We have a login page which validates the username and password from our database, however we'd like it to display the invalid username and password message above the input fields rather than at the top of the page. We know we can edit and put the php code in the div to display it where it is, we put out headers and therefore as soon as we move the php from the top of the page it generates an error message. Is there an alternative to this? Or a way of using the headers differently? Our code is below and an image of what we want...
<?php
error_reporting (E_ALL ^ E_NOTICE);
$username = $_POST['usrname'];
$pass_word = $_POST['pass_word'];
if(($usrname=="")&&($pass_word==""))
{
//Do nothing as nothing has been posted......
}
else
{
$con = mysql_connect("localhost"," "," ");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("", $con);
$result = mysql_query("SELECT * FROM `leicester_login` WHERE `user_name`='$username'", $con);
$num_row = mysql_num_rows($result);
}
if($username=="")
{
//do nothing as nothing has been posted
}
else
{
if($num_row == 0)
{
echo "<p>The username <b>". $username ."</b> doesnt exist!</p>";
}
else
{
$return_pass = mysql_fetch_array($result);
if($pass_word == $return_pass['pass_word'])
{
session_start();
if(isset($_SESSION['username']))
{
//do nothing as session already exists...
header("Location: ");
}
else
{
$_SESSION['username']= $username;
header("Location: ");
exit;
}
}
else
{
echo "<p>The password entered is incorrect!</p>";
}
}
}
?>
<html lang="en">
<head>
</head>
<body>
<div class="container">
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post" class="form-signin">
<h2 class="form-signin-heading"><img src="" alt="Logo"/>Leicester</h2>
<?php
?>
<h6 class="form-signin-heading">You are not logged in, please login.</h6>
<input name="usrname" id="usrname" type="text" class="input-block-level" placeholder="Username">
<input type="password" name="pass_word" id="pass_word" class="input-block-level" placeholder="Password">
<center><button align="center" class="btn btn-large btn-primary" type="submit">Sign in</button></center>
< Go Back
</form>
</div> <!-- /container -->
</body>
</html>
Your if statement is wrong [There is no such $usrname variable on your code]
if(($usrname=="")&&($pass_word==""))
should be
if(($username=="")&&($pass_word==""))
Try this:
<?php
error_reporting (E_ALL ^ E_NOTICE);
$username = $_POST['usrname'];
$pass_word = $_POST['pass_word'];
if(($usrname=="")&&($pass_word==""))
{
//Do nothing as nothing has been posted......
}
else
{
$con = mysql_connect("localhost"," "," ");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("", $con);
$result = mysql_query("SELECT * FROM `leicester_login` WHERE `user_name`='$username'", $con);
$num_row = mysql_num_rows($result);
}
if($username=="")
{
//do nothing as nothing has been posted
}
else
{
$message = null; //create a container for the messages
if($num_row == 0)
{
$message = "<p>The username <b>". $username ."</b> doesnt exist!</p>";
}
else
{
$return_pass = mysql_fetch_array($result);
if($pass_word == $return_pass['pass_word'])
{
session_start();
if(isset($_SESSION['username']))
{
//do nothing as session already exists...
header("Location: ");
}
else
{
$_SESSION['username']= $username;
header("Location: ");
exit;
}
}
else
{
$message = "<p>The password entered is incorrect!</p>";
}
}
}
?>
<html lang="en">
<head>
</head>
<body>
<div class="container">
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post" class="form-signin">
<h2 class="form-signin-heading"><img src="" alt="Logo"/>Leicester</h2>
<?php
//if there's something in the container, echo it out.
if (!is_null($message)) {
echo $message;
}
?>
<h6 class="form-signin-heading">You are not logged in, please login.</h6>
<input name="usrname" id="usrname" type="text" class="input-block-level" placeholder="Username">
<input type="password" name="pass_word" id="pass_word" class="input-block-level" placeholder="Password">
<center><button align="center" class="btn btn-large btn-primary" type="submit">Sign in</button></center>
< Go Back
</form>
</div> <!-- /container -->
</body>
</html>
Whenever echo is called it will output something right there, if it's before any output (like the html part), itt will show up before the HTML starts. If you put something in a container (like the $message) and output it with the html it will show up in the predestined place. As a side effect, the header("Location: "); will not throw headers already sent errors.
I recommend using Javascript:
If you place a span in the logindiv at the place you want. e.g. that span has an id of 'errormessage'. Now you can use Javascript to place the message in the span.
