Hey Stackoverflow users,
Since I was able to get some amazing help before with a problem I was stuck on for longer than I could remember I thought I would come at you with this.
Working with a login system that authenticates the user and kills the session off but currently it's not recognizing the variables assigned to the session. After clicking the logout button everything seems like it's working but when doing a direct connect to the Members Page by typing it into the address bar it loads the page instead of redirecting to the login page.
Members.php
<?PHP
session_start();
if (!isset($_SESSION['username'])) {
header('location:login.php');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>The Animator BETA</title>
<style>
//CSS Has been removed as it's lengthy and unrelated to the issue.
</style>
<!--[if lt IE 9]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js"></script>
<script>
$(document).ready(function(){
$('#login-trigger').click(function(){
$(this).next('#login-content').slideToggle();
$(this).toggleClass('active');
if ($(this).hasClass('active')) $(this).find('span').html('▲')
else $(this).find('span').html('▼')
})
});
</script>
</head>
<body>
<header class="cf">
<nav style="text-align:center">Logout</nav>
</header>
<h1 style="text-align:center"> The Animator - BETA</h1>
<hr />
<div id="nav" style="text-align:center">
<ul style="text-align:center">
<li><a href= "#" ><strong>Home</strong></a></li>
<strong><li><a href= "industrial.html" >Industrial</a></li>
<li><a href= "educational.html" >Education</a></li>
<li><a href= "independent.html" >Independent</a></li>
<li><a href= "emergent.html" >Emergent</a></li>
<li><a href= "team.html" >Team</a></li>
<li><a href= "project.html" >Project</a></li>
<li><a href= "budget.html" >Budget</a></li>
<li><a href= "profile.html" >Profile</a></li></strong>
</ul>
</div>
<hr />
<div style="padding-left:19%"><input type="text" value="search" />
<input type="button" value="Search!" name="search"/>
</div>
<div> </div>
<div align="center">
<div><img src="logo.png" width="407" height="345" alt="Logo" usemap="sectors" /></div>
</div>
</div>
<map name="sectors">
<area shape="rect" coords="72,40,194,165" alt="Industrial" href="industrial.html">
<area shape="rect" coords="210,38,328,162" alt="Emergent" href="emergent.html">
<area shape="rect" coords="208,178,331,296" alt="Independent" href="independent.html">
<area shape="rect" coords="71,177,194,295" alt="Educational" href="educational.html">
</map>
<div> </div>
<div style="text-align:right"></div>
<div> </div>
<div id="footer"> <hr />
<p><strong><u>About The Animator | Contact | Privacy Policy | FAQ</u></strong><u></u></p>
</div>
</body>
</html>
LOGIN PAGE
<?php
error_reporting(E_ALL);
ini_set('display_errors',"On");
include ('database_connection.php');
if (isset($_POST['formsubmitted'])) {
// Initialize a session:
session_start();
$error = array();//this aaray will store all error messages
if (empty($_POST['e-mail'])) {//if the email supplied is empty
$error[] = 'You forgot to enter your Email ';
} else {
if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*#([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['e-mail'])) {
$Email = $_POST['e-mail'];
} else {
$error[] = 'Your Email Address is invalid ';
}
}
if (empty($_POST['Password'])) {
$error[] = 'Please Enter Your Password ';
} else {
$Password = $_POST['Password'];
}
if (empty($error))//if the array is empty , it means no error found
{
$query_check_credentials = "SELECT * FROM account WHERE (email='$Email' AND passwords='$Password')";
$result_check_credentials = mysqli_query($dbc, $query_check_credentials);
if(!$result_check_credentials){//If the QUery Failed
echo 'Query Failed ';
}
if (#mysqli_num_rows($result_check_credentials) == 1)//if Query is successfull
{ // A match was made.
