I am trying to get my navbar to change when logged in so that the register and sign in turn into the user's username I have my code for this and I am not understanding why it's not working...
signin.php
<?php
include 'header.php';
include 'ini.php';
$username = "";
$password = "";
if(isset($_POST['login'])) {
if ($userQuery->execute()) {
while ($row = $userQuery->fetch()) {
$username = $_POST["username"];
$password = $_POST["password"];
$userQuery = $pdo->prepare("SELECT * FROM users WHERE username LIKE :username");
$addUserQuery->bindParam(":username", $username);
if (
username == $row['User_Username'] && password == $row['User_Password']
) {
$_SESSION['loggedin'] = "true";
$_SESSION['username'] = $username;
}
}
}
}
?>
<div class="container">
<div class="row">
<div class='col-md-3'></div>
<div class="col-md-6">
<div class="login-box well">
<form action="index.php" id="login" name="login">
<legend>Sign In</legend>
<div class="form-group">
<label for="username">Username</label>
<input value='' id="username" placeholder="Username" type="text" class="form-control" />
</div>
<div class="form-group">
<label for="password">Password</label>
<input id="password" value='' placeholder="Password" type="text" class="form-control" />
</div>
<div class="input-group">
<div class="checkbox">
<label>
<input id="login-remember" type="checkbox" name="remember" value="1"> Remember me
</label>
</div>
</div>
<div class="form-group">
<input type="submit" id="login" name="login" class="btn btn-default btn-login-submit btn-block m-t-md" value="Login" />
</div>
<span class='text-center'>Forgot Password?</span>
<div class="form-group">
<p class="text-center m-t-xs text-sm">Do not have an account?</p>
Create an account
</div>
</form>
</div>
</div>
<div class='col-md-3'></div>
</div>
</div>
<?php
include 'footer.php';
?>
header.php
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="Web Development company providing HTML, CSS, PHP and JS in your local area">
<meta name="author" content="Kieran Brownfield">
<title>Web Development Penzance - Providing Web Development in your area</title>
<!-- Bootstrap Core CSS -->
<link href="css/bootstrap.min.css" rel="stylesheet"/>
<link href="css/main.css" rel="stylesheet"/>
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<header class="header">Web Development Penzance</header>
<!-- Navigation -->
<nav class="navbar navbar-inverse navbar-static-top" role="navigation">
<div class="container">
<!-- Brand and toggle get grouped for better mobile display -->
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
</div>
<!-- Collect the nav links, forms, and other content for toggling -->
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
<li>
Home
</li>
<li>
About
</li>
<li>
Contact
</li>
<li>
Gallery
</li>
<li>
Meet the Team
</li>
</ul>
<ul class="nav navbar-nav pull-right">
<?php
if (isset($_SESSION['loggedin'])) { ?>
<li><p class="navbar-text navbar-right">Signed in as: <?php echo $_SESSION["username"] ?> </p></li>
<li>Logout</li>
<li>Account</li>
<?php } else { ?>
<li>Register</li>
<li>Login</li>
<?php } ?>
</ul>
</div>
<!-- /.navbar-collapse -->
</div>
<!-- /.container -->
</nav>
In order to access the $_SESSION variable across page loads, add session_start() to the top of both of these files. Docs.
Related
Quick Note : This thread was closed for being a duplicate question however the links I found were to do with 'Preventing MySQL Injection Attacks', which was not the answer I was looking for. If reposting this question goes against any guidelines, I don't mind taking this post down.
I've been working on an online booking website and the projects works when I run it on WAMP. I decided to get 1 month hosting on ecowebhosting.com and I've uploaded my project/files as well as change my 'db.php' file to match the settings of phpMyAdmin ( host, username, password, etc. ) however I am not able to sign in.
This is the login page for my website : https://gyazo.com/07f6bb065971b20ba07628d2a68cf1b0
And you are able to register, and the user has been registered when I checked the database on phpMyAdmin however I am not able to login as this occurs when I login in any account : https://gyazo.com/312725f461d4790a99b1b47e97a97066
I thought it was something to do with the 'dashboard.php' file, so I removed the 'include("auth_session.php")' to see if anything was wrong with the file, but it worked as normal. Here is a copy of the code for 'login.php':
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Modern Haircut Designs</title>
<!-- Bootstrap css style sheet -->
<link href="bootstrap/css/bootstrap.min.css" rel="stylesheet">
<!-- For the seperate stuff -->
<link href="coursework_style.css" rel="stylesheet">
<!-- Make sure to add this to the coursework style sheet so less files -->
<link href="login_style.css" rel="stylesheet">
<!-- To enable the javascript shenanigans -->
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
<script src="bootstrap/js/bootstrap.min.js"></script>
</head>
<body>
<?php
require('db.php');
session_start();
if (isset($_POST['username'])) {
$username = stripslashes($_REQUEST['username']);
$username = mysqli_real_escape_string($con, $username);
$password = stripslashes($_REQUEST['password']);
$password = mysqli_real_escape_string($con, $password);
$query = "SELECT * FROM `users` WHERE username='$username'
AND password='$password'";
$result = mysqli_query($con, $query) or die(mysql_error());
$rows = mysqli_num_rows($result);
if ($rows == 1) {
$_SESSION['username'] = $username;
header("Location: dashboard.php");
} else {
//Might be necessary to create an error page so the user knows?
