I am learning how to use "setcookie", however, I couldn't get following line to work,
I have pasted all my codes here, if someone could give me a hand please?
Have no idea the reason.
Many thanks.
else{ die ("hahahahahahahahahahahahahaha"); }
HTML code
<form method="POST" action="">
<div class="error"><?php echo $error;?></div>
<p></p>
<label>Username: </label><br>
<input type="text" name="username"><br>
<label>Password: </label><br>
<input type="password" name="password"><br>
<input type="checkbox" name="rememberme"> Remember me<br>
<input type="submit" name="submit" value="Login">
PHP CODE
<?
if(isset($_POST['submit'])){
//get data
$username = $_POST['username'];
$password = $_POST['password'];
$rememberme = isset($_POST['rememberme']);
echo $rememberme;
if($username&&$password){
$login = mysql_query("SELECT * FROM form WHERE username='$username'");
while ($row = mysql_fetch_assoc($login))
{
$db_password = $row['password'];
if (md5($password)== $db_password)
{
$logstatus = TRUE;
}
else{
$logstatus = FALSE;
}
if ($logstatus == TRUE)
{
if ($rememberme == "1")
setcookie("username", $username, time()+600);
else if ($rememberme == "")
$_SESSION['username'] = $username;
echo " I am here";
}
else{
die ("hahahahahahahahahahahahahaha"); //unable to get here
}
}
}
else{
echo "enter username / password";
}
}
?>
Try this code, I haven't tested it but is should works :)
session_start();//dont forget this :P
if(isset($_POST['submit'])){
//get data
$username = $_POST['username'];
$password = $_POST['password'];
$rememberme = isset($_POST['rememberme']);
echo $rememberme;
if($username&&$password){
$login = mysql_query("SELECT * FROM form WHERE username='$username' AND password='".md5($password)."'");
if (mysql_num_rows($login))//if this returns 1 you are logged in
{
if ($rememberme == "1")
setcookie("username", $username, time()+600);
else
$_SESSION['username'] = $username;
echo " I am here";
}else{
die ("Incorrect Username/Password"); //unable to get here
}
}
}
else{
echo "enter username / password";
}
}
The while loop is causing the issue, simply remove it.
Well I didn't tested the code but trying following might help.
Add line:
$logstatus = TRUE;
before while.
Justification:
Scope of variable finishes as soon as block finishes. defining logstatus outside while will make sure its scope do not end where it is required.
Related
I have a PHP project which is in the localhost for now.
The issue that I'm facing is when I open the url and try to login, it doesn't let me to login and it will revert back to the same page. But if I try to login other PHP project first, then login to my PHP project it will be able to login.
So what is the reason for this issue? Can anyone assist me?
Code
<?php
include "../setting/config.php";
session_start();
if(!isset($_POST['login']))
{
$_SESSION['test'];
}
if(isset($_POST['login'])){
$username = $_POST['username'];
$password = $_POST['password'];
//ADMIN
$query1 = "SELECT * FROM umd_login WHERE username='$username' AND password='$password'";
$query_run=mysqli_query($conn, $query1);
$level = mysqli_fetch_array($query_run);
if(count(fetchAll($query1)) > 0){ //this is to catch unknown error.
foreach(fetchAll($query1) as $row){
if ($row['username'] == $username && $row['password'] == $password) {
$_SESSION['test'] = true;
$_SESSION['username']= $_POST['username'];
if($level['user_level_id'] == "1"){
header('location:UMD_home.php');
exit;
}
} else {
alert();
}
}
}
function alert(){
echo "<script>alert('Invalid username or password. Please try again.')</script>";
}
}
if (isset($_POST['login'])) {
$username = $_POST['username'];
$password = $_POST['password'];
//UMD,CMD
$query2 = "SELECT * FROM registered_accounts WHERE username='$username' AND password='$password'";
$query_run=mysqli_query($conn, $query2);
$level = mysqli_fetch_array($query_run);
if (count(fetchAll($query2)) > 0) { //this is to catch unknown error.