$_SESSION = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);//Assign the result of this query to SESSION Global Variable
$_SESSION['email'] = $Email;
session_start("username");
header("Location: members.php");
}else
{
$msg_error= 'Either Your Account is inactive or Email address /Password is Incorrect';
}
} else {
echo '<div class="errormsgbox"> <ol>';
foreach ($error as $key => $values) {
echo ' <li>'.$values.'</li>';
}
echo '</ol></div>';
}
if(isset($msg_error)){
echo '<div class="warning">'.$msg_error.' </div>';
}
/// var_dump($error);
mysqli_close($dbc);
} // End of the main Submit conditional.
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login Form</title>
<style type="text/css">
body {
font-family:"Lucida Grande", "Lucida Sans Unicode", Verdana, Arial, Helvetica, sans-serif;
font-size:12px;
}
.registration_form {
margin:0 auto;
width:500px;
padding:14px;
}
label {
width: 10em;
float: left;
margin-right: 0.5em;
display: block
}
.submit {
float:right;
}
fieldset {
background:#EBF4FB none repeat scroll 0 0;
border:2px solid #B7DDF2;
width: 500px;
}
legend {
color: #fff;
background: #80D3E2;
border: 1px solid #781351;
padding: 2px 6px
}
.elements {
padding:10px;
}
p {
border-bottom:1px solid #B7DDF2;
color:#666666;
font-size:11px;
margin-bottom:20px;
padding-bottom:10px;
}
a{
color:#0099FF;
font-weight:bold;
}
/* Box Style */
.success, .warning, .errormsgbox, .validation {
border: 1px solid;
margin: 0 auto;
padding:10px 5px 10px 60px;
background-repeat: no-repeat;
background-position: 10px center;
font-weight:bold;
width:450px;
}
.success {
color: #4F8A10;
background-color: #DFF2BF;
background-image:url('images/success.png');
}
.warning {
color: #9F6000;
background-color: #FEEFB3;
background-image: url('images/warning.png');
}
.errormsgbox {
color: #D8000C;
background-color: #FFBABA;
background-image: url('images/error.png');
}
.validation {
color: #D63301;
background-color: #FFCCBA;
background-image: url('images/error.png');
}
</style>
</head>
<body>
<form action="login.php" method="post" class="registration_form">
<fieldset>
<legend>Login Form </legend>
<p>Enter Your username and Password Below </p>
<div class="elements">
<label for="name">Email :</label>
<input type="text" id="e-mail" name="e-mail" size="25" />
</div>
<div class="elements">
<label for="Password">Password:</label>
<input type="password" id="Password" name="Password" size="25" />
</div>
<div class="submit">
<input type="hidden" name="formsubmitted" value="TRUE" />
<input type="submit" value="Login" />
</div>
</fieldset>
</form>
<button onclick="window.location='theanimator.html';">Go Back!</button>
</body>
</html>
LOGOUT
<?php
unset($_SESSION['email']);
header('Location: login.php');
exit;
?>
your logout page has to be this:
<?php
//start the session
session_start();
//this will destroy the session that is started
session_destroy();
header('Location: login.php');
exit;
?>
The problem was, you didn't destroy the session so the session exist when you go back to page.
Also you where looking checking on $_SESSION['username'] but you unset $_SESSION['email'] that is never going to work.
Related
I need assistance getting a password-protect page to work for my portfolio site. Currently, the password protect page allows users to go through even if they enter the wrong password. Can anyone assist? I don’t have previous experience with PHP.
