Jump to content

need help with a login in php


Andrew12313413

Recommended Posts

<?php

/*** begin the session ***/
session_start();

if(!isset($_SESSION['user_id']))
{
    $message = 'You must be logged in to access this page';

}
else
{
    try
    {
        /*** connect to database ***/
        /*** mysql hostname ***/
        $mysql_hostname = 'localhost';

        /*** mysql username ***/
        $mysql_username = 'root';

        /*** mysql password ***/
        $mysql_password = 'root';

        /*** database name ***/
        $mysql_dbname = 'login';


        /*** select the users name from the database ***/
        $dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
        /*** $message = a message saying we have connected ***/

        /*** set the error mode to excptions ***/
        $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

        /*** prepare the insert ***/
        $stmt = $dbh->prepare("SELECT phpro_username FROM phpro_users 
        WHERE phpro_user_id = :phpro_user_id");

        /*** bind the parameters ***/
        $stmt->bindParam(':phpro_user_id', $_SESSION['user_id'], PDO::PARAM_INT);

        /*** execute the prepared statement ***/
        $stmt->execute();

        /*** check for a result ***/
        $phpro_username = $stmt->fetchColumn();

        /*** if we have no something is wrong ***/
        if($phpro_username == false)
        {
            $message = 'Access Error';
        }
        else
        {
            $message = 'Welcome '.$phpro_username;
        }
    }
    catch (Exception $e)
    {
        /*** Error!! ***/
        $message = 'We are unable to process your request. Please try again later"';
    }
}


?>

<html>
<head>
<title>My Account</title>
<link rel="stylesheet" type="text/css" href="css/main.css" />
</head>
<body>
<h3><?php echo $message; ?></h3>


</body>
</html>

members.php

<html> <head> <title>Log in</title> </head> <body> <h2>Login Here</h2> <form action="login_submit.php" method="post"> <fieldset> <p> <label for="phpro_username">Username</label> <input type="text" id="phpro_username" name="phpro_username" value="" maxlength="20" /> </p> <p> <label for="phpro_password">Password</label> <input type="text" id="phpro_password" name="phpro_password" value="" maxlength="20" /> </p> <p> <input type="submit" value="Login" /> </p> </fieldset> </form> </body> </html>

login.php

<?php

/*** begin our session ***/
session_start();

/*** check if the users is already logged in ***/
if(isset( $_SESSION['user_id'] ))
{
    $message = 'Users is already logged in';
}
/*** check that both the username, password have been submitted ***/
if(!isset( $_POST['phpro_username'], $_POST['phpro_password']))
{
    $message = 'Please enter a valid username and password';
}
/*** check the username is the correct length ***/
elseif (strlen( $_POST['phpro_username']) > 20 || strlen($_POST['phpro_username']) < 4)
{
    $message = 'Incorrect Length for Username';
}
/*** check the password is the correct length ***/
elseif (strlen( $_POST['phpro_password']) > 20 || strlen($_POST['phpro_password']) < 4)
{
    $message = 'Incorrect Length for Password';
}
/*** check the username has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['phpro_username']) != true)
{
    /*** if there is no match ***/
    $message = "Username must be alpha numeric";
}
/*** check the password has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['phpro_password']) != true)
{
        /*** if there is no match ***/
        $message = "Password must be alpha numeric";
}
else
{
    /*** if we are here the data is valid and we can insert it into database ***/
    $phpro_username = filter_var($_POST['phpro_username'], FILTER_SANITIZE_STRING);
    $phpro_password = filter_var($_POST['phpro_password'], FILTER_SANITIZE_STRING);

    /*** now we can encrypt the password ***/
    $phpro_password = sha1( $phpro_password );
    
    /*** connect to database ***/
    /*** mysql hostname ***/
    $mysql_hostname = 'localhost';

    /*** mysql username ***/
    $mysql_username = 'root';

    /*** mysql password ***/
    $mysql_password = 'root';

    /*** database name ***/
    $mysql_dbname = 'login';

    try
    {
        $dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
        /*** $message = a message saying we have connected ***/

        /*** set the error mode to excptions ***/
        $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

        /*** prepare the select statement ***/
        $stmt = $dbh->prepare("SELECT phpro_user_id, phpro_username, phpro_password FROM phpro_users 
                    WHERE phpro_username = :phpro_username AND phpro_password = :phpro_password");

        /*** bind the parameters ***/
        $stmt->bindParam(':phpro_username', $phpro_username, PDO::PARAM_STR);
        $stmt->bindParam(':phpro_password', $phpro_password, PDO::PARAM_STR, 40);

