['name'] = $data['name'];
$_SESSION['pass'] = $data['pass'];
echo "<script>alert('Login Success');
window.location.href='view.php';
</script>";
}
}
else {
echo "<script>alert('Login Failed');
window.location.href='login.php';
</script>";
}
Check for me please.
Just add this code to your view.php file.
session_start();
print_r($_SESSION);
If it prints values you saved in session then its working.
I am making a panel with PHP. It contains a login script. It's working good, just what I expect. The next step is: Echo the username.
With $_POST you can echo the username what the person has typed. So, just like: Welcome, $username.
The problem now is, that I can't echo the $_POST. It's not possible because you will redirect to another page. My question is: How can I echo a username.
My login script:
<?php
//DATABASE CONNECTION
session_start();
$host = "localhost";
$username = "root";
$password = "root";
$database = "test_tutorial";
$message = "";
try {
$connect = new PDO("mysql:host=$host; dbname=$database", $username, $password);
$connect->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$fname = $_POST["fname"];
//LOGIN CHECK
if(isset($_POST["login"])) {
if(empty($_POST["fname"]) || empty($_POST["lname"])) {
echo 'All fields required';
}
else
{
$query = "SELECT * FROM users WHERE fname = :fname AND lname = :lname";
$statement = $connect->prepare($query);
$statement->execute(
array(
'fname' => $_POST["fname"],
'lname' => $_POST["lname"]
)
);
$count = $statement->rowCount();
if($count > 0)
{
//VISITED
header("Refresh:0; url=veilig.php");
//END
}
else
{
echo 'Wrong data';
}
}
}
}
catch(PDOException $error) {
$message = $error->getMessage();
}
?>
My form:
<form action="" method="post">
<label>fname</label>
<input type="text" name="fname" class="form-control" />
<br />
<label>lname</label>
<input type="password" name="lname" class="form-control" />
<br />
<input type="submit" name="login" value="Login" />
</form>
So, how can I echo a post if someone is redirected to another page?
You've already called session_start so you're ready to use the $_SESSION superglobal which will persist data for the user across all pages that call session_start first.
For example, here on index.php
<?php
session_start();
$_SESSION['username'] = 'Prabhjot.Singh';
header('Location: veilig.php');
Then later on veilig.php
<?php
session_start();
echo $_SESSION['username'];
Prabhjot.Singh
I'm having massive issues with creating this login system for my website and we are required to use php and oracle.
The table itself is very simple and only has a Username and Password value attached to it.
This is the code I am using and the main issue that comes with it is that the variable $password always returns a blank value.
<?php
/* Set oracle user login and password info */
$dbuser = "*MY USERNAME*";
$dbpass = "*MY PASSWORD*";
$dbname = "SSID";
$db = oci_connect($dbuser, $dbpass, $dbname);
if (!$db) {
echo "An error occurred connecting to the database";
exit;
}
$user = $_POST['user'];
$pass = $_POST['pass'];
$sql_login = "SELECT Username FROM users WHERE Username='%".$user."%'";
$login_stmt = oci_parse($db, $sql_login);
if(!$login_stmt)
{
echo "An error occurred in parsing the sql string.\n";
exit;
}
oci_execute($login_stmt);
while(oci_fetch_array($login_stmt))
{
$password = oci_result($login_stmt,"Password");
}
if ($password == "")
{
echo 'Password = blank';
}
if ($pass == $password)
{
echo 'Logged In';
}
else
{
echo 'Login Failed';
}
?>
I am using this command to try and write a value to the variable but I am having no luck.
while(oci_fetch_array($login_stmt))
{
$password = oci_result($login_stmt,"Password");
}
The form used is below, but I don't think there is a problem with it.
<form name="register" method="post" action="inc/login.php">
<div class="form_row">
<label class="contact"><strong>Username:</strong></label>
<input type="text" name="user" class="contact_input" />
</div>
<div class="form_row">
<label class="contact"><strong>Password:</strong></label>
<input type="password" name="pass" class="contact_input" />
</div>
<div class="form_row">
<div class="terms">
<input type="checkbox" name="terms" />
Remember me
</div>
</div>
<div class="form_row">
<input type="submit" class="register" value="login" />
</div>
</form>
problem is sql return 0 rows, bacase if u using in where clause % U must use like operator, not =
use this sql:
$sql_login = "SELECT Username FROM users WHERE Username like '%".$user."%'";
Here is good informatioun about this:
Equals(=) vs. LIKE
In $password = oci_result($login_stmt,"Password"); the word "Password" must be written on CAPS so it will be something like
$password = oci_result($login_stmt,"PASSWORD");
Worked that way for me
This question already has answers here:
Can I mix MySQL APIs in PHP?
(4 answers)
Closed 7 years ago.