header("Location: login.php");
}
} else{
?>
<nav class="navbar navbar-fixed-top navbar-inverse">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="/index.php">Modern Haircut Designs</a>
</div>
<div class="collapse navbar-collapse" id="navbar-collapse">
<ul class="nav navbar-nav navbar-right">
<li class="actif">Home</li>
<li>Services</li>
<li>Our Team</li>
<li>Reviews</li>
<li>Contact</li>
<li>Login</li>
</ul>
</div>
</div>
</nav>
<section class="login-cover">
<div class="wrapper fadeInDown">
<div id="formContent">
<div class="fadeIn first">
<img src="img/login_icon.jpg" id="icon" alt="MHC Logo" />
</div>
<form method="post" name="login">
<input type="text" id="login" class="fadeIn second" name="username" placeholder="Username" required>
<input type="password" id="password" class="fadeIn third" name="password" placeholder="Password" style="background-color: #f6f6f6;border: none;color: #0d0d0d;padding: 15px 32px;text-align: center;text-decoration: none;display: inline-block;font-size: 16px;margin: 5px;width: 85%;border: 2px solid #f6f6f6;transition: all;0.5s ease-in-out;border-radius: 5px 5px 5px 5px;" required>
<input type="submit" class="fadeIn fourth" value="Login" name="submit">
</form>
<div class="formFooter">
<a class="underlineHover" href="register.php" id="register">Register Here</a>
<a class="underlineHover" href="#" id="forgot_password">Forgot Password?</a>
</div>
</div>
</div>
</section>
<?php
}
?>
<footer style="bottom: 0; width: 100%;">
crafted with ♥ in Bangladesh by ###
</footer>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<script src="bootstrap/js/bootstrap.min.js"></script>
</body>
</html>
As requested, here's a markup for the 'dashboard.php' file:
<?php
//Reminder to include this for the booking part
include("auth_session.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Modern Haircut Designs</title>
<!-- Bootstrap Stuff -->
<link href="bootstrap/css/bootstrap.min.css" rel="stylesheet">
<!-- Coursework Style that's seperate -->
<link href="coursework_style.css" rel="stylesheet">
</head>
<body>
<nav class="#">
<div class="container">
<div class="#">
<button type="button" class="#">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="#" href="#top">Modern Haircut Designs</a>
</div>
<div class="#" id="#">
<ul class="#">
<li class="actif">Home</li>
<li>Services</li>
<li>Our Team</li>
<?php
if($_SESSION['username'] == 'admin'){
?><li>Manage Appointments</li><?php
}else{
?><li>View Appointments</li>
<li>Book Appointment</li>
<?php
}
?>
<li>Logout</li>
</ul>
</div>
</div>
</nav>
<div class="cover" id="top">
<div class="cover-text">
<h1>Hey, <?php echo $_SESSION['username']; ?>!</h1>
<p class="lead">Book an appointment now by clicking the button below</p>
Get started!
</div>
</div>
<section id="services">
<h2>Here is a list of the services we provide</h2>
<div class="container">
<div class="row">
#Text about the different types of haircuts
</section>
<section id="team">
<div class="container">
#Pictures and quotes of the different team members
</div>
</section>
<section id="contact-us">
<div class="container">
#ContactInformation here
</div>
</section>
<footer>
crafted with ♥ in Bangladesh by ###
</footer>
<!-- jQuery for javascript stuff-->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<!-- Bootstrap javascript code / might remove tho -->
<script src="bootstrap/js/bootstrap.min.js"></script>
</body>
</html>
The solution, as pointed out by #rickdenhaan, was to move the block of php code containing the 'header(###)' section to the start of the file. Another solution I found was to use javascript to open the file.
Hello I seem to be having a very frustrating problem with my login which i cannot seem to fix as there is no error output.I seem to have fixed this problem on my mac but i transfered the exact files over to my windows pc and its stopped working again. whenever I try and login with the example a#a.com and password a is seems to just refresh the page over and over no matter how many times I have tried.I was wondering if anyone could help with this error?
I have tried adding the action to login.php it seems to make no difference.