        /*** execute the prepared statement ***/
        $stmt->execute();

        /*** check for a result ***/
        $user_id = $stmt->fetchColumn();

        /*** if we have no result then fail boat ***/
        if($user_id == false)
        {
                $message = 'Login Failed';
        }
        /*** if we do have a result, all is well ***/
        else
        {
                /*** set the session user_id variable ***/
                $_SESSION['user_id'] = $user_id;

                /*** tell the user we are logged in ***/
                $message = 'You are now logged in';
		
        }


    }
    catch(Exception $e)
    {
        /*** if we are here, something has gone wrong with the database ***/
        $message = 'We are unable to process your request. Please try again later"';
    }
}
?>

<html>
<head>
</head>
<body>
<p><?php echo $message; ?>

</body>
</html>

login_sumbit.php

 

 

 

I am unable to see the 

 

$message = 'Welcome '.$phpro_username;

 

that the successful login should be generating

Link to comment
Share on other sites

members.php

<?php

/*** begin the session ***/
session_start();

if(!isset($_SESSION['user_id']))
{
    $message = 'You must be logged in to access this page';

}
else
{
    try
    {
        /*** connect to database ***/
        /*** mysql hostname ***/
        $mysql_hostname = 'localhost';

        /*** mysql username ***/
        $mysql_username = 'root';

        /*** mysql password ***/
        $mysql_password = 'root';

        /*** database name ***/
        $mysql_dbname = 'login';


        /*** select the users name from the database ***/
        $dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
        /*** $message = a message saying we have connected ***/

        /*** set the error mode to excptions ***/
        $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

        /*** prepare the insert ***/
        $stmt = $dbh->prepare("SELECT phpro_username FROM phpro_users 
        WHERE phpro_user_id = :phpro_user_id");

        /*** bind the parameters ***/
        $stmt->bindParam(':phpro_user_id', $_SESSION['user_id'], PDO::PARAM_INT);

        /*** execute the prepared statement ***/
        $stmt->execute();

        /*** check for a result ***/
        $phpro_username = $stmt->fetchColumn();

        /*** if we have no something is wrong ***/
        if($phpro_username == false)
        {
            $message = 'Access Error';
        }
        else
        {
            $message = 'Welcome '.$phpro_username;
        }
    }
    catch (Exception $e)
    {
        /*** Error!! ***/
        $message = 'We are unable to process your request. Please try again later"';
    }
}


?>

<html>
<head>
<title>My Feed</title>
<link rel="stylesheet" type="text/css" href="css/main.css" />
</head>
<body>
<h3><?php echo $message; ?></h3>


</body>
</html>

login.php

<html> <head> <title>Log into Friend Konnect</title> </head> <body> <h2>Login Here</h2> <form action="login_submit.php" method="post"> <fieldset> <p> <label for="phpro_username">Username</label> <input type="text" id="phpro_username" name="phpro_username" value="" maxlength="20" /> </p> <p> <label for="phpro_password">Password</label> <input type="text" id="phpro_password" name="phpro_password" value="" maxlength="20" /> </p> <p> <input type="submit" value="Login" /> </p> </fieldset> </form> </body> </html>

login_submit.php

<?php

/*** begin our session ***/
session_start();

/*** check if the users is already logged in ***/
if(isset( $_SESSION['user_id'] ))
{
    $message = 'Users is already logged in';
}
/*** check that both the username, password have been submitted ***/
if(!isset( $_POST['phpro_username'], $_POST['phpro_password']))
{
    $message = 'Please enter a valid username and password';
}
/*** check the username is the correct length ***/
elseif (strlen( $_POST['phpro_username']) > 20 || strlen($_POST['phpro_username']) < 4)
{
    $message = 'Incorrect Length for Username';
}
/*** check the password is the correct length ***/
elseif (strlen( $_POST['phpro_password']) > 20 || strlen($_POST['phpro_password']) < 4)
{
    $message = 'Incorrect Length for Password';
}
/*** check the username has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['phpro_username']) != true)
{
    /*** if there is no match ***/
    $message = "Username must be alpha numeric";
}
/*** check the password has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['phpro_password']) != true)
{
        /*** if there is no match ***/
        $message = "Password must be alpha numeric";
}
else
{
    /*** if we are here the data is valid and we can insert it into database ***/
    $phpro_username = filter_var($_POST['phpro_username'], FILTER_SANITIZE_STRING);
    $phpro_password = filter_var($_POST['phpro_password'], FILTER_SANITIZE_STRING);

    /*** now we can encrypt the password ***/
    $phpro_password = sha1( $phpro_password );
    
