Hi guys i have three simple php pages login.php,process.php and login_success.php.The problem is that login.php and process.php is present in my localhost:8080 but login_success.php is present at 192.168.1.36:8080 but on same lan.I am perfectly accessing my login.php but on clicking button it is not displaying login_success.php.I am using XAMPP server and it is installed in both the systems.The other thing is that i am accessing logout_success.php through url directly for e.g. http://192.168.1.36/xampp/logout_success.php. My code is very simple All my code is as follows:
Login.php:
<form action="process.php" method="POST">
username:<input type="text" name="username"/>
<br/>
password:<input type="password" name="pass"/>
<br/>
<input type="submit" value="Login!"/>
</form>
Process.php:
<?php
$username = $_POST['username'];
$password = $_POST['pass'];
if($username == 'test' AND $password == 'test')
{
header('Location : http://192.168.1.36/xampp/logout_success.php');
}
else
{
echo "You have not logged in,username or password is incorrect!";
}
?>
Login_success.php:
<html>
<body>
Logout Success<br>
Thanks for using the Captive Portal...
</body>
</html>
Can anyone tell me how to access login_success.phppage.Any help would be greatly appreciable.
Got a white space within the header call.
Change
header('Location : http://192.168.1.36/xampp/logout_success.php');
to
header('Location: http://192.168.1.36/xampp/logout_success.php');
Entire Code:
index.php
<form action="process.php" method="POST">
username:<input type="text" name="username"/>
<br/>
password:<input type="password" name="pass"/>
<br/>
<input type="submit" value="Login!"/>
</form>
process.php
<?php
$username = $_POST['username'];
$password = $_POST['pass'];
if($username == 'test' AND $password == 'test')
{
header('Location: login_success.php');
}
else
{
echo "You have not logged in,username or password is incorrect!";
}
?>
login_success.php
<html>
<head></head>
<body>
Logout Success<br>
Thanks for using the Captive Portal...
</body>
</html>
Make sure the file names are right (lowercase). I have tried it on my test server and it seems to work. (http://jagmit.co.uk/test/php_login/)
Also, i just would like to remind you that this is a bad example of how NOT to implement a login security system.
Use relative paths
header('Location : ./logout_success.php');
Related
I'm very new to PHP and I'm trying to build a webpage with a login page. I think I understand it but my login page isn't working even though its very basic.
This is my file structure at the moment:
http://imgur.com/a/zVcPK
This is the idx (index):
<?php
error_reporting( E_ALL );
ini_set( "display_errors", 1 );
include 'templates/header.php';
if(!isset($_SESSION['logged'])){
include 'controller/login.php';
}else{
if($_SESSION['logged'] == true){
include "controller/navigation.php";
}else{
include "idx.php";
}
}
include 'templates/footer.php'
?>
This is the login.php template:
<?php
$out = "<form method='POST' action='idx.php'>
<p>Login:</p>
<label>Username:</label><input type='text' name ='username' required />
<label>Password:</label><input type='password' name'password' required />
<input type='submit' value='submit' name=submit'/>
</form>";
echo $out;
This is the login.php controller:
<?php
include "view/login.php";
if(isset($_POST['submit'])){
$urn=$_POST['username'];
$pwd=$_POST['password'];
$user = new user($urn);
$worked = $user->authenticate($urn, $pwd);
if($worked == true){
$_SESSION['logged']=true;
$_SESSION['username']=$urn;
header('Location: controller/navigation.php');
}
else
{
echo('Error');
}
}
?>
This is the user model:
<?php
class user
{
private $username;
function __construct($username)
{
$this->username=$username;
}
function authenticate($username, $password)
{
if ($username == 'tim' && $password == 'ttt') {
return true;
} else {
return false;
}
}
}
?>
I'm just trying to get the form to take in the users details, check that they are "tim" and "ttt" and if so return a true value which will prompt the controller to change the header URL to navigation.php controller which in turn shows the navigation.php view which will just be a list of links. For some reason though whenever I hit submit nothing happens, it just stays on the login page.
I know this is a pretty basic thing to do but I've been stuck on it for a couple of days now and I've watched hours and hours of videos on it and read dozens of pages explaining how MVC works but can't get this simple thing done. Please can somebody tell me whats going wrong.
Make sure you start the session on every page you want to get or set session variables.
session_start()
It should be as simple as that, and it threw me for a loop for quite a while.
Have you considered using an MVC framework? They are very helpful for keeping everything tidy and organized, as well as providing a library of helpful functions and classes. CodeIgniter is a great and easy to use framework that is super lightweight. Laravel is a lot more invovled and is better suited for large scale projects.
