Jump to content


New Members
  • Posts

  • Joined

  • Last visited

Everything posted by kwaabs

  1. Hi, I need some help. I dont really know what is wrong with my code. It seems not to work. The reg.php does not send the data into the database and the log in can not query the database either. I need help. HELP ME PLEASE <?php require 'database-config.php'; session_start(); $username = ""; $password = ""; if(isset($_POST['username'])){ $username = $_POST['username']; } if (isset($_POST['password'])) { $password = $_POST['password']; } echo $username ." : ".$password; $q = 'SELECT * FROM users WHERE username=:username AND password=:password'; $query = $dbh->prepare($q); $query->execute(array(':username' => $username, ':password' => $password)); if($query->rowCount() == 0){ header('Location: index.php?err=1'); }else{ $row = $query->fetch(PDO::FETCH_ASSOC); session_regenerate_id(); $_SESSION['sess_user_id'] = $row['id']; $_SESSION['sess_username'] = $row['username']; $_SESSION['sess_userrole'] = $row['role']; echo $_SESSION['sess_userrole']; session_write_close(); if( $_SESSION['sess_userrole'] == "admin"){ header('Location: adminhome.php'); }else{ header('Location: userhome.php'); } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Bootstrap 101 Template</title> <!-- Bootstrap --> <link href="css/bootstrap.min.css" rel="stylesheet"> <link href="css/style.css" rel="stylesheet"> <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries --> <!-- WARNING: Respond.js doesn't work if you view the page via file:// --> <!--[if lt IE 9]> <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script> <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script> <![endif]--> <style> body { background-color: white; padding-top: 40px; } .input-group-addon { background-color: rgb(50, 118, 177); border-color: rgb(40, 94, 142); color: rgb(255, 255, 255); } .form-control:focus { background-color: rgb(50, 118, 177); border-color: rgb(40, 94, 142); color: rgb(255, 255, 255); } .form-signup input[type="text"],.form-signup input[type="password"] { border: 1px solid rgb(50, 118, 177); } </style> </head> <body> <div class="container"> <div class="row"> <div class="col-md-6 col-md-offset-3"> <div class="panel panel-default"> <div class="panel-body"> <form class="form-horizontal" method="POST" action="process_user.php"> <fieldset> <!-- Form Name --> <legend>User registration</legend> <!-- Text input--> <div class="form-group"> <label class="col-md-4 control-label" for="user">Username:</label> <div class="col-md-6"> <input id="user" name="username" type="text" placeholder="" class="form-control input-md" required=""> </div> </div> <!-- Password input--> <div class="form-group"> <label class="col-md-4 control-label" for="pass">Password:</label> <div class="col-md-6"> <input id="pass" name="password" type="password" placeholder="" class="form-control input-md" required=""> </div> </div> <!-- Multiple Radios (inline) --> <div class="form-group"> <label class="col-md-4 control-label" for="user_type">User type:</label> <div class="col-md-4"> <label class="radio-inline" for="user_type-0"> <input type="radio" name="user_type" id="user_type-0" value="admin" > Admin </label> <label class="radio-inline" for="user_type-1"> <input type="radio" name="user_type" id="user_type-1" value="user"> User </label> </div> </div> <!-- Button --> <div class="form-group"> <label class="col-md-4 control-label" for="submit"></label> <div class="col-md-4"> <button id="submit" name="submit" class="btn btn-primary">Create new user</button> </div> </div> </fieldset> </form> </div> </div> </div> </div> </div> </body> </html> <?php require 'database-config.php'; if(!empty($_POST)) { // Ensure that the user has entered a non-empty username if(empty($_POST['username'])) { die("Please enter a username."); } // Ensure that the user has entered a non-empty password if(empty($_POST['password'])) { die("Please enter a password."); } $query = " SELECT id FROM users WHERE username = :username "; $query_params = array( ':username' => $_POST['username'] ); try { // These two statements run the query against your database table. $stmt = $dbh->prepare($query); $result = $stmt->execute($query_params); } catch(PDOException $ex) { die("Failed to run query: " . $ex->getMessage()); } $row = $stmt->fetch(); if($row) { die("This username is already in use"); } $query = " INSERT INTO users ( username, password, salt, role ) VALUES ( :username, :password, :salt, :user_type ) "; $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647)); $password = hash('sha256', $_POST['password'] . $salt); $query_params = array( ':username' => $_POST['username'], ':password' => $password, ':salt' => $salt, ':role' => $_POST['user_type'] ); try { $stmt = $dbh->prepare($query); $result = $stmt->execute($query_params); } catch(PDOException $ex) { die("Failed to run query: " . $ex->getMessage()); } header("Location: index.php"); die("Redirecting to index"); } ?>
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.