Hi, I am currently working on a site at the moment where the user has to log in, I am working with code from here: http://www.php-mysql-tutorial.com/user-authentication/database.php


<?php
session_start();

$errorMessage = '';
if (isset($_POST['username']) && isset($_POST['password'])) {
include 'mysql_connect.php';

$userId = $_POST['username'];
$password = $_POST['password'];


$sql = "SELECT username FROM profile WHERE username = '$userId' AND password = PASSWORD('$password')";

$result = mysql_query($sql)
or die('Query failed. ' . mysql_error());

if (mysql_num_rows($result) == 1) {
$_SESSION['db_is_logged_in'] = true;
header('Location: memberhome.php');
exit;
} else {
$errorMessage = 'Sorry, wrong user id / password';
}

mysql_close($conn);
}
?>

<html>
<head>
<title>Basic Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<?php include 'header.php'; ?>


<div id="contentarea">
<div id="advert"><a href="#"><img src="images/ad.png" alt="advertisement" /></a></div>
<div id="contentarea_padding">
<div class="content">

<?php if ($errorMessage != '') { ?>
<?php echo $errorMessage; ?>
<?php } ?>

<div class="bannertitles">
<font color="#b7fd3d">log</font><font color="#fded36">in</font>
</div><br/><br/>

<form method="post" name="frmLogin" id="frmLogin">
<div class="inputcontainer">
<div class="label">Username:</div><input type="text" name="username" size="60" maxlength="60" /> </div>
<div class="inputcontainer">
<div class="label">Password:</div><input type="password" name="password" size="60" maxlength="60" /> </div>
<br/><br/>
<div class="inputcontainer"><div align="right">
<input type="submit" name="btnLogin" value="Login"></div></div>
</form>


</div>
</div></div>

<?php include 'sidebar.php'; ?>
<?php include 'footer.php'; ?>
</body>
</html>

and the memberhome.php:

<?php
session_start();

if (!isset($_SESSION['db_is_logged_in'])
|| $_SESSION['db_is_logged_in'] !== true) {

header('Location: login.php');
exit;
}

?>

<?php include 'header.php'; ?>


<div id="contentarea">
<div id="advert"><a href="#"><img src="images/ad.png" alt="advertisement" /></a></div>
<div id="contentarea_padding">
<div class="content">
success
</div>
</div></div>

<?php include 'sidebar.php'; ?>
<?php include 'footer.php'; ?>


The code all looks fine to me, only it doesn't go to memberhome.php when I put in the correct log in details. Is there something I need to change? Any help will be greatly appreciated.

Thanks

Simon

You didn't specify the 'action' parameter for the form.
http://www.w3schools.com/tags/tag_form.asp

I set the action to login.php which is the page with the php and form code, however I still get the same problem. If i set the action to memberhome.php it just goes to that page whatever values I put in.

This is the code that I have on my site to redirect a member after they have logged in,


// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';

This I then follow up with what should happen if login is not successful.

ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.

} else { // No match was made.
echo '<p>Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
}

} else { // If everything wasn't OK.
echo '<p>Please try again.</p>';
}

mysql_close(); // Close the database connection.

I hope you find this useful.

I dont want to be changing the whole code and the code I have looks fine when I read through it, any ideas???

Hi, I am now following this script here: http://www.phpeasystep.com/workshopview.php?id=6

However it only allows me to recognise a password written in text format

<input type="text">

rather than

<input type="password">

Which obviously isnt the right thing to do on a site, so does anybody know how I get the php/mysql to recognise the text of the password.

Thanks

No matter, I sorted it, I didnt set the action to the right page. Thanks