Code below. Live site: https://www.starchevsky.com/pwo.php
(should redirect to starchevsky.com/pwo.html)
<?php
$password = "";
if(isset($_POST['submit'])) {
$password = $_POST['password'];
header('location: http://www.starchevsky.com/pwo.html');
if($password != "design6020") {
$error['password'] = "Please re-enter the password.";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta name="robots" content="noindex">
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="description" content="Product Designer with 13 years of experience leading projects for clients large and small, including Google, Bank of America, and Chick-fil-A."/>
<title>Tatiana Starchevsky</title>
<link href="https://fonts.googleapis.com/css2?family=Montserrat&family=Prata&display=swap" rel="stylesheet">
<link rel="shortcut icon" href="img/favicon.ico" />
<link rel="stylesheet" href="lib/css/foundation.css" />
<link rel="stylesheet" href="lib/css/style.css" />
<link rel="stylesheet" href="lib/css/app.css" />
<style>
input[type=text] {
border: 2px solid #ccc;
border-radius: 4px;
border-style:solid;
-webkit-appearance: none;
box-shadow: inset 0px 0px 0px 0px red;
}
input[type=button],
input[type=submit] {
background-color: #d50634;
border: none;
color: #fff;
padding: 15px 30px;
text-decoration: none;
margin: 4px 2px;
border-radius: 4px;
cursor: pointer;
}
input:hover[type="submit"]
{
background: #000;
}
</style>
</head>
<body>
<em><?php if($password == "design6020") {
header('location: http://www.starchevsky.com/pwo.html');
?></em>
<!-- PROTECTED INFORMATION GOES HERE -->
<?php } else { ?>
<section id="headernav">
<div class="grid-x">
<div class="cell small-6 name">
Tatiana Starchevsky
</div>
<div class="cell small-6">
<ul class="menu align-right">
<li><a ref="index.html">Projects</a></li>
<li>Contact</li>
</ul>
</div>
</div>
</section>
<section>
<div class="grid-x align-center align-middle">
<div class="large-6 small-6 cell">
<br><br><br><br>
<h3>Password Protected</h3>
<br>
<p>At the client's request, this project is password protected.</p>
<small>Please email me if you need access.</small>
<br><br>
<?php foreach($error as $errors) {
echo "<p style='color: red;'>".$errors."</p>";
}
?>
<form name="login" action="pwo.php" method="post">
<p>
<input type="text" id="password" class="password" name="password" placeholder="Password" value="<?php if(isset($password)) { echo $password; } ?>"> <input type="submit" name="submit" value="Submit">
</p>
<?php } ?>
</form>
</div>
</section>
<script src="js/vendor/jquery.js"></script>
<script src="js/vendor/what-input.js"></script>
<script src="js/vendor/foundation.js"></script>
<script src="js/app.js"></script>
</body>
</html>
I moved a login php script from a pretty old server to a newer server. All settings and chmods are put the same but the php script does not work on the newer server. When entering the correct login and password it does not go to main.php but stays on the index.php login page and adds this message "Invalid Username or Password!'; } } ?>".
I am a programming noob but perhaps the script uses certain coding that is better not used anymore at newer servers. Any ideas what to change to the script so it could possible work again? Thank you in advance.
Here is the code of the index.php login page:
<?
ob_start("ob_gzhandler");
session_start();
$username = "admin";
$password = "admin";
// main page
$mainpage = "main.php";
if(isset($_SESSION['logedin']))
if($_SESSION['logedin'] == 'loggedin')
{
header("Location: $mainpage");
exit();
}
if(isset($_POST['submit']))
{
if($_POST['username'] == $username && $_POST['password'] == $password)
{
$_SESSION['logedin'] = 'loggedin';
// Redirect to the page
header("Location: $mainpage");
exit();
}
else
{
$error = '<br /><br />Invalid Username or Password!';
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en-US">
<head>
<title>test</title>
<meta http-equiv="content-type" content="application/xhtml+xml; charset=UTF-8" />
<style type="text/css">
html, body, #wrapper {
height:100%;
width: 100%;
margin: 0;
padding: 0;
border: 0;
}
#wrapper td {
vertical-align: middle;
text-align: center;
}
#headerBox {
border: 1px solid #A6E0FF;
width: 800px;
color: #00529B;
background: #EDF8FE;
height: 150px;
text-align: center;
margin: 0px auto;
}
#top {
color: #00529B;
background: #DAF3FF;
text-align: center;
border-bottom: 1px solid #BFE9FF;
padding-top: 10px;
padding-bottom: 10px;
font-weight:bold;
}
#bottom {
color: #00529B;
background: #EDF8FE;
text-align: center;
padding-top: 30px;
}
</style>
</head>
<body>
<table id="wrapper">
<tr>
<td>
<div id="headerBox">
<form method="post" id="login" action="index.php">
