I have been using the same as written. But whenever I click on it, it gives an error
Notice: Undefined index: username in D:\xamp\htdocs\xampp\new\login.php on line 3
Notice: Undefined index: password in D:\xamp\htdocs\xampp\new\login.php on line 4
please enter username and password
My HTML is:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<form action="login.php" method="POST">Username:
<input type ='text' name="username" /><br />
password<input type="password" name="password" /><br />
<input type="submit" value="login" /></form>
</body>
</html>
While my PHP is:
<?php
$username = '$_POST[username]';
$password = '$_POST[password]';
if($username && $password)
{
$connect = mysql_connect(“localhost”, “root”, “”);
$query=mysql_query("SELECT * FROM usres WHERE username=$username");
$numrows = mysql_num_rows($query);
if (!connect) {
die('Connection Failed: ' . mysql_error());
}
mysql_select_db(“phplogin”, $connect);
}else{
die("please enter username and password");
enter code here
}
?>
Try this one
<?php
$username = $_POST['username'];
$password = $_POST['password'];
$connect = mysql_connect("localhost", "root", "");
if (!$connect) {
die('Connection Failed: ' . mysql_error());
}
mysql_select_db("phplogin", $connect);
if($username && $password) {
$query=mysql_query("SELECT * FROM usres WHERE username='".$username."' ");
$numrows = mysql_num_rows($query);
if($numrows > 0){
//redirect to other page
}else{
echo "please enter username and password";
}
} else {
echo "please enter username and password";
}
?>
Related
Im getting a interesting error message. It says that my $databaseConnection is considered a non object in my script. But this script works perfectly fine on my test server. Any idea why pdo would consider my $databaseConnection a non object?
PHP Fatal error: Call to a member function prepare() on a non-object in /nas/content/live/inboundpro/leadportal/index.php on line 35
<?php
session_start();
//DB configuration Constants
define('_HOST_NAME_', '162.242.221.151;3306');
define('_USER_NAME_', '*****');
define('_DB_PASSWORD', '*****');
define('_DATABASE_NAME_', '*****');
$user = '*****';
$pass = '*****';
//PDO Database Connection
try {
$databaseConnection = new PDO('mysql:host=162.242.221.151;dbname=wp_inboundpro', $user, $pass);
$databaseConnection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}
if(isset($_POST['submit'])){
$errMsg = '';
//username and password sent from Form
$username = trim($_POST['username']);
$password = trim($_POST['password']);
if($username == '')
$errMsg .= 'You must enter your Username<br>';
if($password == '')
$errMsg .= 'You must enter your Password<br>';
if($errMsg == ''){
$records = $databaseConnection->prepare('SELECT id,username,password,hash FROM tbl_users WHERE username = :username');
$records->bindParam(':username', $username);
$records->execute();
$results = $records->fetch(PDO::FETCH_ASSOC);
if(count($results) > 0 && password_verify($password, $results['hash'])){
$_SESSION['username'] = $results['username'];
$_SESSION['logged_in'] = true;
header('location:dashboard.php');
exit;
}else{
$errMsg .= 'Username and Password are not found<br>';
}
}
}
?>
<html>
<head>
<meta name="robots" content="noindex">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta name="viewport" content="width=device-width">
<title>Login Page PHP Script</title>
<link href="css/index.css" rel="stylesheet" type="text/css">
</head>
<html>
<body>
<div class="front">
<div class="center">
<div class="LoginPortal">
<?php
if(isset($errMsg)){
echo '<div style="color:#FF0000;text-align:center;font-size:12px;background-color:white;padding-top:5px;padding-bottom:5px;">'.$errMsg.'</div>';
}
?>
<form action="" method="post">
<div class="formTop"><img src="images/IP_Logo_SOLO.png"></div>
<div class="Formcenter">
<input type="text" name="username" class="box" placeholder="USERNAME"/>
<input type="password" name="password" class="box" placeholder="PASSWORD"/><br />
<input type="submit" name='submit' value="Submit" class='submit'/>
</div>
</form>
</div><!-- close center -->
</div>
</div>
</body>
</html>
Any prob in the correct direction would be awesome. I'm a beginner at PDO
I am creating a login page using PHP and Mysqli database, I wrote the query, however mysqli_num_rows() give me an error when value is given. PS: I did this in Object Oriented Format
<?php
$host = "localhost";
$user = "root";
$pass = "";
$db = "customerdb";
$connection = #new mysqli($host, $user, $pass, $db);
if ($connection->connect_errno) {
die("Connection failed!");
exit();
}
if (isset($_POST['submit'])) {
$username = $connection->real_escape_string($_POST['username']);
$password = $connection->real_escape_string($_POST['password']);
$script = "SELECT * FROM customer_management WHERE
customer_management.Username='".$username."'AND WHERE customer_management_Password='".$password."'";
$result = $connection->query($script, MYSQLI_USE_RESULT);
$check = $result->num_rows;
if ($check >= 1){
echo "Welcome to this website";
}
else{
echo"Sorry but your input is incorrect!";
}
}
?>
<!DCOTYPE html>
<html lang='en'>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login Page</title>
</head>
<body>
<h1>Login Page</h1>
<form method="post" action="login.php">
<input type="text" placeholder = 'username' name="username" /><br /><br />
<input type="password" placeholder="password" name="password" /><br /><br />
<input type="submit" name="submit" value="Log In" />
</form>
</body>
</html>
Change customer_management_Password to customer_management.Password in your query.
