hi i created this code below in my wordpress theme within my login.php page i created conditional statements successfully without any problem but in my last if statement when the username and password is correct i can't when this statement is correct i log in?
i want when the username and password is correct directly show legge in username and add the log out link to log out from the theme.
<?php
$error = '';
$success = '';
global $user_identity;
if(isset($_POST['task']) && $_POST['task'] == 'login') {
$username = esc_attr($_POST['login_username']);
$password = esc_attr($_POST['login_password']);
$remember = esc_attr($_POST['login_remember']);
$user = get_user_by('login', $username);
$user_id = $user->ID;
$user_data = get_userdata($user_id);
$user_login = $user_data->user_login;
$user_pass = $user_data->user_pass;
if($username == '' && $password == '') {
$error = 'Please Fill Required Fields!';
}
if($username == '') {
$error = 'Please Enter Your Username';
}
if($password == '') {
$error = 'Please Enter Your Password';
}
if($user_login != $username) {
$error = 'The Username is Incorrect';
}
if($user_pass != $password) {
$error = 'The Password is Incorrect';
}
if($user_login == $username && $user_pass == $password) {
}
}
?>
hey just create array of user data and passed into wp_signon($data,false) see below.
$login_data = array();
$login_data['user_login'] = $username;
$login_data['user_password'] = $password;
$login_data['remember'] = $remember; // set true or false for remember
$user_verify = wp_signon( $login_data, false );
if ( is_wp_error($user_verify) )
{
echo $user->get_error_message();
exit;
} else {
header("Location: " . home_url() . "/login/error/");
}
read document for more detail wp_signon()
Related
Following my code that give me folder wise login but not verifying my password and session.
Without switch case if else condition it work but then only tow role are working
I need a multiple role
ob_start();
require_once 'dbconnect.php';
$userName = '';
$passError = '';
$error = false;
if (isset($_POST['btn-login'])) {
$userName = trim($_POST['userName']);
$userName = strip_tags($userName);
$userName = htmlspecialchars($userName);
$pass = trim($_POST['pass']);
$pass = strip_tags($pass);
$pass = htmlspecialchars($pass);
if (empty($userName)) {
$error = true;
$userNameError = "Please enter your User Name.";
}
if (empty($pass)) {
$error = true;
$passError = "Please enter your password.";
}
if (!$error) {
$password = hash('sha256', $pass);
$res = mysqli_query($conn, "SELECT userId, userName, userPass, role FROM users1 WHERE userName='$userName'");
$row = mysqli_fetch_array($res);
$count = mysqli_num_rows($res);
var_dump($count);
$count == 1 && $row['userPass'] == $password && $row['role'] == 'multirole';
$multirole = $row['role'];
$row['userPass'] == ($password);
switch ($multirole) {
case "admin":
$_SESSION['user'] = $row['userName'];
$_SESSION['role'] = 'admin';
header('Location: admin/home.php');
break;
case "user":
$_SESSION['user'] = $row['userName'];
$_SESSION['role'] = 'user';
header('Location: user/home.php');
break;
default:
echo "No User Found ! Please Contact Admin";
}
}
}
Do you have any suggestion ?
Okay, your script is very bad formatted !
I think your problem is in this part :
$count == 1 && $row['userPass']==$password && $row['role']=='multirole';
$row['role']=='multirole'; // This couldn't be true !
I try to re write your script (by using +- your logic which is not really proper either !) :
ob_start();
require_once 'dbconnect.php';
if( isset($_POST['btn-login']) )
{
$username = $_POST['userName'];
$pass = $_POST['pass'];
if(empty($userName))
{
$error = true;
$userNameError = "Please enter your User Name.";
}
elseif(empty($pass))
{
$error = true;
$userNameError = "Please enter your password.";
}
else
{
$password = hash('sha256', $pass);
$res = $db -> prepare ("SELECT * FROM users1 WHERE userName = :userName");
$res -> execute (array (":userName" => $userName));
$count = $res -> rowCount();
if($count == 1)
{
$rows = $res -> fetchAll (PDO::FETCH_ASSOC);
foreach ($rows as $row)
{
$db_password= $row['userPass'];
$multirole = $row["role"];
}
if($password == $db_password)
{
switch ($multirole)
{
case "admin":
$_SESSION['user'] = $row['userName'];
$_SESSION['role'] = 'admin';
header('Location: admin/home.php');
break;
case "user":
$_SESSION['user'] = $row['userName'];
$_SESSION['role'] = 'user';
header('Location: user/home.php');
break;
default:
echo "No User Found ! Please Contact Admin";
}
}
}
}
}
I'm working on a log in form that users a text file (users.txt) to validate username/password against. I cannot use MYSQL for this.