foreach (fetchAll($query2) as $row) {
if ($row['username'] == $username && $row['password'] == $password) {
$_SESSION['test'] = true;
$_SESSION['username']= $_POST['username'];
if($level['level'] == "CMD"){
header('location:CMD_home.php');
exit;
}else if($level['level'] == "UMD"){
header('location:UMD_home2.php');
exit();
}
} else {
alert();
}
}
} else {
alert();
}
}
?>
<form action="<?= $_SERVER['PHP_SELF'] ?>" method="post">
<input type="text" class="text" name="username" placeholder="Username" value="" required autofocus>
<input type="password" placeholder="Password" name="password" value="" required autofocus>
<div class="submit"><input type="submit" value="Login" name="login"></div>
</form>
//start a session on the topand make a create a session
<?php
session_start();
if(!isset($_SESSION['email'])){
header('location:dashboard.php');
}
?>
add this code to the top of the login form page
and i think this will solve your problem
I've added:
if(!isset($_SESSION['login']))
{
$_SESSION['login'] = true;
}
and it is working now. Thank you everyone. You all helped me well. Have a nice day.
You can login, from other project is because you have a Session variable with the same name in both projects.
as Ravin said, on line 3, $_SESSION['login'] si always null (is not initialized).
Use instead:
if(!isset($_POST['login'])){
My headline allmost says it all, I want to make a login form that will NOT refresh the page if the login fails, but if login success it should direct me to the right page :)
<?php
$errormessage = "";
session_start();
if (#$_SESSION['logged_in'] == TRUE) {
header("Location: index-users.php");
exit();
}
if ( isset($_POST['username']) && isset($_POST['password']) ) {
$username = $_POST['username'];
$password = $_POST['password'];
$db = new mysqli('localhost', 'root', '', 'dbname');
$query = "SELECT * FROM dbname_users WHERE username = '$username' AND password = '$password'";
$result = $db->query($query);
$rows = $result->num_rows;
if($rows == 1){
$_SESSION['logged_in'] = TRUE;
while ($row = $result->fetch_assoc()) {
$_SESSION['user_id'] = $row['ID'];
}
header("Location: index-users.php");
}
else{
$errormessage = "Forkert brugernavn eller adgangskode!";
}
}
?>
<form action="login.php" method="post">
<input type="text" name="username" placeholder="Username">
<input type="password" name="password" placeholder="Password">
<input type="submit" value="Login">
<p><?=$errormessage;?></p>
</form>
Anyone know how to do this? :)
You will need to combine it with AJAX or jQuery codes.
It is not only php!
Check this out:
- jquery login form in div without refreshing whole page
function myBad() {
$.post("http://localhost/vivsang/logbase.php", {
login : $("#mylogin").serialize()
}, function (login) {
if (login == 'true') {
window.location = 'home.php';
} else {
alert('Wrong username or password!');
}
});
Use this jQuery code for login. You must understand first where to put it and how to use it.
My script doesn't saves the value into a $_SESSION, how is that possible?
Whenever my users login, i try to place their username into a session.
My only problem is when i use var_dump($_SESSION['user_name']); to debug and reveal the current value on the end page, i just keep receiving NULL.
Could someone help me out?
Here is my code:
<? php
include_once('../db/config.php');
session_start();
$error = '';
if (isset($_POST['submit'])) {
if (empty($_POST['isamp_username']) || empty($_POST['isamp_password'])) {
$error = "Username or Password is invalid!";
} else {
$isamp = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
$username = stripslashes($username);
$password = stripslashes($password);
$username = $isamp - > real_escape_string($username);
$password = $isamp - > real_escape_string($password);
$username = $_POST['isamp_username'];
$nopassword = $_POST['isamp_password'];
$password_hash = hash('whirlpool', $nopassword);
$password = strtoupper($password_hash); // <- Also for the Register!