HTML:
<h6 class="form-signin-heading">You are not logged in, please login.</h6>
<span id="errormessage"></span>
<input name="usrname" id="usrname" type="text" class="input-block-level" placeholder="Username">
PHP:
//an error has occurred...
echo "<script>document.getElementById('errormessage').innerHTML='The password entered is incorrect!'</script>";
A benefit of using a span is that you can edit the layout of the errormessage using CSS.
I hope this is an answer to your question.
It's outputting it up top because that is where you are telling it to output - before the actual start of the HTML. One way to solve it is to save the string to display in a variable, and then display the variable at the proper place in your HTML.
Related
Good day! I'm trying to connect my code to the database localhost/phpmyadmin.
This is my code:
In register.php file:
<?php
session_start();
require_once('dbconfig/config.php');
//phpinfo();
?>
config.php is file where the database name was located
<!DOCTYPE html>
<html>
<head>
<title>Registration Page</title>
<link rel="stylesheet" href="css/style.css">
</head>
<body style="background-color:#bdc3c7">
<div id="main-wrapper">
<center><h2>Registration Form</h2></center>
<form action="register.php" method="post">
<div class="imgcontainer">
<img src="imgs/avatar.png" alt="Avatar" class="avatar">
</div>
<div class="inner_container">
<label><b>Username</b></label>
<input type="text" placeholder="Enter Username" name="username" required>
<label><b>Password</b></label>
<input type="password" placeholder="Enter Password" name="password" required>
<label><b>Confirm Password</b></label>
<input type="password" placeholder="Enter Password" name="cpassword" required>
<button name="register" class="sign_up_btn" type="submit">Sign Up</button>
<button type="button" class="back_btn"><< Back to Login</button>
</div>
</form>
<?php
if(isset($_POST['register']))
{
#$username=$_POST['username'];
#$password=$_POST['password'];
#$cpassword=$_POST['cpassword'];
if($password==$cpassword)
{
$query = "select * from userinfotbl where username='$username'";
//echo $query;
$query_run = mysqli_query($con,$query);
//echo mysql_num_rows($query_run);
if($query_run)
{
if(mysqli_num_rows($query_run)>0)
{
echo '<script type="text/javascript">alert("This Username Already exists.. Please try another username!")</script>';
}
else
{
$query = "insert into userinfotbl values('$username','$password')";
$query_run = mysqli_query($con,$query);
if($query_run)
{
echo '<script type="text/javascript">alert("User Registered.. Welcome")</script>';
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header( "Location: homepage.php");
}
else
{
echo '<p class="bg-danger msg-block">Registration Unsuccessful due to server error. Please try later</p>';
}
}
}
else
{
echo '<script type="text/javascript">alert("DB error")</script>';
}
}
This line where error occurs. But i don't know exactly what happened.
else
{
echo '<script type="text/javascript">alert("Password and Confirm Password do not match")</script>';
}
}
else
{
}
?>
</div>
</body>
</html>
However in localhost page i got an error saying "Localhost says: DB Error"
I don't know what's wron with it.
It means that the "select * from userinfotbl where username='$username'" query do not found any entities which would match a condition or got an error.
Returns FALSE on failure. For successful SELECT, SHOW, DESCRIBE or
EXPLAIN queries mysqli_query() will return a mysqli_result object. For
other successful queries mysqli_query() will return TRUE.
http://php.net/manual/en/mysqli.query.php
Use mysqli_error to see what an error you got.
Example:
if($password==$cpassword)
{
$query = "select * from userinfotbl where username='$username'";
//echo $query;
$query_run = mysqli_query($con,$query);
//echo mysql_num_rows($query_run);
if(!empty($query_run)) {
...
} elseif ($query_run === false)
echo mysqli_error($con);
else
echo '<script type="text/javascript">alert("DB error")</script>';
}
you must use mysqli_error to check if there is an error in connection or query error
I am making a login page using html and php, i did a simple one which was working fine using these code :
HTML
Login Form
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div class="login">
<div class="login-triangle"></div>
<h2 class="login-header">Login</h2>
<form class="login-container" method="post" action="Login.php">
<p><input type="text" id="username" name="username" placeholder="Username"></p>
<p><input type="password" id="password" name="password" placeholder="Password"></p>
<p><input type="submit" value="Login"></p>
</form>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
</body>
</html>
PHP
<?php
include ("dbconfig.php");
session_start();
$name = mysqli_real_escape_string($dbconfig, $_POST['username']); //to clean up, to avoid sql injection
//$name = md5($name);
$pw = mysqli_real_escape_string($dbconfig, $_POST['password']);
// $pw = md5($pw);
$sql_query="SELECT userid FROM user WHERE username='$name' AND password='$pw'";
$result = mysqli_query($dbconfig, $sql_query);
$row = mysqli_Fetch_array ($result, MYSQLI_ASSOC);
$count = mysqli_num_rows ($result);
if ($count >0){
$_SESSION['Login'] = $name;
header ("location:Welcome.php");
}
if($count == 1)
{
echo "wrong login details";
}
?>
But when i try to do the login with a new html file using the same php file it wont work at all, it keep saying "wrong login details" even though i am putting the right login in.