Change this:
<input type='password' name'password' required />
This:(You missed = name='password')
<input type='password' name='password' required />
And dont forget to add session_start() at the very top of your page.
I will share you my sample PHP login page setup.
it has 3 pages, index, admin, logout
index.php: Creates a form asking username and password, once correct username pssword given (here admin, password) it will create a new session "login". Once logged in it will redirect to the admin.php $validuser ensures previous login is true or not.
<?php
session_start();
$errorMsg = "";
$validUser = $_SESSION["login"] === true;
if (isset($_POST["sub"]))
{
$validUser = $_POST["username"] == "admin" && $_POST["password"] == "password";
if (!$validUser) $errorMsg = "Invalid username or password.";
else $_SESSION["login"] = true;
}
if ($validUser)
{
header("Location: /admin.php");
die();
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=utf-8" />
<title>Login</title>
</head>
<body>
<center>
<h1>Login</h1>
<table>
<form name="input" action="" method="post">
<tr>
<th>
<label for="username">Username</label>
</th>
<th>
<input type="text" value="" id="username" name="username" />
</th>
</tr>
<tr>
<th>
<label for="password">Password</label>
</th>
<th>
<input type="password" value="" id="password" name="password" />
</th>
</tr>
<tr>
<th></th>
<th>
<input type="submit" value="Login" name="sub" />
</th>
</tr>
</form>
</table>
</center>
</body>
</html>
admin.php: Checks for session "login", if session was set then it will proceed further otherwise it will go to login.php
<?php
session_start();
if (!isset($_SESSION['login']))
{
header('LOCATION:login.php');
die();
}
?>
<html>
<head>
<title>Admin Page</title>
</head>
<body>
<center>
<h1>Succesfully logged in</h1>
<input type="button" value="Logout" onclick='window.open("/logout.php","_self")'/>
</center>
</body>
</html>
logout.php: Clears the session, cookies and close them and returns to login.php
<?php
session_start();
session_unset();
session_destroy();
session_write_close();
setcookie(session_name() , '', 0, '/');
session_regenerate_id(true);
header("Location: /index.php");
die();
?>
put them in same folder it will work.
Trying to write form of registration.
<?php
include_once 'core.php';
if (User::IsAuthorization()) {
header("Location: /");
}
if(!is_null($_POST["Registration"])){
User::Registration($_POST["login"], $_POST["password"]);
$user = new User();
$user->Authorization($_POST["login"], $_POST["password"]);
$user->SetSession();
header("Location: /");
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Регистрация</title>
</head>
<body>
<form action="registration.html" method="POST">
<input type="text" name="login" placeholder="login">
<input type="password" name="password" placeholder="password">
<input type="submit" value="Регистрация" name="Registration">
</form>
</body>
</html>
This form works correctly on my friend's laptop. But in my case, the output contains come code of php. I use denwer as local server.
it contains this code(but it doesn't have to):
Authorization($_POST["login"], $_POST["password"]); $user->SetSession(); header("Location: /"); } ?>
Link to picture: http://s23.postimg.org/5vv204qor/Capture.png
Simply start your server and use localhost to show it on webpage.
It should shows the same page as the one being shown on your fd's laptop.
If it does not, it probably forgot to include or change html to php in the file name.
Thanks
Hello, I am having trouble with some of my code. Even my teacher can't help me, and I don't know where else to go. When my foreach loop is activated and the password and username are the same as the hard-coded strings, it is still redirecting to loginerror.php. When I remove header("Location: loginerror.php"), it functions fine. Why is the last line of my code still activated, when it should load a new page?
<?php session_start(); ?>
<html>
<header></header>
<body>
<form action="login.php" Method="post">
Username: <input type="text" name="Username"> </br></br>
Password: <input type="password" name="Password"> </br></br>
<input type="submit" value="Login"></br></br>
</form>
<?php
$username=$_POST["Username"];
$password=$_POST["Password"];
if($username == NULL){print("Enter a Username please");}
else {
$users= array
(
"Bourne"=>"postcode",
"Unidan"=>"pincode",
"yoda"=>"sith"
);
foreach($users as $user=>$password_value)
{
if(($user==$username)&&($password_value==$password))
{
$_SESSION['login?']=1;
header("Location: calculation.php");
}}
$_SESSION['login?']=0;
header("Location: loginerror.php");
}
?>
</body>
</html>
Per the PHP Docs:
Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP. It is a very common error to read code with include, or require, functions, or another file access function, and have spaces or empty lines that are output before header() is called.