$sql = "select * from users where password='$password' AND username='$username'";
$result = $isamp - > query($sql) or trigger_error($isamp - > error." [$sql]"); /* i have added the suggestion from MY Common Sence */
if ($result - > num_rows == 1) {
$_SESSION['user_name'] = $username;
header("Location: ../../index.php");
} else {
$error = "Username or Password is invalid!";
}
$isamp - > close();
}
} ?>
My HTML:
<?php
include('login.php');
?>
<h2>iSAMP</h2>
<hr/>
<form action="" method="post">
<label>Username :</label>
<input type="text" name="isamp_username" id="name" placeholder="Username"/><br /><br />
<label>Password :</label>
<input type="password" name="isamp_password" id="isamp_password" placeholder="*******"/><br/><br />
<input type="submit" value=" Login " name="submit"/><br />
<span><?php echo $error; ?></span>
</form>
In your first php script, move the session_start() above the include statement.
In your html file, add session_start(); above the include statement.
i am creating a login form and logout with sessions but when i try to login browser display an error ( i think the error is in the logged function )
anyone can help me because it make me crazy.....
**The page isn't redirecting properly
Firefox has that the server is redirecting the request for this address in a way that will never detected complete.
This problem can sometimes be caused by disabling or refusing to accept
cookies.**
login.php
<?php
ob_start();
require_once('functions.php');
if(loggedin()){
header("Location: userarea.php");
exit();
}
if(isset($_POST['login'])){
//get data
$username = $_POST['username'];
$password = $_POST['password'];
$rememberme = $_POST['rememberme'];
if($username && $password){
$login = mysql_query("SELECT * FROM rememberme WHERE username = '$username'");
while($row = mysql_fetch_assoc($login)){
$db_password = $row['password'];
if($password == $db_password)
$loginok = TRUE;
else
$loginok = FALSE;
if($loginok == TRUE){
if($rememberme == "on"){
setcookie("username", $username, time()+7200);
}else if($rememberme == "")
$_SESSION['username'] = $username;
header("Location: userarea.php");
exit();
}else{
die("incorrect username/password combination");
}
}
}else
die("please enter a username and password");
exit();
}
?>
<form action="login.php" method="post">
<p>Username<br />
<input type="text" name="username" />
</p>
<p> Password<br />
<input type="password" name="password" />
</p>
<p>
<input type="checkbox" name="rememberme">
Remember me<br />
<input type="submit" name="login" value="Log in" />
</p>
</form>
<?php ob_flush(); ?>
function.php
<?php
//session
session_start();
// connect to database
mysql_connect("localhost", "root", "") or die("could not connect to database");
mysql_select_db("rememberme") or die("could not select database");
// login check function
function loggedin()
{
$loggedin = false;
if(isset($_SESSION['username'])||isset($_COOKIE['username']))
{
$loggedin = TRUE;
}
return $loggedin;
}
?>
userarea.php
<?php
//session
session_start();
// connect to database
mysql_connect("localhost", "root", "") or die("could not connect to database");
mysql_select_db("rememberme") or die("could not select database");
// login check function
function loggedin()
{
if(isset($_SESSION['username'])||isset($_COOKIE['username'])){
$loggedin = TRUE;
return $loggedin;
}
}
?>
You have same function in two files.
function loggedin()
Try
function loggedin()
{
$loggedin = false;
if(isset($_SESSION['username'])||isset($_COOKIE['username']))
{
$loggedin = TRUE;
}
return $loggedin;
}
If you if conditions not satisfied your function will not return true or false, so you need to set initial value to false and then overwrite it if if condition satisfied.