    /*** connect to database ***/
    /*** mysql hostname ***/
    $mysql_hostname = 'localhost';

    /*** mysql username ***/
    $mysql_username = 'root';

    /*** mysql password ***/
    $mysql_password = 'root';

    /*** database name ***/
    $mysql_dbname = 'login';

    try
    {
        $dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
        /*** $message = a message saying we have connected ***/

        /*** set the error mode to excptions ***/
        $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

        /*** prepare the select statement ***/
        $stmt = $dbh->prepare("SELECT phpro_user_id, phpro_username, phpro_password FROM phpro_users 
                    WHERE phpro_username = :phpro_username AND phpro_password = :phpro_password");

        /*** bind the parameters ***/
        $stmt->bindParam(':phpro_username', $phpro_username, PDO::PARAM_STR);
        $stmt->bindParam(':phpro_password', $phpro_password, PDO::PARAM_STR, 40);

        /*** execute the prepared statement ***/
        $stmt->execute();

        /*** check for a result ***/
        $user_id = $stmt->fetchColumn();

        /*** if we have no result then fail boat ***/
        if($user_id == false)
        {
                $message = 'Login Failed';
        }
        /*** if we do have a result, all is well ***/
        else
        {
                /*** set the session user_id variable ***/
                $_SESSION['user_id'] = $user_id;

                /*** tell the user we are logged in ***/
                $message = 'You are now logged in';
		
        }


    }
    catch(Exception $e)
    {
        /*** if we are here, something has gone wrong with the database ***/
        $message = 'We are unable to process your request. Please try again later"';
    }
}
?>

<html>
<head>
<title>Friend Konnect</title>
</head>
<body>
<p><?php echo $message; ?>

</body>
</html>
Link to comment
Share on other sites

Did you read that this is not a code repository?

Please explain what the issue is and what you have done to try to work out what the error is. This looks like you have taken someone else's code and because it doesn't work first time, you want us to sort it out. I don't want to read pages of code in the hope I might find something wrong and that's probably why you have no responses to your post.

 

Start by working out which page of code it is. To do that, use the die() command to stop the process part way through and output variables using echo. Use some logic to check it's doing what it should. Then once you have narrowed it down a bit on your own, post something more specific.

 

That's called debugging.

  • Like 1
Link to comment
Share on other sites

Did you read that this is not a code repository?

Please explain what the issue is and what you have done to try to work out what the error is. This looks like you have taken someone else's code and because it doesn't work first time, you want us to sort it out. I don't want to read pages of code in the hope I might find something wrong and that's probably why you have no responses to your post.

 

Start by working out which page of code it is. To do that, use the die() command to stop the process part way through and output variables using echo. Use some logic to check it's doing what it should. Then once you have narrowed it down a bit on your own, post something more specific.

 

That's called debugging.

Thanks for not being helpful. Don't tell me what to fucking do.

Link to comment
Share on other sites

Andrew12313413, you're not going to get any help with that attitude, gerkintrigg is right, you cant just post random code on the forum and expect people to drop everything and fix it for you.

 

If you do want that then you need to post it in the freelance section and be willing to pay for it, otherwise describe what you have attempted to do to get it to work, and what errors you are getting or what debugging you have done. Spitting your dummy out of your pram helps no one, especially you.

 

This forum is to help people to learn php, not fix scripts for people that they 'found' on the internet

Link to comment
Share on other sites

Thanks for not being helpful. Don't tell me what to fucking do.

 

But that is exactly what you asked for right?  Someone to tell you, why, what, where, and how.

I can see your main question in the title of this thread, that is great, but your post contains nothing but your code(s).  Apparently, members.php is not displaying the username.  Are you sure that your query is correct?  Are you sure that the SESSION is right?

 

gerkintrigg mentioned only one helpful thing, debug.  He forgot to mention and educate you on some basic debugging techniques.

 

For instance, to check your SESSION contents, use this snippet

echo "<pre>", print_r($_SESSION), "</pre>";

You will want to use this snippet to check out most of your variables.  There is also error_reporting, display_errors, var_dump, and just plain echo statements.  If you can't successfully get the username, then either your query isn't returning anything, which should return an error, or your logic is all wrong.

 

EDIT: Also, why are you using fetchColumn() when you could just use fetch() which would give you everything in that row as an array?

Link to comment
Share on other sites

Isn't the whole point of going to a forum such as this to be told what to do?  Methinks you have it wrong if you don't want to be told everything you are doing wrong. 

 

Is that your complete mastery of the English language?  Not much better than your PHP I see.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.