<div id="top">Log In</div>
<div id="bottom">
Username: <input id="username" name="username" type="text" />
Password: <input id="password" name="password" type="password" />
<input type="submit" name="submit" id="submit" value="Log in" />
<? if(isset($error)) echo $error; ?>
</div>
</form>
</div>
</td>
</tr>
</table>
<script type="text/javascript">
//<![CDATA[
<!--
document.getElementById("username").focus();
//-->
//]]>
</script>
</body>
</html>
You seemed to be missing an opening bracket after an if-statement, so this should be working:
<?php
ob_start("ob_gzhandler");
session_start();
$username = "admin";
$password = "admin";
// main page
$mainpage = "main.php";
if(isset($_SESSION['logedin']))
{
if($_SESSION['logedin'] == 'loggedin')
{
header("Location: $mainpage");
exit();
}
}
if(isset($_POST['submit']))
{
if($_POST['username'] == $username && $_POST['password'] == $password)
{
$_SESSION['logedin'] = 'loggedin';
// Redirect to the page
header("Location: $mainpage");
exit();
}
else
{
$error = '<br /><br />Invalid Username or Password!';
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en-US">
<head>
<title>test</title>
<meta http-equiv="content-type" content="application/xhtml+xml; charset=UTF-8" />
<style type="text/css">
html, body, #wrapper {
height:100%;
width: 100%;
margin: 0;
padding: 0;
border: 0;
}
#wrapper td {
vertical-align: middle;
text-align: center;
}
#headerBox {
border: 1px solid #A6E0FF;
width: 800px;
color: #00529B;
background: #EDF8FE;
height: 150px;
text-align: center;
margin: 0px auto;
}
#top {
color: #00529B;
background: #DAF3FF;
text-align: center;
border-bottom: 1px solid #BFE9FF;
padding-top: 10px;
padding-bottom: 10px;
font-weight:bold;
}
#bottom {
color: #00529B;
background: #EDF8FE;
text-align: center;
padding-top: 30px;
}
</style>
</head>
<body>
<table id="wrapper">
<tr>
<td>
<div id="headerBox">
<form method="post" id="login" action="index.php">
<div id="top">Log In</div>
<div id="bottom">
Username: <input id="username" name="username" type="text" />
Password: <input id="password" name="password" type="password" />
<input type="submit" name="submit" id="submit" value="Log in" />
<?php if(isset($error)) { echo $error; } ?>
</div>
</form>
</div>
</td>
</tr>
</table>
<script type="text/javascript">
//<![CDATA[
<!--
document.getElementById("username").focus();
//-->
//]]>
</script>
</body>
</html>
I'm creating a login page where users can login in to their account using name and their email id. I'm facing an issue in the login page, when i try to enter the details with proper email id and name its not getting logged in.I'm new to ajax. what should i do to get it to work? please can any one guide me, im trying it from three days but not getting it to be worked
login.php
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8"/>
<script src="http://code.jquery.com/jquery-1.9.1.js"></script>
<script src="script.js"></script>
<style>
.error {
color: red;
display: none;
}
.div1 {
margin-top: -19px;
margin-bottom: -25px;
margin-left: -19px;
}
.copy {
border-radius: 4px;
padding: 6px 20px;
border-style: ridge;
}
#error_message{
background: #F3A6A6;
}
.ajax_response {
padding: 10px 20px;
border: 0;
display: inline-block;
margin-top: 20px;
cursor: pointer;
display:none;
color:#555;
}
</style>
</head>
<body style="background-color:#80bfff">
<div style="padding-left: 380px; padding-top:80px" class="div1">
<h2 style="color:#009999">Login :</h2>
<p><span class="error">All fields are required </span></p>
<form action="" method="post" id="logForm" enctype="multipart/form-data">
<span style="color:#0099ff">Name: </span>
<input type="text" name="name" id="name" class="copy" style="margin-left: 52px" value ="" />
<span class="namee error">Enter name</span>
<br/><br/>
<span style="color:#0099ff"> E-mail: </span>
<input type="text" name="email" id="email" class="copy" style="margin-left: 48px" value ="" />
<span class="emaile error">Enter email</span>
<br/><br/>
<input type="button" id="submit" class="submit" name="submit" value="Register" />
<p style="color:black">Haven't Registered? Register here.</p><br><br>
<div id="error_message" class="ajax_response" style="float:left"></div>
</form>
</div>
</body>
<script>
$(document).ready(function(){
$("#submit").click(function(){
var error = false;
var form = document.getElementById('logForm');
var formData = new FormData(form);
// Loop through the form data
for(var p of formData){
// Check if the form data is empty
if(p[1] === ''){
// Show the error
$('.'+p[0]+'e').show();
error = true;
}
}
// prevent AJAX from running in case of an error
if(error){
return false;
}
// AJAX Code To Submit Form.