The text file records are in this format:
user one:user1#email.com:user1:password1
user two:user2#email.com:user2:password2
If it validate just the USERNAME only, then it successfully checks the user: if ($currUser == $userUsername) {$valid = true; break;}BUT if I then try to validate both username and password I get the wrong result.($currUser == $userUsername && $currPass == $userPass) {$valid = true; break;} Results in "Invalid username or password"
I can't figure out what I'm doing wrong? When I echo the username and passwords they are a match!!!
SCRIPT:
if(isset($_POST['submit'])){
$form_is_submitted = true;
//FORM PROCESSING
if(isset($_POST['userName']) && isset($_POST['password'])) {
$currUser = $_POST['userName'];
$currPass = $_POST['password'];
$valid = false;//flag
while (!feof($fileHandle)) {
$userRow = fgets($fileHandle);
$userDetails = explode(':', $userRow);
if (!isset($userDetails[2])) {
$userDetails[2] = null;
}
if (!isset($userDetails[3])) {
$userDetails[3] = null;
}
$userUsername = $userDetails[2];
$userPass = $userDetails[3];
if ($currUser == $userUsername /*&& $currPass == $userPass*/) {
$valid = true;
//break;
}
}
if ($valid) {
echo "<br> $userUsername logged in sucessfully<br>";
} else {
echo "<br>Invalid user name or password<br>";
//FOR DEGUGGING ONLY!
echo $currUser . $userUsername;
echo $currPass . $userPass;
echo $_POST['password'];
echo $_POST['userName'];
}
} else {
$errors_detected = true;
$errors['not set'] = "Please enter username and password";
}
}
the fgets() function returns a line INCLUDING the linefeed \n (and the carriage return \r if its there). that means you have to remove those.
just change this:
$userPass = $userDetails[3];
to this:
$userPass = trim($userDetails[3]);
and it should work
// I have updated my code php and improve my question
i have a login form, and when i wrong password i don't have this error:
"your are not register or your password is wrong !"
I have nothing, there is nothing that appears.
this is my code php, my data is mongodb :
<?php
if (isset($_POST['submit']) && $_POST['submit'] == "Login"){
$username = strip_tags($_POST['username']);
$password = strip_tags($_POST['password']);
$error = array();
// Username Validation
if (empty($username)) {
$error[] = " <h2> complete username </h2>";
}
if (empty($password)) {
$error[] = " <h2> complete password</h2> ";
}
// connexion data
if (count($error) == 0)
{
$host = 'localhost';
$database_name = 'Projet';
$database_user_name = '';
$database_password = '';
$connection = new MongoClient();
if ($connection)
{
// select data
$database = $connection->$database_name;
// Select collection
$collection = $database->reg_users;
$user_data = array(
"username" => $username,
"password" => md5($password)
);
$result = $collection->find($user_data);
if ($result>0)
{
header("Location: Articles.php");
foreach ($result as $doc)
{
$_SESSION['email'] = $doc['email'];
$_SESSION['username'] = $doc['username'];
}
}else{
$error[] = " <h2> your are not register or your password is wrong ! </h2>";
}
} else {
$error[] = " no mongodb connection";
}
}
if(count($error) > 0)
{
foreach($error as $e)
{
echo $e;
}
}
}
isset will return a boolean result and therefor needs to be written more like this if you want that code block to execute:
if (isset($_POST['submit']) && $_POST['submit'] == "Login")
// I have updated my code php and improve my question
i have a login form, and when i wrong password i don't have this error:
"your are not register or your password is wrong !"