Here is the new html, i am thinking maybe it has to do with the additional classes which was added.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Kate's World Sign In</title>
<!-- Google Fonts -->
<link href='https://fonts.googleapis.com/css? family=Roboto+Slab:400,100,300,700|Lato:400,100,300,700,900' rel='stylesheet' type='text/css'>
<link rel="stylesheet" href="css/animate.css">
<!-- Custom Stylesheet -->
<link rel="stylesheet" href="css/style.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"> </script>
</head>
<body>
<Form method="post" action="Login.php">
<div class="container">
<div class="top">
<h1 id="title" class="hidden"><span id="logo">Log <span>In</span></span></h1>
</div>
<div class="login-box animated fadeInUp">
<div class="box-header">
<h2>Log In</h2>
</div>
<label for="username">Username</label>
<br/>
<input type="text" id="username" name="username" >
<br/>
<label for="password">Password</label>
<br/>
<input type="password" id="password" name="password">
<br/>
<button type="submit">Sign In</button>
<br/>
</div>
</div>
</Form>
</body>
<script>
$(document).ready(function () {
$('#logo').addClass('animated fadeInDown');
$("input:text:visible:first").focus();
});
$('#username').focus(function() {
$('label[for="username"]').addClass('selected');
});
$('#username').blur(function() {
$('label[for="username"]').removeClass('selected');
});
$('#password').focus(function() {
$('label[for="password"]').addClass('selected');
});
$('#password').blur(function() {
$('label[for="password"]').removeClass('selected');
});
</script>
</html>
No, the additional classes should not effect your PHP code.
To solve the problem, you need to see what you are receiving on the PHP side. Stick in a few tests - echo out some data. First, at the very beginning. Then, when you know for sure what is comign through, move your tests down the file a bit. Work out all the bugs, then remove all the tests.
For example, start by modifying your PHP like this:
<?php
session_start();
include ("dbconfig.php");
$name = mysqli_real_escape_string($dbconfig, $_POST['username']); //to clean up, to avoid sql injection
echo 'Name: ' . $name. '<br>';
$pw = mysqli_real_escape_string($dbconfig, $_POST['password']);
echo 'Password: ' . $pw. '<br>';
die();
Then, move down the file a bit and do this:
$sql_query="SELECT userid FROM user WHERE username='$name' AND password='$pw'";
$result = mysqli_query($dbconfig, $sql_query);
$row = mysqli_Fetch_array ($result, MYSQLI_ASSOC);
$count = mysqli_num_rows ($result);
echo 'Rows found: ' .$count. '<br>';
if ($count >0){
echo 'Inside count > 0<br>';
$_SESSION['Login'] = $name;
header ("location:Welcome.php");
}else{
echo 'Inside count ELSE<br>';
echo "wrong login details";
}
Notes:
PHP header() method will not work if other header messages have been sent. Alternative: echo '<meta http-equiv="refresh" content="0; url=http://new.example.com/address" />';
Note McKenzma's observations about your if ($count >0){ code: both IF statements will be true if $count==1.
Note that session_start() should be the very first instruction in your PHP file. See my example code above
You should have used if and else, not if and if.
<?php
$count = mysqli_num_rows ($result);
if ($count >0){
$_SESSION['Login'] = $name;
header ("location:Welcome.php");
} else {
echo "wrong login details";
}
?>
Your 2nd conditional should be "$count != 1". You want to return exactly one row for a successful login.