picture of table im taking data from:
session.php:
<?php
include('config.php');
session_start();
$user_check = $_SESSION['login_user'];
$ses_sql = mysqli_query($conn,"select email_adress from customer where email_adress = '$user_check' ");
$row = mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);
$login_session = $row['email_adress'];
if(!isset($_SESSION['login_user'])){
header("location:login.php");
}
?>
login.php
<?php
include("config.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST") {
// username and password sent from form
$myusername = mysqli_real_escape_string($conn,$_POST['username']);
$mypassword = mysqli_real_escape_string($conn,$_POST['password']);
$sql = "SELECT customer_id FROM customer WHERE email_adress = '$myusername' and password = '$mypassword'";
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$active = $row['customer_id'];
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1) {
$_SESSION['login_user'] = $myusername;
header("location: index2.php");
}else {
$error = "Your Login Name or Password is invalid";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Login | Bid4MyJob</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="Bid4MyJob">
<meta name="author" content="James Wood">
<!-- CSS -->
<link href="assets/css/bootstrap.css" rel="stylesheet" type="text/css">
<link href="assets/css/font-awesome.min.css" rel="stylesheet" type="text/css">
<link href="assets/css/main.css" rel="stylesheet" type="text/css">
<link href="assets/css/my-custom-styles.css" rel="stylesheet" type="text/css">
<!-- IE 9 Fallback-->
<!--[if IE 9]>
<link href="assets/css/ie.css" rel="stylesheet">
<![endif]-->
<!-- GOOGLE FONTS -->
<link href='http://fonts.googleapis.com/css?family=Open+Sans:300,400italic,400,600,700' rel='stylesheet' type='text/css'>
<link href='http://fonts.googleapis.com/css?family=Roboto+Condensed:300,300italic,400italic,700,400,300' rel='stylesheet' type='text/css'>
<!-- FAVICONS -->
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="assets/ico/repute144x144.png">
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="assets/ico/repute114x114.png">
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="assets/ico/repute72x72.png">
<link rel="apple-touch-icon-precomposed" href="assets/ico/repute57x57.png">
<link rel="shortcut icon" href="assets/ico/favicon.png">
</head>
<body>
<!-- WRAPPER -->
<div class="wrapper">
<!-- NAVBAR -->
<nav class="navbar navbar-default " role="navigation">
<div class="container">
<!-- TOPBAR -->
<div class="topbar">
<ul class="list-inline top-nav">
<li>
<div class="btn-group">
<button type="button" class="btn btn-link dropdown-toggle btn-xs" data-toggle="dropdown"><img src="assets/img/flags/United-Kingdom.png" alt="United Kingdom"> United Kingdom <span class="caret"></span></button>
<ul class="dropdown-menu dropdown-menu-right country-selector" role="menu">
<li>
<img src="assets/img/flags/United-Kingdom.png" alt="United Kingdom"> United Kingdom
</li>
<li>
<img src="assets/img/flags/Japan.png" alt="Japan"> Japan
</li>
<li>
<img src="assets/img/flags/China.png" alt="China"> China
</li>
<li>
<img src="assets/img/flags/Germany.png" alt="Germany"> Germany
</li>
</ul>
</div>
</li>
<li>Help</li>
<li>Support</li>
</ul>
<div class="searchbox">
<form method="post">
<div class="input-group input-group-sm">
<input type="text" class="form-control" placeholder="search ...">
<span class="input-group-btn">
<button class="btn btn-default" type="button"><i class="fa fa-search"></i></button>
</span>
</div>
</form>
</div>
</div>
<!-- END TOPBAR -->
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#main-nav">
<span class="sr-only">Toggle Navigation</span>
<i class="fa fa-bars"></i>
</button>
<a href="index.html" class="navbar-brand navbar-logo navbar-logo-bigger">
</a>
</div>
<!-- MAIN NAVIGATION -->
<div id="main-nav" class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
<li>
HOME
</li>
<li>
HOW IT WORKS
</li>
<li>
POST JOB
</li>
<li>
FIND JOB
</li>
<li>
SIGN UP
</li>
<li>
LOGIN
</li>
</ul>
</div>
<!-- END MAIN NAVIGATION -->
</div>
</nav>
<!-- END NAVBAR -->
<!-- BREADCRUMBS -->
<div class="page-header">
<div class="container">
<h1 class="page-title pull-left">Login</h1>
<ol class="breadcrumb">
<li>Home</li>
<li class="active">Login</li>
</ol>
</div>
</div>
<!-- END BREADCRUMBS -->
<!-- PAGE CONTENT -->
<div class="page-content">
<div class="col-md-6">
<!-- LOGIN FORM -->
<h2 class="section-heading">Login Form</h2>
<form class="form-horizontal" role="form" action = "login.php" method = "post">
<div class="form-group">