I got this login form, it is then verified by the users.php file, but even tough the username and the password are on the database, it says the password is wrong. The database is working correctly and it's connected to the page.
Login form:
<?php
require_once('/funcoes/Users.php');
if( !empty($_POST)){
try{
$users = new OOP_Users();
$result = $users->login($_POST['username'], $_POST['password']);
if ( $result == 'ok'){
}
else{
echo "Username/Password erradas!!";
}
}
catch(Exception $e){
echo "Authentication error!";
}
}
else{
session_start();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login</title>
</head>
<body><?php
if(!isset($_SESSION['username'])){
?>
<form name="Formulario_Login" action="#" method="POST"/>
<table>
<tr>
<td> Username </td><td><input name="username" type="text" <span style="font-size: 15px;" ></input></td></tr>
<tr>
<td> Password </td><td><input name="password" type="password" <span style="font-size: 15px;"></input></td></tr></tr>
<td colspan="7"><input type="submit" value="Login"></td></tr>
</table>
<?php
}
else{
echo 'Welcome ' . $_SESSION['username'] . "! <br>".'Logout';
echo '<br>Alterar perfil';
echo '<br>Apagar conta';
}
?>
</body>
</html>
And in the users.php i got this function
Users.php:
public function login($username, $password){
$result = $this->_myDB->performQuery("SELECT * FROM `users` WHERE `username' = '$username' AND 'password' = '$password'");
if ( $result->num_rows != 1 ){
return ('Authentication error');
}
else{
session_start();
$_SESSION['username'] = $username;
return('ok');
}
}
Even tough i have the username "ines" and the password "ines123" on the database, every time i try to login i got the error: "Authentication error!"
Can anyone tell me what am i doing wrong?
The database is set up correctly but I the error handler when I dont enter a username or password is not working. I always get Invalid username and/or password
The following code doesn't go the the "loginhandler.php" link
Any ideas to why?
No matter the input the code executes`
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Untitled Document</title>
<link rel="stylesheet" type="text/css" href="css/login.css">
</head>
<body>
<?php
$okay = FALSE;
$username = ($_POST['username']);
$password = ($_POST['password']);
$onError = "";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (empty($_POST['username'])) {
$onError = 'Please Enter your Username';
$okay = FALSE;
}
if (empty($_POST['password'])) {
$onError = 'Please Enter your password';
$okay = FALSE;
}
if($okay == FALSE)
{
$dbc = mysql_connect('localhost', 'user', 'pass');
mysql_select_db('db_name', $dbc);
$query = "SELECT * FROM signup WHERE username = '" . $username . "' AND password='" . $password . "'";
if ($result = mysql_query($query, $dbc)) {// Run the query.
while ($row = mysql_fetch_array($result)) {
$okay = true;
}
} else {
}
}
if ($okay) {
// session_start();
$_SESSION['username'] = $username;
header('Loction: loginhandler.php');
exit() ;
} else {
$onError = "Invalid username and/or password";
}
}
?>
<!-- Begin Page Content -->
<div id="container">
<form id='login' action='login.php' method='post' accept-charset='UTF-8'>
<div class="error"><?php echo $onError; ?></div>
<label for="username">Username:</label>
<input type="text" id="username" name="username">
<label for="password">Password:</label>
<input type="password" id="password" name="password">
<div id="lower">
<input type="checkbox"><label class="check" for="checkbox">Keep me logged in</label>
<input type="submit" value="Login">
<p>Click here to Signup.</p>;
</div><!--/ lower-->
</form>
</div><!--/ container-->
<!-- End Page Content -->
</body>
</html>`
$onError = "Invalid username and/or password";
First, you are using session. add session_start() at the top of the page.
header('Location: loginhandler.php'); you wrote Location wrong.
if($okay == FALSE) Should be if($okay == TRUE)
And you alweyes getting the invalid message because you have "$onError = "Invalid username and/or password";" at the bottom of the code outside any PHP tags.