Login.php
<?php
require_once('functions.php');
if(isset($_POST['login']))
{
$username = $_POST['username'];
$password = $_POST['password'];
$rememberme = $_POST['rememberme'];
if($username && $password)
{
$login = mysql_query("SELECT * FROM rememberme WHERE username = '".$username."'");
while($row = mysql_fetch_assoc($login))
{
$db_password = $row['password'];
if($password == $db_password)
$loginok = TRUE;
else
$loginok = FALSE;
if($loginok == TRUE)
{
if($rememberme == "on")
{
setcookie("username", $username, time()+7200);
}
else if($rememberme == "")
{
$_SESSION['username'] = $username;
header("Location: userarea.php");
exit();
}
}
else
{
die("incorrect username/password combination");
}
}
}
else
{
die("please enter a username and password");
exit();
}
}
?>
<form action="login.php" method="post">
<p>Username<br />
<input type="text" name="username" />
</p>
<p>Password<br />
<input type="password" name="password" />
</p>
<p>
<input type="checkbox" name="rememberme">
Remember me<br />
<input type="submit" name="login" value="Log in" />
</p>
</form>
<?php ob_flush(); ?>
functions.php
<?php
ob_start();
session_start();
error_reporting(E_ALL);
ini_set('display_errors','On');
mysql_connect("localhost", "root", "") or die("could not connect to database");
mysql_select_db("rememberme") or die("could not select database");
// login check function
if(loggedin())
{
header("Location: userarea.php");
exit();
}
function loggedin()
{
$loggedin = false;
if(isset($_SESSION['username'])||isset($_COOKIE['username']))
{
$loggedin = TRUE;
}
return $loggedin;
}
?>
userarea.php
<?php
require_once "functions.php";
echo "after login";
?>
I'm currently using a modified version of a login script I found online.
Can anybody suggest some ways of modularizing the code into functions?
Here is the code for the login page:
<?php
include("db.php");
include("login_fns.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from Form
$username=mysql_real_escape_string($_POST['username']);
$password=mysql_real_escape_string($_POST['password']);
$password=md5($password);
$sql="SELECT * FROM client_login WHERE Username='$username' and Password='$password'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
$row = mysql_fetch_array($result);
$client_ref = $row['Client_ref'];
$user_level = $row['user_level'];
// If result matched $username and $password, table row must be 1 row
if($count==1)
{
$_SESSION['user_level'] = $user_level;
$_SESSION['client_ref'] = $client_ref;
$_SESSION['user'] = $username;
if ($user_level == '1') {
header('Location: admin.php');
} else {
header('Location: myaccount.php');
}
}
else
{
echo "Error logging in!";
}
}
?>
<form action="login.php" method="post">
<label>UserName :</label>
<input type="text" name="username"/><br />
<label>Password :</label>
<input type="password" name="password"/><br/>
<input type="submit" value=" Login "/><br />
</form>
Ideally, I'd like a function for the user account search and the session setting. I previously tried to copy snippets of this code into a separate php functions file, but it didn't seem to work.
What do you think about this? :)
The function
<?php
function checkLogin($username, $password) {
global $bd;
$returnArray=array();
$username=mysqli_real_escape_string($bd, $username);
$password=md5($password);
$getUser=mysqli_query($bd, "SELECT `Client_ref`,`user_level` FROM client_login WHERE Username='$username' and Password='$password'");
$arrayUser=mysqli_fetch_array($getUser);
if(mysqli_num_rows($getUser) == 0)
{
$returnArray['error']='true';
$returnArray['errormsg']='User not found in the database.';
return $returnArray;
}
$returnArray['Client_ref']=$row['Client_ref'];
$returnArray['user_level']=$row['user_level'];
return $returnArray;
}
?>
Rest of the code
<?php
include("db.php");
include("login_fns.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$username=$_POST['username'];
$password=$_POST['password'];
$loginArray=checkLogin($username, $password);
if(!isset($loginArray['error']))
{
$_SESSION['user_level'] = $loginArray['Client_ref'];
$_SESSION['client_ref'] = $loginArray['user_level'];
$_SESSION['user'] = $username;
if($loginArray['user_level'] == '1')
{
header('Location: admin.php');
}
else
{
header('Location: myaccount.php');
}
}
else
{
echo "Error logging in!";
echo "The detailed error message is: ".$returnArray['errormsg'];
}
}
?>
<form action="login.php" method="post">
<label>UserName :</label>
<input type="text" name="username"/><br />
<label>Password :</label>
<input type="password" name="password"/><br/>
<input type="submit" value=" Login "/><br />
</form>