<label for="username" class="control-label sr-only">Email</label>
<div class="col-sm-12">
<div class="input-group">
<input type="email" class="form-control" id="username" name = "username" placeholder="Email">
<span class="input-group-addon"><i class="fa fa-envelope"></i></span>
</div>
</div>
</div>
<div class="form-group">
<label for="password" class="control-label sr-only">Password</label>
<div class="col-sm-12">
<div class="input-group">
<input type="password" class="form-control" id="password" name="password" placeholder="Password">
<span class="input-group-addon"><i class="fa fa-lock"></i></span>
</div>
</div>
</div>
<div class="form-group">
<div class="col-sm-12">
<label class="fancy-checkbox">
<input type="checkbox">
<span>Remember me</span>
</label>
</div>
</div>
<div class="form-group">
<div class="col-sm-12">
<button type="submit" class="btn btn-primary"><i class="fa fa-sign-in"></i> Sign in</button>
</div>
</div>
</form>
<br>
<p><em>Don't have an account yet?</em> <strong>Sign Up</strong>
<br>
<em>Forgot your password?</em> Recover Password</p>
<!-- END LOGIN FORM -->
</div>
</div>
<br>
<br>
<div class="row">
<div class="col-md-6">
<!-- LOGIN FORM WITH LABEL -->
<!-- END LOGIN FORM WITH LABEL -->
</div>
<div class="col-md-6">
<!-- SIMPLE FORM -->
<!-- END SIMPLE FORM -->
</div>
</div>
<br>
<br>
<!-- INLINE FORM -->
<!-- END INLINE FORM -->
</div>
</div>
</div>
</div>
<!-- END PAGE CONTENT -->
<!-- FOOTER -->
<footer>
<div class="container">
<div class="row">
<div class="col-md-4">
<!-- COLUMN 1 -->
<h3 class="sr-only">ABOUT US</h3>
<img src="assets/img/logo/repute-logo-light.png" class="logo" alt="Repute">
<p>Proactively aggregate B2B initiatives before extensive channels. Monotonectally extend interactive methods of empowerment through excellent applications. Rapidiously synergize visionary products with sticky technology.</p>
<br>
<address class="margin-bottom-30px">
<ul class="list-unstyled">
<li>Unit 5, Block B Nesfield Road
<br/> Colchester, Essex CO4 3ZL 222222</li>
<li>Phone: 01206 588 000</li>
<li>Email: sales#universalwebdesign.co.uk</li>
</ul>
</address>
<!-- END COLUMN 1 -->
</div>
<div class="col-md-4">
<!-- COLUMN 2 -->
<h3 class="footer-heading">USEFUL LINKS</h3>
<div class="row margin-bottom-30px">
<div class="col-xs-6">
<ul class="list-unstyled footer-nav">
<li>About Us</li>
<li>News</li>
<li>Community</li>
<li>Career</li>
<li>Blog</li>
</ul>
</div>
<div class="col-xs-6">
<ul class="list-unstyled footer-nav">
<li>Press Kit</li>
<li>FAQ</li>
<li>Terms</li>
<li>Privacy Policy</li>
<li>Contact Us</li>
</ul>
</div>
</div>
<!-- END COLUMN 2 -->
</div>
<div class="col-md-4">
<!-- COLUMN 3 -->
<div class="newsletter">
<h3 class="footer-heading">NEWSLETTER</h3>
<p>Get the latest update from us by subscribing to our newsletter.</p>
<form class="newsletter-form" method="POST">
<div class="input-group input-group-lg">
<input type="email" class="form-control" name="email" placeholder="youremail#domain.com">
<span class="input-group-btn"><button class="btn btn-primary" type="button"><i class="fa fa-spinner fa-spin"></i><span>SUBSCRIBE</span></button>
</span>
</div>
<div class="alert"></div>
</form>
</div>
<div class="social-connect">
<h3 class="footer-heading">GET CONNECTED</h3>
<ul class="list-inline social-icons">
<li><i class="fa fa-facebook"></i></li>
<li><i class="fa fa-twitter"></i></li>
<li><i class="fa fa-google-plus"></i></li>
<li><i class="fa fa-rss"></i></li>
</ul>
</div>
<!-- END COLUMN 3 -->
</div>
</div>
</div>
<!-- COPYRIGHT -->
<div class="text-center copyright">
©2018 Bid4MyJob. All Rights Reserved.
</div>
<!-- END COPYRIGHT -->
</footer>
<!-- END FOOTER -->
</div>
<!-- END WRAPPER -->
<!-- JAVASCRIPTS -->
<script src="assets/js/jquery-2.1.1.min.js"></script>
<script src="assets/js/bootstrap.min.js"></script>
<script src="assets/js/plugins/autohidingnavbar/jquery.bootstrap-autohidingnavbar.min.js"></script>
<script src="assets/js/repute-scripts.js"></script>
</body>
</html>
You run the query:
$sql = "SELECT customer_id FROM customer WHERE email_adress = 'a#a.com' and password = 'a'";
this returns multiple results for $count = mysqli_num_rows($result); is thus > 1.
So you always fall into the else:
if($count == 1) {
$_SESSION['login_user'] = $myusername;
header("location: index2.php");
}else {
$error = "Your Login Name or Password is invalid";
}
Try for testing purposes try:
if($count >= 1) {
$_SESSION['login_user'] = $myusername;
header("location: index2.php");
}else {
$error = "Your Login Name or Password is invalid";
}
ofc later you will have to make sure you can't sign up email addresses twice.