$.ajax({
type: "POST",
url: "success.php",
data: formData,
processData: false,
contentType: false,
cache: false,
success: function(data){
if (data['success']==true) {
window.location = 'pannel.php';
}
else {
alert('Invalid Credentials');
}
}
});
});
});
</script>
</html>
success.php
<?php
$mysqli = mysqli_connect("localhost","root","","ajax1");
$name=$_POST["name"];
$email=$_POST["email"];
//Checking is user existing in the database or not
$query = "SELECT * FROM `users` WHERE name='$name' and email='$email'";
$result = mysqli_query($mysqli,$query);
$row1 = mysqli_fetch_array($result);
$rows = mysqli_num_rows($result);
if($rows==1){
$_SESSION['name'] = $name;
$_SESSION['id']=$row1['userid'];
echo "successfully logged in";
}
else{
$error = " Invalid Name or E-MAIL ";
}
?>
pannel.php
<!DOCTYPE html>
<html lang="en">
<head>
<title>Bootstrap Example</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<br><br><br><br>
<?php
$mysqli = mysqli_connect("localhost","root","","ajax1");
$query=mysqli_query($mysqli,"select * from `users` where userid='".$_SESSION['id']."'");
$row=mysqli_fetch_array($query);
echo 'Welcome - '.$row['name'];
?>
<br>
Logout
<br><br>
</div>
</body>
</html>
The issue is you need to start the session in php like below
<?php session_start(); ?>
I hope it will work...
I Created two page. One for admin and for one user. But have there separate access on login. I wanted to give access to admin on the user page. I am not able to find the solution for that.
Now if I login in as admin and try to access the user page it will redirect me to the login page and the same case is for the user. That part is fine.
In my login form I check the role for the user and depending on that role I redirect them to their respective pages. In the admin and user page I check the role first of the user and if it is not the same it redirects them to the login page.
Now what I tried was in the user_page.php I added two roles user and administrator to check whether the login user is administrator or the user. But that part I am not able to figure out.
<?php
ob_start();
session_start();
include("db.php");
?>
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title></title>
<style type="text/css">
.box {
border: #666666 solid 1px;
}
label {
font-weight: bold;
width: 100px;
font-size: 12px;
}
</style>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js"></script>
</head>
<body bgcolor="#FFFFFF">
<div align="center">
<div style="width:350px; border: solid 2px #333333; " align="left">
<div style="background-color:#333333; color:#FFFFFF; padding:4px;"><b>Login</b></div>
<div style="margin:25px">
<form method="post" action="">
<?php
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$myusername1=mysqli_real_escape_string($con,$_POST['username']);
$mypassword1=mysqli_real_escape_string($con,$_POST['password']);
$mypassword=MD5($mypassword1);
$sql="SELECT * FROM finforex_users WHERE username='$myusername1' and password='$mypassword1'";
$result=mysqli_query($con,$sql);
$row=mysqli_fetch_array($result);
$_SESSION['userid']=$row['userid'];
$_SESSION['role']=$row['role'];
$count=mysqli_num_rows($result);
if($count==1)
{
if ($row['role']=="administrator")
{
header ("location: admin_page.php");
}
else if ($row['role']=="user")
{
$_SESSION['role']=$row['role'];
header ("location: user_page.php");
}
}
else
{
$error="Your Login Name or Password is invalid";
}
}
?>
<label>UserName :</label><input type="text" name="username" class="box" /><br /><br />
<label>Password :</label><br/><input type="password" name="password" class="box" /><br/><br />