When I click form submit button session variable lost and it shows message that session is not set. I have another confusion that it has only problem when I set session of login variable or those variables which are set in other page of my site.When I set some random session variable on the top of this page it works fine and session variable does not lose anymore. I have also checked some other related links in stack overflow but nothing found solution
Here is the code of addProduct.php page
<?php
//var_dump($_SESSION);
if(!(isset($_SESSION['login']))) {
echo "session is not set";
}
else {
//header("location:index.php");
echo "session is set";
//$user_email=$_SESSION['user_email'];
?>
<html>
<body>
<form action="addproduct.php" method="post">
<input type="text" name="name" value="">
<input type="submit" name="submit" value="submit">
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
$name = $_POST['name'];
// $_SESSION['user_email']=$_SESSION['user_email'];
echo $name;
}
?>
<?php }
?>
Code of index.php (header file) page from where I get into this page
<?php
session_start();
include("db.php");
?>
<html xmlns="http://www.w3.org/1999/html" xmlns="http://www.w3.org/1999/html">
<head>
<title>Home</title>
</head>
<body>
Home</br></br>
<?php if(isset($_SESSION['login']) ) {
if($_SESSION['user_status']=="admin")
{
?>
Post an Ad</br></br>
<?php }
}
?>
<?php if(isset($_SESSION['user_fname']) && isset($_SESSION['user_lname']) && isset($_SESSION['user_email']))
{
?>
<?php echo $_SESSION['user_fname'] . " " . $_SESSION['user_lname'] . " " . $_SESSION['user_status']; ?></br></br>
<?php
}
else
{
?>
Login</br></br>
SignIn</br></br>
<?php }
if(isset($_SESSION['user_fname']) && isset($_SESSION['user_lname']) && isset($_SESSION['user_email']))
{
?>
Logout</br></br>
<?php }
?>
<div id="content">
<?php
if(isset($_GET['page']))
{
$p=$_GET['page'];
$page = $p . ".php";
//echo $page;
if(file_exists($page))
{include($page);
}
elseif($page=="")
echo "this is home page";
else
{echo "Not found";}
}
else
{
include ("showAds.php");
}
?>
</div>
</body>
</html>
Code of login.php
<?php
session_start();
if(isset($_SESSION['user_fname']) && isset($_SESSION['user_lname']) && isset($_SESSION['user_email'])) {
header("location:index.php");
exit();
}
else
{
?>
<html>
<head><title>Login</title></head>
<body>
<form action="login.php" method="post">
<input type="email" name="user_email" placeholder="USER EMAIL" REQUIRED>
<input type="password" name="user_password" placeholder="USER PASSWORD" REQUIRED>
<input type="submit" name="Go" value="SUBMIT!" placeholder="USER NAME" REQUIRED>
</br></br>SignIn with new account</br>
</form>
<?php
include("db.php");
/*if(isset($_POST['Go'])) { SIGNUP
$user_name = $_POST['user_name'];
$user_password = $_POST['user_password'];
$user_email = $_POST['user_email'];
echo $user_name . "<br>";
echo $user_email . "<br>";
echo $user_password . "<br>";
$sql = "INSERT INTO user(user_name,user_email,user_password) VALUE ('$user_name','$user_email','$user_password')";
if(mysqli_query($conn,$sql))
{
echo "stored";
header("location:http://localhost/window.php");
}
else
{
die(mysqli_error($sql));
}
}*/
if(isset($_POST['Go']))
{
$user_email = $_POST['user_email'];//real_escape_string
$user_password = $_POST['user_password'];
$login_query="SELECT * FROM user WHERE user_email='$user_email' AND user_password='$user_password'";
$run=mysqli_query($conn,$login_query);
if(mysqli_num_rows($run)>0)
{
$res = mysqli_query($conn, "SELECT * FROM ecommerce.user WHERE user_email='$user_email'");
while ($record = mysqli_fetch_array($res)) {
$_SESSION['user_fname']=$record['user_fname'];
$_SESSION['user_lname'] = $record['user_lname'];
$_SESSION['user_status'] = $record['user_status'];
$_SESSION['user_id'] = $record['user_id'];
$_SESSION['user_password'] = $record['user_password'];
}
$_SESSION['user_email']=$user_email;
$_SESSION['login']="true";
//echo $_SESSION['user_fname'] . $_SESSION['user_lname'];
header("location:index.php");
exit();
}
else
echo "<p style='color: red; margin-top: -28px;'>User name or password incorrect</p>";
}
?>
</body>
</html>
<?php }?>
This error you showed in your other question which was marked as an exact duplicate of this one:
Notice: A session had already been started - ignoring session_start() in C:\xampp\htdocs\ecommerce\showAds.php on line 2
Your showAds.php page which you didn't include, (most likely) contains session_start(); and it should be removed from inside that file.
index.php has an include and session_start();
else
{
include ("showAds.php");
}
So one of your if statements failed.
