I ran into some problems in the login. The index page shows this: <form action="login/login.php" method="post"> <label for="login-username" style="float: left; margin: 0px 0px 0px 5px;">Username:</label><br /> <input type="text" name="username" id="login-username" value="" style="float: left; margin: 0px 0px 0px 5px; border: 1px solid #7A1010; color: #7A1010;" /> <label for="login-password" style="float: left; margin: 0px 0px 0px 5px;" >Password:</label><br /> <input type="password" name="password" id="login-password" value="" style="float: left; margin: 0px 0px 0px 5px; border: 1px solid #7A1010; color: #7A1010;" /><br /> <br /> <label for="login-remember" style="float: left; margin: 0px 0px 0px 5px;">Remember me?</label> <input type="checkbox" name="remember" id="login-remember" style="float: left; margin: 5px 0px 0px 5px;" /><br /> <input type="submit" value="Login" style="float: left; margin: 0px 0px 0px 5px; background-color: #7A1010; color: #EAE8C8;" /> </form> PHP: The form leads to here: <?php // Database connection file require_once("includefiles/dbconnection.php"); $un=isset($_POST['username']) ? $_POST['username'] : ""; $pw=isset($_POST['password']) ? $_POST['password'] : ""; echo "Hellooooooo!!!!!!!!!!!!".$un." ".$pw; // Form submitted? if($_SERVER['REQUEST_METHOD'] == "POST"){ $errors = array(); // Validate form foreach($_POST as $key => $value){ if(empty($value)){ $errors[$key] = $key . " was empty"; } } // If no errors, continue if(count($errors) == 0){ $sql = sprintf("SELECT usergroup AS success FROM {$dbTable} WHERE username='%s' AND password=MD5('%s')", $un, $pw; extract(mysql_fetch_assoc(mysql_query($sql))); //echo $sql; // If this is not set, there was an error if(!isset($success)){ $errors[] = "that username and password combination are incorrect"; }else{ // Remember me? if(isset($_POST['remember'])){ setcookie("login", $_POST['username'] . ":" . $success, time() + (3600 * 24 * 30)); // store for 30 days } // Log the user in $_SESSION['login'] = true; $_SESSION['username'] = $_POST['username']; $_SESSION['group'] = $success; $_SESSION['just_logged_in'] = true; // to display a message // Redirect back to the main page $redirect = true; unset($errors); } } }else{ // The form was not submitted, so they shouldn't be here $redirect = true; } // Redirect if needed if(isset($redirect)){ header("Location: " . $baseURL); exit; } include("login-form.php"); ?> PHP: But this page shows blank.
Can fix this. MSG me online: AIM: WhiteCollar18 GTalk: WhiteCollar18 [@] gmail.com Skype: WhiteCollar18 MSN: WhiteCollar18 [@] hotmail.com Yahoo: WhiteCollar18 [@] yahoo.com
<?php error_reporting(E_ALL); // Database connection file require_once("includefiles/dbconnection.php"); $un=isset($_POST['username']) ? $_POST['username'] : ""; $pw=isset($_POST['password']) ? $_POST['password'] : ""; // Form submitted? if($_SERVER['REQUEST_METHOD'] == "POST"){ $errors = array(); // Validate form foreach($_POST as $key => $value){ if(empty($value)){ $errors[$key] = $key . " was empty"; } } // If no errors, continue if(count($errors) == 0){ $sql = sprintf("SELECT usergroup AS success FROM {$dbTable} WHERE username='%s' AND password=MD5('%s')", $un, $pw); extract(mysql_fetch_assoc(mysql_query($sql))); //echo $sql; // If this is not set, there was an error if(!isset($success)){ $errors[] = "that username and password combination are incorrect"; }else{ // Remember me? if(isset($_POST['remember'])){ setcookie("login", $un . ":" . $success, time() + (3600 * 24 * 30)); // store for 30 days } // Log the user in $_SESSION['login'] = true; $_SESSION['username'] = $un; $_SESSION['group'] = $success; $_SESSION['just_logged_in'] = true; // to display a message // Redirect back to the main page $redirect = true; unset($errors); } } }else{ // The form was not submitted, so they shouldn't be here $redirect = true; } // Redirect if needed if(isset($redirect)){ header("Location: " . $baseURL); exit; } include("login-form.php"); ?> PHP: As it redirects it's not logging in.
Here is a simple one i just create, i have not tested it so it may not work. If it does not work, just let me know. <?php error_reporting(E_ALL); require_once("includefiles/dbconnection.php"); function protect($value){ $value = mysql_real_escape_string($value); $value = htmlentities($value); $value = trim($value); return $value; } $username = protect($_POST['username']); $password = protect($_POST['password']); if($username == "" || $password == ""){ echo "<font color='red'>Sorry, please enter your <b>Username</b> and <b>Password</b>."; $errors == true; } if($errors == false){ $sql = mysql_query("SELECT * FROM " . $dbTable . " WHERE `username` = " . $username . " AND `password` = " . md5($password)) or die(mysql_error()); $fetch = mysql_fetch_array($sql); if(mysql_num_rows($sql) == 1){ $_SESSION['login'] = true; $_SESSION['username'] = $username; $_SESSION['just_logged_in'] = true; header("Location: " . $baseURL); echo "<font color='green'>Success, you have logged in.</font>"; exit(); } else { echo "<font color='red'>Sorry, that there is no such account with that <b>Username</b> and <b>Password</b>."; } } include("login-form.php"); ?> PHP: I hope it works.
Instead of using isset(), use empty() to evaluate if it is set and to see if it has a null value at the same time.