<input type="submit" value=" Submit " /><br />
</form>
<div style="font-size:11px; color:red; margin-top:100px">
<?php
$error;
?>
</div>
</div>
</div>
</div>
</body>
</html>
<?php
ob_start();
session_start();
include 'db.php';
if(isset($_SESSION['role'])=='administrator')
{
$query1= mysqli_query($con,"SELECT * FROM `finforex_users` WHERE `userid`='".$_SESSION['userid']."' AND `role`='administrator' ");
$arr1 = mysqli_fetch_array($query1);
$num1 = mysqli_num_rows($query1);
if($num1==1)
{
?>
<html>
<head>
<style>
body{
width:80%;
margin: 0 auto;
padding: 0;
font-family: 'Open Sans', Tahoma, Arial, helvetica, sans-serif;
}
</style>
</head>
<body>
<br>
<h1 style="font-weight: 400;">Set Margins- Administrator</h1>
<div style="float:right;">Logout</div>
page 2
<?php
}
else
{
header ("location:login.php");
}
}
else
header ("location:login.php");
?>
</body>
</html>
<?php
session_start();
include 'db.php';
if(isset($_SESSION['role'])=='user')
{
$query= mysqli_query($con,"SELECT * FROM `finforex_users` WHERE `userid`='".$_SESSION['userid']."' AND `role`='user' ");
$arr = mysqli_fetch_array($query);
$num = mysqli_num_rows($query);
if($num==1)
{
?>
<style>
{
width:80%;
margin: 0 auto;
padding: 0;
font-family: 'Open Sans', Tahoma, Arial, helvetica, sans-serif;
}
</style>
<body>
<h1 style="font-weight: 400;">Welcome User</h1>
<div style="float:right;">Logout</div>
<?php
}
else
{
header ("location:login.php");
}
}
else
header ("location:login.php");
?>
</body>
Set the role condition like
if(isset($_SESSION['role'])=='user' || isset($_SESSION['role'])=='administrator'){
// User Page
// ....code ....
}
<!DOCTYPE html>
<?php
session_start();
error_reporting(0);
$submit=$_POST['submit'];
$firstName=strip_tags($_POST['firstName']);
$lastName=strip_tags($_POST['lastName']);
$email=strip_tags($_POST['email']);
$username=strip_tags($_POST['username']);
$password=strip_tags($_POST['password']);
$DateTime=strip_tags($_POST['DateTime']);
if ($submit)
{
//open Database
$connect = mysql_connect("localhost", "root", "");
mysql_select_db("mitch");
//select database
$namecheck = mysql_query ("SELECT username FROM tbmitch WHERE username='$username'");
$count = mysql_num_rows($namecheck);
if ($count!=0)
{
echo "<script type='text/javascript'>alert('Control number already exists')</script>";
}
//check for existence
else
if($username)
{
$queryreg = mysql_query("INSERT INTO tbmitch VALUES ('$username','$lastName','$firstName','$email','$password',now())");
$_SESSION['username']=$username;
header('location:home.php');
echo '
<script type="text/javascript">alert("Record/s saved.");
window.location.href = "home.php";
</script>';
}
else
echo "<script type='text/javascript'>alert('Please fill in all fields')</script>";
}
?>
<html>
<head>
<title>MobileApp-SignUp</title>
<body>
<link rel="stylesheet" type="text/css" href="css/960_12_col.css" />
<style>
* {
font-family: Georgia;
color: black;
text-align: top;
font-size: 16px;}
li {
display: inline;
padding: 5px;}
ul {
position: fixed;
top: 0px;
left: 0px;
padding: 15px;
margin: 0px;
width: 100%;
color: #b5c1ad;
text-align: left;
text-decoration: none;
background: #4EE2EC;}
a {
color: black;
text-decoration: none;}
a:hover {
color: #ffffff;}
header {
text-align: right;}
</style>
<meta name=viewport content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" type="text/css" href="css/form.css" />
<script type="text/javascript">
function formatTextArea(textArea) {
textArea.value = textArea.value.replace(/(^|\r\n|\n)([^*]|$)/g, "$1*$2");
}
window.onload = function() {
var textArea = document.getElementByusername("t");