Secondly you might want to forward to your session.php instead?
header("location:session.php"); // instead of index2.php
currently I have a website with a basic login, I was just wondering how I would display a the name,skill and description of the unique user who is logged in.This is what I have done so far.I can only find articles on how to display data into table.This is the updated code:
<?php
include('session.php');
require 'config.php';
$sql = "SELECT * FROM profile";
$result = $conn->query($sql);
//echo "id: " . $row["id"]. " - Name: " . $row["firstname"]. " " . $row["lastname"]. "<br>";
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="profile.css">
</head>
<body>
<ul>
<li>Home</li>
<li>PostJob</li>
<li>Find Job</li>
<li>How It Works</li>
<li>Notifications</li>
<li>Message</li>
<li>profile</li>
</ul>
<h1>Welcome To Bid4MyJob</h1>
<li>edit profile</li>
<div id="ProfilePage">
<div id="LeftCol">
<div id="Photo"></div>
<div id="ProfileOptions">
a
</div>
</div>
<div id="Info">
<p>
<strong>Name:<?php echo $row["name"]?></strong>
<!--<span>James</span>-->
</p>
<p>
<strong>Skill:<?php echo $row["skill"]?><</strong>
<!--span>James</span>-->
</p>
<!-- <p>
<strong>review:<?php /*echo $row["review"]*/?><</strong>
<span>james</span>
</p> -->
<p>
<strong>Description:<?php echo $row["description"]?><</strong>
<span>James</span>
</p>
<!--<p>
<strong>Name:</strong>
<span>james</span>
</p>-->
</div>
<!-- Needed because other elements inside ProfilePage have floats
<div style="clear:both"></div>-->
</div>
</body>
</html>
Picture of database table:
https://imgur.com/a/XYTLY
Session.php:
<?php
include('config.php');
session_start();
$user_check = $_SESSION['login_user'];
$ses_sql = mysqli_query($conn,"select email_adress from customer where email_adress = '$user_check' ");
$row = mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);
$login_session = $row['email_adress'];
if(!isset($_SESSION['login_user'])){
header("location:login.php");
}
?>
Login.php:
<?php
include("config.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST") {
// username and password sent from form
$myusername = mysqli_real_escape_string($conn,$_POST['username']);
$mypassword = mysqli_real_escape_string($conn,$_POST['password']);
$sql = "SELECT customer_id FROM customer WHERE email_adress = '$myusername' and password = '$mypassword'";
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$active = $row['customer_id'];
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1) {
$_SESSION['login_user'] = $myusername;
header("location: index2.php");
}else {
$error = "Your Login Name or Password is invalid";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Login | Bid4MyJob</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="Bid4MyJob">
<meta name="author" content="James Wood">
<!-- CSS -->
<link href="assets/css/bootstrap.css" rel="stylesheet" type="text/css">
<link href="assets/css/font-awesome.min.css" rel="stylesheet" type="text/css">
<link href="assets/css/main.css" rel="stylesheet" type="text/css">
<link href="assets/css/my-custom-styles.css" rel="stylesheet" type="text/css">
<!-- IE 9 Fallback-->
<!--[if IE 9]>
<link href="assets/css/ie.css" rel="stylesheet">
<![endif]-->
<!-- GOOGLE FONTS -->
<link href='http://fonts.googleapis.com/css?family=Open+Sans:300,400italic,400,600,700' rel='stylesheet' type='text/css'>
<link href='http://fonts.googleapis.com/css?family=Roboto+Condensed:300,300italic,400italic,700,400,300' rel='stylesheet' type='text/css'>
<!-- FAVICONS -->
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="assets/ico/repute144x144.png">
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="assets/ico/repute114x114.png">
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="assets/ico/repute72x72.png">
<link rel="apple-touch-icon-precomposed" href="assets/ico/repute57x57.png">
<link rel="shortcut icon" href="assets/ico/favicon.png">
</head>
<body>
<!-- WRAPPER -->
<div class="wrapper">
<!-- NAVBAR -->
<nav class="navbar navbar-default " role="navigation">
<div class="container">
<!-- TOPBAR -->
<div class="topbar">
<ul class="list-inline top-nav">
<li>
<div class="btn-group">
<button type="button" class="btn btn-link dropdown-toggle btn-xs" data-toggle="dropdown"><img src="assets/img/flags/United-Kingdom.png" alt="United Kingdom"> United Kingdom <span class="caret"></span></button>
<ul class="dropdown-menu dropdown-menu-right country-selector" role="menu">
<li>
<img src="assets/img/flags/United-Kingdom.png" alt="United Kingdom"> United Kingdom
</li>
<li>
<img src="assets/img/flags/Japan.png" alt="Japan"> Japan
</li>
<li>
<img src="assets/img/flags/China.png" alt="China"> China
</li>
<li>
<img src="assets/img/flags/Germany.png" alt="Germany"> Germany
</li>
</ul>
</div>
</li>
<li>Help</li>
<li>Support</li>
</ul>
<div class="searchbox">
<form method="post">