That is why you're getting that error.
All pages using sessions require that session_start(); be included and should be the first line of your script, which isn't shown in addProduct.php.
Also make sure you're not outputting before header. If you are, consult the following on how to fix it:
How to fix "Headers already sent" error in PHP
Add error reporting to the top of your file(s) which will help find errors.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// Then the rest of your code
Sidenote: Displaying errors should only be done in staging, and never production.
You have to add session_start(); in your addProduct.php to be able to access session contents!
I'm making a php file called changepassword.php and the sole purpose of the file is to allow the user to change their password. However, when they go through the form to change their password the box fields clear and I receive my echo warning echo "A Password Box was Left Empty!". This does not want to seem to update the user's password and I have no clue what do. I am new to this language so don't expect much. I would greatly appreciate some constructive input to help me code php better.
<?php
session_start();
#error_reporting(E_ALL); ini_set('display_errors', 1);
require_once('connect.php');
require_once "lib.php";
require_once "utils.php";
if(isset($_POST['submit']) && $_SESSION['active']===true)
{
if(!empty($_POST['OldPassword'])&&
!empty($_POST['NewPassword'])&&
!empty($_POST['NewPassword1']))
{
$OldPassword = mysqli_real_escape_string($link,htmlentities($_POST['OldPassword']));
$NewPassword = mysqli_real_escape_string($link,htmlentities($_POST['NewPassword']));
$NewPassword1 = mysqli_real_escape_string($link,htmlentities($_POST['NewPassword1']));
$EmailAdress = $_SESSION['EmailAdress'];
$sql = "SELECT * FROM users WHERE EmailAddress='$EmailAddress'";
if($result = mysqli_query($link, $sql))
{
while($row = mysqli_fetch_array($result, MYSQLI_ASSOC))
{
$temp1=$row['Password'];
if($row['Password'] != $OldPassword)
{
echo "<div id='change_error1'>* This Does Not Match Previous Password!<br></div>";
}
}
if($NewPassword != $NewPassword1)
{
echo "<div id='change_error2'>* You Passwords DO NOT Match!</div>";
}
if($temp1 == $OldPassword && $NewPassword == $NewPassword1)
{
$sql = "UPDATE users SET Password='$NewPassword' WHERE EmailAddress='$EmailAddress'";
if($result = mysqli_query($link, $sql))
{
header("Location: profile.php");
echo "<strong>YOURE PASSWORD HAS BEEN UPDATED!</strong>";
}
}
}
}
else
{
echo "<div id='change_error3'>A Password Box was Left Empty!</div>";
}
}
?>
<html>
<head>
<title>Change Password</title>
</head>
<br></br>
<br></br>
<body class="body">
<div id="wrapper">
<div id="header">
<br>
<h1> PHP Learning Course </h1>
<br>
<?php require_once "left.php" ?>
</div>
<div id="change">
<div id="change_name">
<h3> Change Password</h3>
</div>
<p>
<div id='change_form'>
<form action='changepass.php' method='POST'>
Old Password:<br> <input name='OldPassword' type='password'/></br>
<br>
New Password:<br> <input name='NewPassword' type='password'/></br>
<br>
Confirm Password:<br> <input name='newpass1' type='password'/></br>
<br>
<input name='submit' type='submit' value='Change Password' />
</form>
</p>
</div>
</div>
<!-- end main div -->
</div>
<!-- end wrapper div -->
</body>
</html>
!empty($_POST['NewPassword1']))
index should be, newpass1
i.e. !empty($_POST['newpass1']))
because in the form, you have put,
Confirm Password:<br> <input name='newpass1' type='password'/></br>
stick with one convention to avoid these errors.
I made a login that worked perfectly, but now im copying the original and editing it to work on another one of my web projects and it jsut dosnt seam to want to work, any help would be appreciated!