I have nothing, there is nothing that appears.
this is my code php, my data is mongodb :
<?php
if (isset($_POST['submit']) && $_POST['submit'] == "Login"){
$username = strip_tags($_POST['username']);
$password = strip_tags($_POST['password']);
$error = array();
// Username Validation
if (empty($username)) {
$error[] = " <h2> complete username </h2>";
}
if (empty($password)) {
$error[] = " <h2> complete password</h2> ";
}
// connexion data
if (count($error) == 0)
{
$host = 'localhost';
$database_name = 'Projet';
$database_user_name = '';
$database_password = '';
$connection = new MongoClient();
if ($connection)
{
// select data
$database = $connection->$database_name;
// Select collection
$collection = $database->reg_users;
$user_data = array(
"username" => $username,
"password" => md5($password)
);
$result = $collection->find($user_data);
if ($result>0)
{
header("Location: Articles.php");
foreach ($result as $doc)
{
$_SESSION['email'] = $doc['email'];
$_SESSION['username'] = $doc['username'];
}
}else{
$error[] = " <h2> your are not register or your password is wrong ! </h2>";
}
} else {
$error[] = " no mongodb connection";
}
}
if(count($error) > 0)
{
foreach($error as $e)
{
echo $e;
}
}
}
isset will return a boolean result and therefor needs to be written more like this if you want that code block to execute:
if (isset($_POST['submit']) && $_POST['submit'] == "Login")
I'm trying to figure out how to find out where I need to do the steps if it was the username or if it was the email address the user filed out.
// Assign variable values if there is values
if ((isset($_POST['username'])) && ($_POST['username'] !== NULL) && (!empty($_POST['username']))) { $username = trim($_POST['username']); }
if ((isset($_POST['email'])) && ($_POST['email'] !== NULL) && (!empty($_POST['email']))) { $email = trim($_POST['email']); }
// IF BOTH FIELDS ARE EMPTY, ERROR CONDITION EXISTS
if (empty($username) && empty($email)) {
$errors = "yes";
$message = "You must enter a value for either the username or email address!";
$output = array('errorsExist' => true, 'message' => $message);
} else if (!empty($username) && !empty($email)) {
$errors = "yes";
$message = "You can only enter a value for the username or email address!";
$output = array('errorsExist' => true, 'message' => $message);
} else {
}
// Assign variable values if there is values
if ((isset($_POST['username'])) && ($_POST['username'] !== NULL) && (!empty($_POST['username']))) { $username = trim($_POST['username']); }
if ((isset($_POST['email'])) && ($_POST['email'] !== NULL) && (!empty($_POST['email']))) { $email = trim($_POST['email']); }
// IF BOTH FIELDS ARE EMPTY, ERROR CONDITION EXISTS
if (empty($username) && empty($email)) {
$errors = "yes";
$message = "You must enter a value for either the username or email address!";
$output = array('errorsExist' => true, 'message' => $message);
} else if (!empty($username) && !empty($email)) {
$errors = "yes";
$message = "You can only enter a value for the username or email address!";
$output = array('errorsExist' => true, 'message' => $message);
} else {
if(!empty($username)) {
//Do some things if the user entered only the username
}
else {
//Do some things if the user entered only email
}
}
else if ( empty( $username ) ) {
// Output username error
}
else if ( empty( $email ) ) {
// Output email error
}
In this case, however, I would skip the if/else statements, and just use an error condition:
$is_error = false;
if ( empty( $username ) ) {
$is_error = true;
$error_messages[] = 'Your username error message';
}
if ( empty( $email ) ) {
$is_error = true;
$error_messages[] = 'Your email error message';
}
if ( $is_error ) {
// Output all error messages
}
else {
// Perform success event
}
I think you need to do your steps in the last else that will execute only if neither username and email are empty or inputted. So in the last else, you can do something like
if (!empty($username)) {
} else {
}
On another note, I think you do not need to all the 3 checks when populating $username or $email; the first and the last should suffice, like:
if (isset($_POST['username']) && !empty($_POST['username']) {
$username = $_POST['username'];
}