textArea.onkeyup = function(evt) {
evt = evt || window.event;
if (evt.keyCode == 13) {
formatTextArea(this);
}
};
};
</script>
</head>
<center>
<br>
<br>
<br>
<br>
<br>
<br>
<div class="container_12 clearfix">
<div username="header" class="grusername_12">
<img src = "images/img.gif" height="200" width="200" border="3" align="center"></p>
<div username="nav" style="width:450">
<ul>
<li>Back to Home|</li>
<br>
<br>
<img src="images/header.gif" width="95" class="logo" /><br>
<img src="images/underheader.gif" width="75" class="logo" />
</ul>
</div>
</div>
<span class="right">
<?php echo " Welcome ".$_SESSION['UserID']." |"; ?>
</span>
</head>
</body>
<br>
<style type="text/css">
body {
background-image: url("bg/bgcloud.jpeg");
background-repeat: no-repeat;
background-attachment: fixed;
color: black;
padding: 20px;
font-family: Georgia;}
p {
padding: 5px;
margin: 0px;
color: red;}
p.ab {
color: black;}
.button {
padding: 7px 20px;
font-size: 24px;
text-align: center;
cursor: pointer;
outline: none;
color: #fff;
background-color: #7FE817;
border: none;
border-radius: 8px;
box-shadow: 0 5px #999;}
.button:hover {
background-color: #ffffff;}
</style>
<body>
<p class = "ab">[Signup to check your Cacao plant]</p>
<p class = "ab">Signup here <p>↓ ↓ ↓ ↓ ↓ ↓</p>
<br>
<br>
<form action="done.php" method="post">
<div>
<label for="name" class="title">First Name:</label>
<input type="text" username="firstName" name="firstNamename" size="30" name='firstName' maxlength="100" required="required"/>
</div>
<br>
<div>
<label for="name" class="title">Last Name:</label>
<input type="text" username="lastName" name="lastName" size="30" name='lastName' maxlength="100" required="required"/>
</div>
<br>
<div>
<label for="email" class="title">E-mail add:</label>
<input type="email" username="email" name="email" size="30" name='email' maxlength="100" required="required"/>
</div>
<br>
<div class="radio-buttons">
<span class="title" required="required">Gender:</span>
<input type="radio" name="gender" username="male" value="M" />
<label for="male">M</label>
<input type="radio" name="gender" username="female" value="F" />
<label for="female">F</label><br />
</div>
<br>
<br>
<div>
<p>*the next entry must be remembered for logging in*</p>
<label for="username">Username:</label>
<input type="text" name="username" required="required" size="20" name='username' maxlength="100"/></title><br />
<br>
<label for="password">Password :</label>
<input type="password" name="password" required="required" size="20" name='password' maxlength="100" />
<br>
<br>
<button class="button"><span>Submit</span></button>
</div>
</form>
</body>
<br>
<br>
<br>
<br>
<br>
<p class = "ab" align="right">
© 2017 BSCT-2B MobileApp
</p>
</form>
</center>
</body>
</html>
I'm into PHP and I find it difficult to pass my files to mysql database (I'm using the xampp here, if that helps), I want to do signups on my site and later log in to the registered data, if I;m referring to other users I want to block users who haven't register themselves on the database first, so how do I do it? What to change?
In PHP + mySql based application we can have web pages for authenticated users only, and to achieve that we need to do following steps:
Create Login Form.
On submit validate the data submitted through form and if it return true (Valid login credential). Create a $_SESSION variable to identify logged in user.
While rendering any webpage which requires authenticated user only, check for that particular $_SESSION variable.
It valid $_SESSION exists, show the page, else redirect it to the login page.
Hope this helps.