I have been trying to test a login php but after i put the username and password i get this error(Notice: Undefined index: username in /web/stud/u1177827/store_admin/admin_login.php on line 12 Notice: Undefined index: password in /web/stud/u1177827/store_admin/admin_login.php on line 13 Faild connection.That information is incorrect, try again Click Here)
here is the code:
<?php
session_start();
if(isset($_SESSION["staff"])){
header("location:index.php");
exit();
}
?>
<?php
// Prase the log in form if the user has filled it out and pressed "Log in"
if(isset($_POST["username"])&& isset($_POST["password"])){
$username=preg_replace('#[^A-Za-z0-0]#i',"",$_SESSION["username"]);//filter everything but numbers and letters
$password=preg_replace('#[^A_Za-z0-9]#i',"",$_SESSION["password"]);//filter everything but numbers and letters
//Connect to the MySQL database
include "../storescripts/connectToMySQL.php";
$sql=mysql_query("SELECT*FROM B4UStaff WHERE fname='$username' AND lname='$password'LIMT 1");//query the person
//..... MAKE SURE PERSON EXISTS IN DATABASE....
$existCount=mysql_num_rows($sql);//count the row nums
if($existCount==1){//evaluate the count
while($row=mysql_fetch_array($sql)){
$staffNo=$row["staffNo"];
}
$_SESSION["staffNo"]=$staffNo;
$_SESSION["username"]=$username;
$_SESSION["password"]=$password;
header("location:index.php");
exit();
} else{
echo 'That information is incorrect, try again Click Here';
exit();
}
}
?>
Does any one know how to fix it?
Correct this two lines instead of SESSION you have to use POST like this
$username=preg_replace('#[^A-Za-z0-0]#i',"",$_POST["username"]);//filter everything but numbers and letters
$password=preg_replace('#[^A_Za-z0-9]#i',"",$_POST["password"]);//filter everything but numbers and letters
Simply change $_SESSION with $_POST:
$_SESSION["username"]
$_SESSION["password"]
to
$_POST["username"]
$_POST["password"]
In your code, you need to get these two POST variables and set it as SESSION variables with staffNo which is correct.
Related
i am using session variable to send details of user from login page to welcome page .
here is my code :
<?php
if(isset($_POST['login']))
{
$email=$_POST['email'];
$pass=md5($_POST['password']);
$a="SELECT * FROM users WHERE email='$email'AND password='$pass'";
$log=mysqli_query($con,$a);
$row=mysqli_fetch_array($log);
if(mysqli_num_rows($log)>0){
$_SESSION['firstname']=$row['first_name'];
$_SESSION['lastname']=$row['last_name'];
header("location:welcome.php");
exit;
}
else{
$er="login failed!";
}
}
on Welcome.php
<h2>WELCOME : <?php echo $_SESSION['firstname'];?></h2> <--- line 63-->
but i am getting this error :
Notice: Undefined index: firstname in
C:\xampp\htdocs\website\welcome.php on line 63
PS : kindly dont mark it as duplicate I tried many solutions but not helping. I used session_start(); on every page .
A session is started with the session_start() function.
in 1st page:
if(mysqli_num_rows($log)>0){
$row=mysqli_fetch_array($log);
session_start();
$_SESSION['firstname']=$row['first_name'];
$_SESSION['lastname']=$row['last_name'];
if(isset($_SESSION['firstname']))
header("location:welcome.php");
exit;
}
on page 2:you might have write this line at 1st line:
<?PHP
session_start();
?>
<h2>WELCOME : <?php if(isset($_SESSION['firstname'])) {echo $_SESSION['firstname'];}?></h2>
Edit: this answer is not correct and I will remove it when the comment-discussion has ended.
You fetch the first row of $log and then AFTER that check if the number of rows in $log is bigger than 0. Although you had one row initially, you fetched it! so at the time you check mysqli_num_rows($log) it will be 0, therefore never setting $_SESSION['firstname'] and $_SESSION['lastname'].
Try checking for number-of-entries before fetching the row like this:
$a="SELECT * FROM users WHERE email='$email'AND password='$pass'";
$log=mysqli_query($con,$a);
if(mysqli_num_rows($log)>0){
$row=mysqli_fetch_array($log);
$_SESSION['firstname']=$row['first_name'];
$_SESSION['lastname']=$row['last_name'];
header("location:welcome.php");
exit;
}
I am making an html login page which will submit a form to a php page to check to see if user details lie in an established username access database.
If the username and password correspond to a row in the database, the php redirects to an mainpage (mainpage.html), otherwise it redirects back to the login page (LOGINPAGE.html).
The if function I have used to achieve this in my php script is as follows:
if(odbc_fetch_row($DetailCheckExec)) //If username corresponds with password
header('Location: mainpage.html');
else
header('Location: LOGINPAGE.html');
The problem is, the php doesn't seem to redirect. Even if I simplify my code to simply redirect, nothing changes. i.e.
<?php
header("Location: LOGINPAGE.html");
exit;
?>
won't work either.