Reference: Header Documentation
Move your PHP code to the top of the file and it should solve your problem:
<?php
session_start();
$username=$_POST["Username"];
$password=$_POST["Password"];
if ($username == NULL) {
print("Enter a Username please");
} else {
$users= array("Bourne"=>"postcode", "Unidan"=>"pincode", "yoda"=>"sith");
foreach($users as $user=>$password_value) {
if(($user==$username)&&($password_value==$password)) {
$_SESSION['login?']=1;
header("Location: calculation.php");
// Add this to terminate the script immediately and redirect.
exit();
}
}
$_SESSION['login?']=0;
header("Location: loginerror.php");
// Add this to terminate the script immediately and redirect.
exit();
}
?>
<html>
<header></header>
<body>
<form action="login.php" Method="post">
Username: <input type="text" name="Username"> </br></br>
Password: <input type="password" name="Password"> </br></br>
<input type="submit" value="Login"></br></br>
</form>
</body>
</html>
Header's must be sent before any output, including HTML output.
exit so no other code is executed after the redirect:
header("Location: calculation.php");
exit;
Changing your code structure to something like this may help you.
Note: this is not code correction.
<?php
session_start();
$username=$_POST["Username"];
$password=$_POST["Password"];
if($username == NULL){
print("Enter a Username please");
}
else {
$users= array
(
"Bourne"=>"postcode",
"Unidan"=>"pincode",
"yoda"=>"sith"
);
foreach($users as $user=>$password_value)
{
if(($user==$username)&&($password_value==$password))
{
$_SESSION['login?']=1;
header("Location: calculation.php");
exit;
}
}
$_SESSION['login?']=0;
header("Location: loginerror.php");
exit;
}
?>
<html>
<header></header>
<body>
<form action="login.php" Method="post">
Username: <input type="text" name="Username"> </br></br>
Password: <input type="password" name="Password"> </br></br>
<input type="submit" value="Login"></br></br>
</form>
</body>
</html>
Like it was mentioned prior. You are already outputting prior to sending headers.
You need to wrap this in a conditional or have a second script checking the password.
You could wrap the code in if/else $_POST as well as break operation in foreach after the condition was met.
Username and password not appear on Page 2.PHP although I post it to Page2.PHP
Page1.PHP
<form name="form1" method="post" action="Page2.php">
<input type="text" name="txtLogin">
<input type="password" name="txtPWD">
<input type="submit" name="btnSub" value="go">
</form>
Page2.PHP
<?php
if(isset($_REQUEST['txtLogin']))
{
session_start();
$_SESSION['login']=$login;
}
if(isset($_SESSION['login']))
header('Location: detail.php');
else
header('Location: index.html');
?>
put this on page2.php
if(isset($_POST['txtLogin']) && isset($_POST['txtPWD']))
{
//get values & do other scripts like saving values on sessions
$user = $_POST['txtLogin'];
$pass = $_POST['txtPWD'];
echo $user.'<br>'.$pass;
}
else
{
//event here
}
The problem is here:
$_SESSION['login']=$login;
You are using the $login variable, but it isn't actually being set anywhere.
A few lines further up, we see that the login name is actually in $_REQUEST['txtLogin'], not $login. So you should be using that.
$_SESSION['login']=$_REQUEST['txtLogin'];
Hope that helps.
Check settings: enable_post_data_reading, request_order, variables_order, gpc_order on http://www.php.net/manual/en/ini.core.php
I was trying to make a one page script with the action set to server php self but when running the script even after I type in the right password I am given "You Must Supply a Password". Am I doing this right. Please let me know my mistake
login.php
<?php
$pass = 'defense6';
if(isset($_POST['submit'])){
if(($_POST['password'] == $pass)) {
$_SESSION['password'] = md5($_POST['password']);
header('Location: index.php');
} else {
echo 'Password Invalid';
}
}
else {
echo 'You must supply a password.'.$_SESSION['password'] ;
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
Password: <input name="password" type="password" /><br/><br/>
:
<input type="submit" name="submit" value="Login" style="float:right;" />
<br/>
<p></p>
</form>
index.php
<?php
$pass = 'defense6';
if($_SESSION['password'] == md5($pass)) {}
else {header('Location: login.php');}
?>
You need to add seesion_start() on every page you use session.
session_start() creates a session or resumes the current one based on a session identifier passed via a GET or POST request, or passed via a cookie.
Add session_start() at the beginning of the pages that will help to maintain the session across requests.