<div class="input-group input-group-sm">
<input type="text" class="form-control" placeholder="search ...">
<span class="input-group-btn">
<button class="btn btn-default" type="button"><i class="fa fa-search"></i></button>
</span>
</div>
</form>
</div>
</div>
<!-- END TOPBAR -->
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#main-nav">
<span class="sr-only">Toggle Navigation</span>
<i class="fa fa-bars"></i>
</button>
<a href="index.html" class="navbar-brand navbar-logo navbar-logo-bigger">
</a>
</div>
<!-- MAIN NAVIGATION -->
<div id="main-nav" class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
<li>
HOME
</li>
<li>
HOW IT WORKS
</li>
<li>
POST JOB
</li>
<li>
FIND JOB
</li>
<li>
SIGN UP
</li>
<li>
LOGIN
</li>
</ul>
</div>
<!-- END MAIN NAVIGATION -->
</div>
</nav>
<!-- END NAVBAR -->
<!-- BREADCRUMBS -->
<div class="page-header">
<div class="container">
<h1 class="page-title pull-left">Login</h1>
<ol class="breadcrumb">
<li>Home</li>
<li class="active">Login</li>
</ol>
</div>
</div>
<!-- END BREADCRUMBS -->
<!-- PAGE CONTENT -->
<div class="page-content">
<div class="col-md-6">
<!-- LOGIN FORM -->
<h2 class="section-heading">Login Form</h2>
<form class="form-horizontal" role="form" action = "" method = "post">
<div class="form-group">
<label for="username" class="control-label sr-only">Email</label>
<div class="col-sm-12">
<div class="input-group">
<input type="email" class="form-control" id="username" name = "username" placeholder="Email">
<span class="input-group-addon"><i class="fa fa-envelope"></i></span>
</div>
</div>
</div>
<div class="form-group">
<label for="password" class="control-label sr-only">Password</label>
<div class="col-sm-12">
<div class="input-group">
<input type="password" class="form-control" id="password" name="password" placeholder="Password">
<span class="input-group-addon"><i class="fa fa-lock"></i></span>
</div>
</div>
</div>
<div class="form-group">
<div class="col-sm-12">
<label class="fancy-checkbox">
<input type="checkbox">
<span>Remember me</span>
</label>
</div>
</div>
<div class="form-group">
<div class="col-sm-12">
<button type="submit" class="btn btn-primary"><i class="fa fa-sign-in"></i> Sign in</button>
</div>
</div>
</form>
<br>
<p><em>Don't have an account yet?</em> <strong>Sign Up</strong>
<br>
<em>Forgot your password?</em> Recover Password</p>
<!-- END LOGIN FORM -->
</div>
</div>
<br>
<br>
<div class="row">
<div class="col-md-6">
<!-- LOGIN FORM WITH LABEL -->
<!-- END LOGIN FORM WITH LABEL -->
</div>
<div class="col-md-6">
<!-- SIMPLE FORM -->
<!-- END SIMPLE FORM -->
</div>
</div>
<br>
<br>
<!-- INLINE FORM -->
<!-- END INLINE FORM -->
</div>
</div>
</div>
</div>
<!-- END PAGE CONTENT -->
<!-- FOOTER -->
<footer>
<div class="container">
<div class="row">
<div class="col-md-4">
<!-- COLUMN 1 -->
<h3 class="sr-only">ABOUT US</h3>
<img src="assets/img/logo/repute-logo-light.png" class="logo" alt="Repute">
<p>Proactively aggregate B2B initiatives before extensive channels. Monotonectally extend interactive methods of empowerment through excellent applications. Rapidiously synergize visionary products with sticky technology.</p>
<br>
<address class="margin-bottom-30px">
<ul class="list-unstyled">
<li>Unit 5, Block B Nesfield Road
<br/> Colchester, Essex CO4 3ZL 222222</li>
<li>Phone: 01206 588 000</li>
<li>Email: sales#universalwebdesign.co.uk</li>
</ul>
</address>
<!-- END COLUMN 1 -->
</div>
<div class="col-md-4">
<!-- COLUMN 2 -->
<h3 class="footer-heading">USEFUL LINKS</h3>
<div class="row margin-bottom-30px">
<div class="col-xs-6">
<ul class="list-unstyled footer-nav">
<li>About Us</li>
<li>News</li>
<li>Community</li>
<li>Career</li>
<li>Blog</li>
</ul>
</div>
<div class="col-xs-6">
<ul class="list-unstyled footer-nav">
<li>Press Kit</li>
<li>FAQ</li>
<li>Terms</li>
<li>Privacy Policy</li>
<li>Contact Us</li>
</ul>
</div>
</div>
<!-- END COLUMN 2 -->
</div>
<div class="col-md-4">
<!-- COLUMN 3 -->
<div class="newsletter">
<h3 class="footer-heading">NEWSLETTER</h3>
<p>Get the latest update from us by subscribing to our newsletter.</p>
<form class="newsletter-form" method="POST">
<div class="input-group input-group-lg">
<input type="email" class="form-control" name="email" placeholder="youremail#domain.com">
<span class="input-group-btn"><button class="btn btn-primary" type="button"><i class="fa fa-spinner fa-spin"></i><span>SUBSCRIBE</span></button>
</span>
</div>
<div class="alert"></div>
</form>
</div>
<div class="social-connect">
<h3 class="footer-heading">GET CONNECTED</h3>
<ul class="list-inline social-icons">
<li><i class="fa fa-facebook"></i></li>
<li><i class="fa fa-twitter"></i></li>
<li><i class="fa fa-google-plus"></i></li>
<li><i class="fa fa-rss"></i></li>
</ul>
</div>
<!-- END COLUMN 3 -->
</div>
</div>
</div>
<!-- COPYRIGHT -->
<div class="text-center copyright">
©2018 Bid4MyJob. All Rights Reserved.