Any help is appreciated thank you.
well i dont know the function "(odbc_fetch_row($DetailCheckExec)" but there's a step by step login that I made i hope it works
if ((isset($_POST['user'])) and (isset($_POST['password'])))
{//checks if the inputs in the form are empty
//sets two variables with the value of the imputs
$usuario = $_POST['user'];
$clave = $_POST['password'];
//then selects the row where the values are equal in the database
$consulta = "SELECT usuario, contrasena FROM `usuarios`
WHERE usuario = '$usuario' and contrasena = '$clave'";
$resultados=mysqli_query($con,$consulta);
while(($fila=mysqli_fetch_array($resultados))){
$vpeso = $fila['peso'];
$vestatura = $fila['estatura'];
$vusuario = $fila['usuario'];
}
if(($resultados) AND ((isset($vusuario)) and ($vusuario <> '') )){
//starts session
session_start();
//stablishes the user in the session
$_SESSION['usuario'] = $usuario;
//if the user doesn't exist it will bring to signup.php for example
}else{
header("Location: signup.php");
}
}
well I hope it works, sorry for not changing the variable names haha
M building a web app here.The authentication php code looks like this (Please ignore the threats for time being) :
<?php
session_start();
if(isset($_POST['submit']))
{
mysql_connect('localhost','*****','******') or die(mysql_error());
mysql_select_db('cl29-demodb') or die(mysql_error());
$name=$_POST['name'];
$pwd=$_POST['password'];
if($name!='' && $pwd!='')
{
$query=mysql_query("select * from EmployeeTable where EmployeeName ='".$name."' and password='".$pwd."'") or die(mysql_error());
$res=mysql_fetch_row($query);
if($res)
{
$_SESSION['id']=$res['id'];
header('location: profileindex.php');
}
else
{
echo "user name and password are incorrect" ;
echo "<a href=index.php> click here to go back </a>";
}
}
if(!isset($_SESSION['id'])){
echo "Sorry, Please login and use this page";
exit;
}
}
?>
I am able to login successfully and reach the profile of the user.But I want the profile to display only the information for respective users.The profile looks like this:
I have written the php to retrive the name,designation,weekly points,overall points,weekly rank and overall rank respectively.
I tried to echo the variables in the html.
But I am not able to do so.It isnot pulling any data.I have column for all the above fields in the table.
Kindly help.
May be this is the cause
mysql_fetch_row() return the numeric array and you are accessing as $res['id']
either replace mysql_fetch_row with mysql_fetch_array or try numeric index of your id
$_SESSION['id']=$res[0]; or $_SESSION['id']=$res[1];
use mysqli_fetch_assoc so you could call the columns by name if you are using mysql_fetch_array you should call the columns by their index no the by the column name.
There is no need to start a session again in the profileindex.php as the session has already started in the login page.
print the sql and run it in the backend to check if you are getting the desired result in order to further debug this.
Just trying to make a login page in php.. Here the if code is working but else code is not working.. it is also working if code.. instead of printing message..
here is the code:
session_start(); //session starts
$con=mysql_connect('localhost','root','');// connecting to ..........
mysql_select_db('news_db'); //connectin to db
if(isset($_POST['login'])) //if button login is pressed
{
$name=$_REQUEST['username'];//getting name
$password=$_REQUEST['password']; //getting password
$qyer=mysql_query("select * from news_tb where username='$name' and password='$password'"); //selecting fields
$row=mysql_fetch_array($qyer); //fetching values in row
if($row['username']==$name && $row['password']==$password)// condition to match the fields with database
{
header("location:news1.php"); // on else also this page is opening
}
else
{
echo "pls enter valid information"; //redirects to if condition and doesnt print the msg
}
}
Its because by pressing send or whatever, you post the code to the script. All you are doing is checking if it has been posted, not if the variables themselves are empty. Then if you have an empty row in mySQL, you will never use the else.
I need the login details in another page for retrieving the data from the database. Basically, I need to display the editable form with the details of the user logged in. I tried session_register() for storing the username in login.php page. But for some reason I am not able to display the username using $_SESSION[] in my edit.php page. I am doing this after the function session_start() as well.
I am new to php, so don't know whether I misunderstood session! Or is there any other way to pass the login details?
Thanks in advance
My code:
**Login.php**
<?php
$userName = $_POST['username'];
$password = $_POST['password'];
//Connect to the database
//query the database
if($rows==1)
{
session_start();
$_SESSION['user']=$userName;
header("location:edit_user.php");
}
else
{
echo 'Data Does Not Match <br /> Re-Enter UserName and Password';
}
?>
**In edit.php**
<?php
session_start();
if(!isset($_SESSION['user']))
{
header("location:login_form.php");
}
else
{
echo $_SESSION['user'];
}
?>
First of all make sure that you place session_start() at the very beginning of any script you use it in. There can be no output to the browser before you call session_start() and that includes spaces or new-lines before the opening <?php tag.
So:
<?php
session_start();
...
Second, make sure you terminate your script after a redirect, for example:
header("location:edit_user.php");
exit();
That makes sure that no code after the redirect gets executed, so sessions won't get unset or session variables changed by accident.
session_register() is a deprecated function. Just use $_SESSION["bar"] = "foo" to store something.
for future references, please post parts of your code when you are asking questions. It helps everyone to give you an answer in more specific cases.
<?php
session_start();
if(!isset($_SESSION['Foo']))
{
$_SESSION['Foo'] = "Bar";
}
?>
Source : http://php.net/manual/en/features.sessions.php
you can retrive data from the database like this
//start connection
$connect = mysql_connect(DB_SERVER,DB_USER,DB_PASSWORD);
if(!$connect){
die("Database connection Error".mysql_error());
}
//select database
$db = mysql_select_db(DB_NAME);
if(!$db){
die("Database selection Error".mysql_error());
}
//get data
$login = mysql_query("SELECT * FROM TABLENAME where user_id={$_SESSION['user_id']}");
$login_data = mysql_fetch_array($login);
now $login_data array has the user details which you can point to form text field values..
the $_session['user_id']=$login_data['user_id'] value has to be assigned earlier which stays in the $_SESSION global variable through out the session