This is my login.php called from the button in the html below
$username = "root";
$password = "******";
$hostname = "localhost";
$dbname = "dbname";
// Create connection
$conn = new mysqli($hostname, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$Uname = $_POST['logId'];
$Upass = $_POST['logPass'];
$query= mysql_query("SELECT * FROM user WHERE RegId ='$Uname' AND RegPass ='$Upass'");
$numrows=mysql_num_rows($query);
if($numrows!=0) {
while($row=mysql_fetch_assoc($query)) {
$dbUser=$row['RegId'];
$dbPass=$row['RegPass'];
}
if($Uname == $dbUser && $Upass == $dbPass) {
include 'Home.html';
}
else {
echo "invalid username or password!";
}
}
$conn->close();
Here is the HTML code
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="login-panel panel panel-green">
<div class="panel-heading">
<h3 class="panel-title">Please Sign In</h3>
</div>
<div class="panel-body">
<form action="loginChk.php" method="post">
<div class="form-group">
<label>Please Enter Your Email/Username</label>
<input class="form-control" placeholder="username/E-mail" name="logId"/ >
</div>
<div class="form-group">
<label>Please Enter Your Password</label>
<input class="form-control" placeholder="Password" name="logPass" type="password" />
</div>
<div class="checkbox">
<label>
<input name="remember" type="checkbox" value="Remember Me" />Remember Me
</label>
</div>
<!-- Change this to a button or input when using this as a form -->
<input type="submit" class="btn btn-default" name="logBtn" value="Login"/><br /><br />
<div class="fb-login-button" data-max-rows="1" data-size="large" data-show-faces="false" data-auto-logout-link="false"></div><br /><br />
Register Here!
</form>
</div>
</div>
</div>
</div>
</div>
When i try to login using correct credentials it gives me this.....
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\LifeGuru\loginChk.php on line 21
Any suggestions?
Here is a completed login script completed in a hurry.
loginChk.php:
<?php
session_start();
//Include db connection
include 'db_connect.php';
//Get inputs and encode password to md5() remove that if no md5 enc.
$Username = mysql_real_escape_string($_POST['logId']);
$Password = md5(mysql_real_escape_string($_POST['Password']));
//Username check query
$Check_if_Username = mysql_query("SELECT * FROM Users WHERE Username = '$Username' AND Password = '$Password'");
//Email check query
$Check_if_Mail = mysql_query("SELECT * FROM Users WHERE Email = '$Username' AND Password = '$Password'");
//Check if Username returns any result
if(mysql_num_rows($Check_if_Username)==1){
//Data was found, populate variables:
$data = mysql_fetch_array($Check_if_Username);
$_SESSION['Username'] = $data['Username'];
$_SESSION['LoggedIn'] = TRUE;
}
//Otherwise, check for email match
else if(mysql_num_rows($Check_if_Mail)==1){
//Data was found, populate variables:
$data = mysqli_fetch_array($Check_if_Mail);
$_SESSION['Username'] = $data['Username'];
$_SESSION['LoggedIn'] = TRUE;
}
//No data was found:
else{
mysql_close();
header("Location: /login.php?error=invalid data");
die;
}
//If the user was logged in and the data was found, close mysql connection
mysql_close();
//Then redirect
header("Location: /account.php");
Keep in mind mysql_* is depreciated, try learn the workaround.
Let me know how it worked out for you :)
My script doesn't saves the value into a $_SESSION, how is that possible?
Whenever my users login, i try to place their username into a session.
My only problem is when i use var_dump($_SESSION['user_name']); to debug and reveal the current value on the end page, i just keep receiving NULL.
Could someone help me out?
Here is my code:
<? php
include_once('../db/config.php');
session_start();
$error = '';
if (isset($_POST['submit'])) {
if (empty($_POST['isamp_username']) || empty($_POST['isamp_password'])) {
$error = "Username or Password is invalid!";
} else {
$isamp = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
$username = stripslashes($username);
$password = stripslashes($password);
$username = $isamp - > real_escape_string($username);
$password = $isamp - > real_escape_string($password);
$username = $_POST['isamp_username'];
$nopassword = $_POST['isamp_password'];
$password_hash = hash('whirlpool', $nopassword);
$password = strtoupper($password_hash); // <- Also for the Register!
$sql = "select * from users where password='$password' AND username='$username'";
$result = $isamp - > query($sql) or trigger_error($isamp - > error." [$sql]"); /* i have added the suggestion from MY Common Sence */
if ($result - > num_rows == 1) {
$_SESSION['user_name'] = $username;
header("Location: ../../index.php");
} else {
$error = "Username or Password is invalid!";
}
$isamp - > close();
}
} ?>
My HTML:
<?php
include('login.php');
?>
<h2>iSAMP</h2>
<hr/>
<form action="" method="post">
<label>Username :</label>
<input type="text" name="isamp_username" id="name" placeholder="Username"/><br /><br />
<label>Password :</label>
<input type="password" name="isamp_password" id="isamp_password" placeholder="*******"/><br/><br />
<input type="submit" value=" Login " name="submit"/><br />
<span><?php echo $error; ?></span>
</form>
In your first php script, move the session_start() above the include statement.
In your html file, add session_start(); above the include statement.