</div>
<!-- END COPYRIGHT -->
</footer>
<!-- END FOOTER -->
</div>
<!-- END WRAPPER -->
<!-- JAVASCRIPTS -->
<script src="assets/js/jquery-2.1.1.min.js"></script>
<script src="assets/js/bootstrap.min.js"></script>
<script src="assets/js/plugins/autohidingnavbar/jquery.bootstrap-autohidingnavbar.min.js"></script>
<script src="assets/js/repute-scripts.js"></script>
</body>
</html>
You need a field on Profile that links to the customer table (or viceversa).
email can be in both tables, then you can link to your $login_session
SELECT * FROM profile WHERE email = '$login_session' LIMIT 1
In this case, take care and do not let users to change their email (without verification they own it) and do not let create a new account with the same credentials as another one.
But as a good practice on DB, it is better to have profile_id on customer
session.php
$ses_sql = mysqli_query($conn,"select email_adress, profile_id from customer where email_adress = '$user_check' ");
index.php
$sql = "SELECT * FROM profile WHERE profile_id = $profile_id LIMIT 1";
BTW:
- Try to separate concerns, between database and presentation layer. You should read more about MVC.
I'm currently having some issues with creating a webpage that's only accessible once a user has logged in.
I've looked through various threads here, but to no avail. Any help with this would be greatly appreciated.
Here's my code:
login.php
<?php
Include('connect.php');
if (isset($_REQUEST['Submit']))
{
if($_REQUEST['user_id']=="" || $_REQUEST['password']=="")
{
echo " Field must be filled";
}
else
{
$sql1= "select * from student where email= '".$_REQUEST['user_id']."' && password ='".$_REQUEST['password']."'";
$result=mysql_query($sql1)
or exit("Sql Error".mysql_error());
$num_rows=mysql_num_rows($result);
if($num_rows>0)
{
session_start($_SESSION['Login']);
Echo "You have logged in successfully";
header("Location: statistics.html");
}
else
{
echo "Wrong username or password.";
}
}
}
?>
<!DOCTYPE html>
<html class="no-js">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>PHP Login Form</title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width">
<link rel="stylesheet" href="css/bootstrap.css">
<link rel="stylesheet" href="css/main.css">
</head>
<body>
<div class="container">
<div class="row" style="margin-top:20px">
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
<form name="form_login" method="post" action="login.php" role="form">
<fieldset>
<h2>Please Sign In</h2>
<hr class="colorgraph">
<div class="form-group">
<input name="user_id" type="text" id="user_id" class="form-control input-lg" placeholder="Email Address">
</div>
<div class="form-group">
<input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password">
</div>
<span class="button-checkbox">
<button type="button" class="btn" data-color="info">Remember Me</button><!-- Additional Option -->
<input type="checkbox" name="remember_me" id="remember_me" checked="checked" class="hidden">
<hr class="colorgraph">
<div class="row">
<div class="col-xs-6 col-sm-6 col-md-6">
<input type="submit" name="Submit" value="Login" class="btn btn-lg btn-success btn-block">
</div>
</div>
</fieldset>
</form>
</div>
</div>
</div>
</body>
</html>
And statistics.html (Page that should only be accessible when logged in)
<?php
include ("login.php")
session_start();
if(!isset($_SESSION['Login']))
{
header("Location:login.php");
die();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Personal Website</title>
<link rel="stylesheet" href="../../CSS/stylesheetmain.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css">
</head>
<body>
<!--Navigation Bar-->
<div class="row">
<div class="darkgrey column col-md-8 col-md-offset-2 col-xs-12 col-s-12">
<nav class="navbar navbar-background-color">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1"><!--Reference: Bootstrap, 2015. getbootstrap.com. [Online] Available at: http://getbootstrap.com/ [Accessed 01 April 2015]-->
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../index.html"></a>
</div>
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav navbar-right">
<li class="active">Home</li><!--Edits made: Removed active button -->
<li>About Me</li>
<li>Blog</li>
<li>Contact Me</li>
<li>Login</li>
</ul>
</div><!-- /.navbar-collapse -->
</div><!-- /.container-fluid -->
</nav>
</div>
</div>
<div class="row">
<div class="navbarbottom column col-md-8 col-md-offset-2 col-xs-12 col-s-12"></div>
</div>
<!--Page Title-->
<div class="row">
<div class="title mediumbluetext col-md-8 col-md-offset-2 col-xs-0 col-s-0">
<center><h1>Statistics</h1></center>
</div>
</div>
<!--Main Body-->
<div class="row">
<!--Left Column Spacer-->
<div class="maintextleftbackground column col-md-2 col-xs-0 col-s-0">
<script type="text/javascript" src="//s7.addthis.com/js/300/addthis_widget.js#pubid=ra-52f8f8c0164b330f" async="async"></script>
</div>
<!--Middle Column-->
<div class="maintext80 column col-md-8 col-xs-12 col-s-8 col-s-offset-2"><br>
<div id="main-chart-container"></div>
<div id="breakdown-chart-container"></div>
<div id="embed-api-auth-container"></div>
<div id="view-selector-container"></div>
</div>
<!--Right Column Spacer-->
<div class="maintextrightbackground column col-md-2 col-xs-0 col-s-0">
</div>
</div>
<!--Footer Bar-->
<div class="row">
<div class="darkgrey column col-md-8 col-md-offset-2 col-xs-12 col-s-12">
<nav class="navbar-background-color">
<div class="container-fluid">
<p class="navbar-text navbar-right">SiteMap</p>
</div>
</nav>
</div>
</div>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>
<script>
(function(w,d,s,g,js,fs){
g=w.gapi||(w.gapi={});g.analytics={q:[],ready:function(f){this.q.push(f);}};
js=d.createElement(s);fs=d.getElementsByTagName(s)[0];
js.src='https://apis.google.com/js/platform.js';
fs.parentNode.insertBefore(js,fs);js.onload=function(){g.load('analytics');};
}(window,document,'script'));
</script>
</body>
</html>
No matter what I try, I can't seem to get the code to work. The files are in the same directory as well.
