Hi Im having trouble logging into the live site. The below works perfectly in my testing environment but as soon as I test it on the live domain when I enter in the login details and submit it just clears the login form and does not login. I have checked the database after registering an account and it store the username and encrypted pass just as it stores it in my testing database. Any help will be appreciated. My register.php is as follows:
<?php
include('connect.php');
//Define variable submitted by the form
$Register = $_POST['register'];
$title = $_POST['title'];
$name = $_POST['name'];
$surname = $_POST['surname'];
$email = $_POST['email'];
$username = $_POST['username'];
$password1 = $_POST['password'];
$password2 = $_POST['conf_password'];
$EncPass = sha1($password1);
if (isset($_POST['register'])) { //check if submit button was selected
if($name == "" or $surname == "" or $username == "" or $password1 == "" or $password2 == ""){ //check if fields in the form is empty
echo "<p align = 'center'>Please enter all required fields</p>";
}
else{
$result = mysqli_query($connection,"SELECT username FROM member WHERE username='$username'"); //selects the username from the user table in the database that is the same as the username submitted by the form
$num_rows = mysqli_num_rows($result); //checks the number of rows with this username
if($num_rows > 0){ //if number of rows is more than 0, the below will be displayed
echo "<p align='center'>The user $username already exists! Proceed to <a href=login.php>Login</a></p>";
}
else{
if($password1 == $password2){ //check if the passwords match
//Create query
$query = "INSERT INTO member (title, name, surname, email, username, password) VALUES ('$title', '$name', '$surname', '$email', '$username', '$EncPass')"; //inserts the data that was entered in the form into the user table
$result = mysqli_query($connection,$query);
if($result){ //if the query is successful, the below will be displayed
echo "<p align='center'>Registration Succesful. Proceed to <a href=index.php>Login</a>!</p>";
}
}
else{
echo "<p align='center'>The Passwords does not match! Please try again</p>"; //Print a message to the user that passwords do no match
}
}
}
}
?>
index.php:
<?php
include('connect.php');
//Define variable submitted by the form
$Login = $_POST['login'];
$username = $_POST['username'];
$password1 = $_POST['password'];
$EncPass = sha1($password1);
if (isset($_POST['login'])) { //if submit button is clicked, the below query will run
$result = mysqli_query($connection,"SELECT * FROM member WHERE username='$username' AND password='$EncPass'"); //query to check if username and password matches what is stored in the user table
if($result) {
if(mysqli_num_rows($result)) {
session_start(); // start a session
$_SESSION['username'] = "$username"; //store username in the session
header("location:members_area.php"); // redirects to the members area
}
else
echo "<p align = 'center'>Incorect login! Please try again, or proceed to <a href='register.php'> Register </a></p>";
}
}
?>