Here is the login that worked:
<?php
session_start();
include('../includes/connect-db.php');
if (isset($_SESSION['logged_in'])) {
?>
<html>
<head>
</head>
<body>
<div>Message would go here</div>
</body>
</html>
<?php
} else {
if (isset($_POST['username'], $_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
if (empty($username) or empty($password)) {
$error = 'All fields are required!';
} else {
$query = $pdo->prepare('SELECT * FROM users WHERE user_username = ? AND user_password = ?');
$query->bindValue(1, $username);
$query->bindValue(2, $password);
$query->execute();
$num = $query->rowCount();
if ($num == 1) {
$_SESSION['logged_in'] = true;
header('Location: index.php');
exit();
} else {
$error = 'Incorrect details!';
}
}
}
?>
<html>
<head>
</head>
<body>
<div>Login form would go here</div>
</body>
</html>
<?php } ?>
And here is the login im trying to get to work (some more info about it under the code):
<?php
//Start Session
session_start();
//Connect To DataBase
include($_SERVER['DOCUMENT_ROOT'].'includes/connect-db.php');
//Login
if (isset($_SESSION['logged_in'])) {
header('Location: http://localhost/logged-in.html');
} else {
if (isset($_POST['username'], $_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
if (empty($username) or empty($password)) {
$error = 'All fields are required!';
} else {
$query = $pdo->prepare('SELECT * FROM admins WHERE admin_username = ? AND admin_password = ?');
$query->bindValue(1, $username);
$query->bindValue(2, $password);
$query->execute();
$num = $query->rowCount();
if ($num == 1) {
$_SESSION['logged_in'] = true;
header('Location: http://localhost/techbite/logged-in.html');
exit();
} else {
$error = 'Incorrect details!';
}
}
}
//Page Content
$content = '<form action="index.php" method="post" autocomplete="off">
<input type="text" name="username" placeholder="Username" />
<input type="password" name="password" placeholder="Password" />
<input type="submit" value="Submit" />
</form>
<?php if (isset($error)) { ?>
<small style="color:#aa0000"><?php echo($error); ?></small>
<?php } ?>';
//Select Theme
include($_SERVER['DOCUMENT_ROOT'].'themes/theme-select.php');
}
?>
Keep in mind that database connection is successful, the login form appears but just dosnt seam to log in or show an error when nothing is entered/wrong credentials, everything else works perfect, including importing the form into the theme with $content.
Here is the connect-db.php:
<?php
//Connect To Database
try {
$pdo = new PDO('mysql:host=localhost;dbname=techbite', 'root', '');
} catch (PDOException $e) {
exit('Database error, could not connect.');
}
?>
What iv done here is included the theme:
include($_SERVER['DOCUMENT_ROOT'].'/themes/theme-select.php');
And inside the theme where i want the content i have:
<?php echo($content); ?>
and in the login php file i have this which will be put into the php theme file:
$content = '<form action="index.php" method="post" autocomplete="off">
<input type="text" name="username" placeholder="Username" />
<input type="password" name="password" placeholder="Password" />
<input type="submit" value="Submit" />
</form>
<?php if (isset($error)) { ?>
<small style="color:#aa0000"><?php echo($error); ?></small>
<?php } ?>';
I hope someone can help, hopefully its something small i have missed!
Thanks for any help and let me know if anything else is needed.
Kind Regards,
Hayden.
it's not showing an error because
$content = '<form action="index.php" method="post" autocomplete="off">
<input type="text" name="username" placeholder="Username" />
<input type="password" name="password" placeholder="Password" />
<input type="submit" value="Submit" /> </form>
<?php if (isset($error)) { ?>
<small style="color:#aa0000"><?php echo($error); ?></small>
<?php } ?>';
is all just a string, and the <?php ?> sections inside this string are never parsed by the php interpreter. View the page source of your login page and you should see them there.
If you're set on using this $content variable and the theme-select.php file, try changing it to this:
$content = '<form action="index.php" method="post" autocomplete="off">
<input type="text" name="username" placeholder="Username" />
<input type="password" name="password" placeholder="Password" />
<input type="submit" value="Submit" /> </form>';
if (isset($error)) {
$content .= '<small style="color:#aa0000">'.$error.'</small>';
}
As for why it's not logging in, it's a silly question, but have you created a table in your database named admins and a record there with a username and password set?
Try replacing
$num = $query->rowCount();
with
$num = count($query->fetchAll(PDO::FETCH_ASSOC));
UPDATE
Just noticed this...
if (isset($_POST['username'], $_POST['password'])) {
should be
if( isset($_POST['username']) && isset($_POST['password']) ) {
I would add an else condition here to display an error message of some description
UPDATE 2
Slight modification to your connect.php
try {
// create a new instance of a PDO connection
$pdo = new PDO('mysql:host=localhost;dbname=techbite', 'root', '');
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e) {
// if the connection fails, display an error message
echo 'ERROR: ' . $e->getMessage();
}
I fixed it!
i knew it would be something so small and simple, it was the form action which was set to the wrong file name, it was set to index.php instead of login.php.
Thank you to everyone for your help! :)