Any help with this would be greatly appreciated.
A few things wrong here but you're on the right track.
You are VERY susceptible to SQL injection. Please read about it.
Your form uses POST so your PHP should use $_POST and not $_REQUEST
You cannot set a session variable by passing it through to session_start. You need to set the variable like so: $_SESSION['isLoggedIn'] = true.
You are echoing right before you issue a header command. You cannot output anything before redirecting.
I'm trying to include a different navigation menu for users that are logged in but seem to be having trouble. I'm currently setting a session when a user successfully authenticates, that session then sets a session variable so we know if the user is logged in or logged out.
If they are logged in, they should see the logged in menu, otherwise they should just see the logged out menu. For some reason i cannot get this to work through checking if the user is logged in - not sure what i'm doing wrong.
index.php
<?php
require_once("inc/config.php");
require(ROOT_PATH . "inc/database.php");
session_start();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Property Rental</title>
<!-- CSS -->
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<link href="css/responsive.css" rel="stylesheet">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<header role="banner" id="top" class="navbar navbar-static-top bs-docs-nav">
<div class="container">
<div class="navbar-header">
<button data-target=".bs-navbar-collapse" data-toggle="collapse" type="button" class="navbar-toggle">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
</div>
<nav role="navigation" class="collapse navbar-collapse bs-navbar-collapse">
<ul class="nav navbar-nav">
<li class="active">
Menu Item 1
</li>
<li>
Menu Item 2
</li>
<li>
Menu Item 3
</li>
<li>
Menu Item 4
</li>
<li>
Menu Item 5
</li>
<?php
if ( $_SESSION['loggedin'] == true) {
include("inc/logged.php");
} else {
include("inc/loggedOut.php");
}
print_r($_SESSION);
?>
</ul>
</nav>
</div>
</header>
<div class="container">
<h1>Hello, world!</h1>
</div>
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
<script src="/js/bootstrap.js"></script>
<script src="/js/core.js"></script>
</body>
</html>
users.database.php
<?php
$username = $_POST['username'];
$password = $_POST['password'];
try {
$result = $db->prepare("SELECT username, pass FROM user_info WHERE username = :user AND BINARY pass = :pass");
$result->bindParam(':user', $username);
$result->bindParam(':pass', $password);
$result->execute();
$rows = $result->fetch(PDO::FETCH_NUM);
}
catch (Exception $e) {
echo "Could not retrieve data from database";
exit();
}
if ($password = $rows) {
session_start();
$_SESSION['username'] = $_POST['username'];
$_SESSION['loggedin'] = true;
} else {
if (isset($_POST['login'])) {
echo "Username or password incorrect (passwords are case sensitive)";
}
}
?>
logged.php
<li class="login-register pull-right">
<ul>
<li class="login pull-left">
My Account
<div class="login-box">
<div class="login-box-inner">
Logout
</div>
</form>
</div>
</li>
</ul>
</li>
loggedOut.php
<li class="login-register pull-right">
<ul>
<li class="login pull-left">
Login
LOGOUT
<div class="login-box">
<div class="login-box-inner">
<div class="up-arrow"></div>
<form role="form" method="post">
<div class="form-group">
<label>Username or Email</label>
<input type="text" name="username">
</div>
<div class="form-group">
<label>Password</label>
<input type="password" name="password">
</div>
<?php require(ROOT_PATH . "inc/users.database.php"); ?>
<div class="form-group">
<div class="row">
<div class="col-xs-6">
<label class="remember-me">
<input type="checkbox" name="remember"> Remember me
</label>
</div>
<div class="col-xs-6">
<button type="submit" name="login" class="btn btn-small btn-primary pull-right">Login</button>
</div>
</div>
</div>
</form>
</div>
</form>
</div>
</li>
<span class="slash">/</span>
<li class="pull-right">
Register
</li>
</ul>
</li>
$loggedin is not being set in your index.php file.
Replace your if condition with this:
if ($_SESSION['loggedin'] == true) {
You can also use this which has the exact same meaning...
if ( $_SESSION['loggedin'] ) {
With the above code, you are going to need to start a session on that page with session_start();
If you are using javascript to go back in the history when a user logs in, change it to this...
<script>
window.location.href = document.referrer;
</script>
NOTE: This will only go back one page in the history.