Hi i have got a sample php login system script. Unfortunately when i enter correct login credentials, it refreshes and remains on the index.php prompting me to login again. My guess is that the seession may not be storing properly.
Please Find the source code below:
index.php
<?php include "base.php"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>User Management System (Tom Cameron for NetTuts)</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<div id="main">
<?php
if(empty($_SESSION['LoggedIn']) && empty($_SESSION['Username']))
{
?>
<h1>Member Area</h1>
<p>Thanks for logging in! You are <b><?=$_SESSION['Username']?><b> and your email address is <b><?=$_SESSION['EmailAddress']?></b>.</p>
<ul>
<li>Logout.</li>
</ul>
<?php
}
elseif(!empty($_POST['username']) && !empty($_POST['password']))
{
$username = mysql_real_escape_string($_POST['username']);
$password = md5(mysql_real_escape_string($_POST['password']));
$checklogin = mysql_query("SELECT * FROM users WHERE Username = '".$username."' AND Password = '".$password."'");
if(mysql_num_rows($checklogin) == 1)
{
$row = mysql_fetch_array($checklogin);
$email = $row['EmailAddress'];
$_SESSION['Username'] = $username;
$_SESSION['EmailAddress'] = $email;
$_SESSION['LoggedIn'] = 1;
echo "<h1>Success</h1>";
echo "<p>We are now redirecting you to the member area.</p>";
echo "<meta http-equiv='refresh' content='=2;index.php' />";
}
else
{
echo "<h1>Error</h1>";
echo "<p>Sorry, your account could not be found. Please click here to try again.</p>";
}
}
else
{
?>
<h1>Member Login</h1>
<p>Thanks for visiting! Please either login below, or click here to register.</p>
<form method="post" action="index.php" name="loginform" id="loginform">
<fieldset>
<label for="username">Username:</label><input type="text" name="username" id="username" /><br />
<label for="password">Password:</label><input type="password" name="password" id="password" /><br />
<input type="submit" name="login" id="login" value="Login" />
</fieldset>
</form>
<?php
}
?>
</div>
</body>
</html>
register.php
<?php include "base.php"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>User Management System (Tom Cameron for NetTuts)</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<div id="main">
<?php
if(!empty($_POST['username']) && !empty($_POST['password']))
{
$username = mysql_real_escape_string($_POST['username']);
$password = md5(mysql_real_escape_string($_POST['password']));
$email = mysql_real_escape_string($_POST['email']);
$checkusername = mysql_query("SELECT * FROM users WHERE Username = '".$username."'");
if(mysql_num_rows($checkusername) == 1)
{
echo "<h1>Error</h1>";
echo "<p>Sorry, that username is taken. Please go back and try again.</p>";
}
else
{
$registerquery = mysql_query("INSERT INTO users (Username, Password, EmailAddress) VALUES('".$username."', '".$password."', '".$email."')");
if($registerquery)
{
echo "<h1>Success</h1>";
echo "<p>Your account was successfully created. Please click here to login.</p>";
}
else
{
echo "<h1>Error</h1>";
echo "<p>Sorry, your registration failed. Please go back and try again.</p>";
}
}
}
else
{
?>
<h1>Register</h1>
<p>Please enter your details below to register.</p>
<form method="post" action="register.php" name="registerform" id="registerform">
<fieldset>
<label for="username">Username:</label><input type="text" name="username" id="username" /><br />
<label for="password">Password:</label><input type="password" name="password" id="password" /><br />
<label for="email">Email Address:</label><input type="text" name="email" id="email" /><br />
<input type="submit" name="register" id="register" value="Register" />
</fieldset>
</form>
<?php
}
?>
</div>
</body>
</html>
base.php
<?php
session_start();
$dbhost = "MY HOST"; // this will ususally be 'localhost', but can sometimes differ
$dbname = "MY DB"; // the name of the database that you are going to use for this project
$dbuser = "MY DB USER"; // the username that you created, or were given, to access your database
$dbpass = "MYPASSWORD"; // the password that you created, or were given, to access your database
mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());
mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());
?>
logout.php
<?php include "base.php"; $_SESSION = array(); session_destroy(); ?>
<meta http-equiv="refresh" content="0;index.php">
Please note that the registration is working correctly. its just that when i log in with the correct username and password its accepts but when refreshing asks me to login again. I would like for it to remain on the members area, until the logout is clicked.
Your if condition (in your index.php file) checks if it's empty; that is wrong.
Try this:
if(isset($_SESSION['LoggedIn']) && isset($_SESSION['Username']))
or
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Username']))
instead of
if(empty($_SESSION['LoggedIn']) && empty($_SESSION['Username']))
It look like your first condition is not correct.
The condition should be, if not empty then you are logged !!!