Jump to content

Can anyone tell me if this code is correct?

Robert Elsdon

By Robert Elsdon
in PHP Coding Help

 Share

Recommended Posts

Robert Elsdon Member

Robert Elsdon

Posted
Posted

If not will you please fix and post it again?

 

<?php
session_start();//At the start!
include "dbConfig.php";
?>
<head>
<title>Welcome To UltimateRavers.Net, Your Ultimate Online Raving Destiny!</title>
<style type="text/css">
@import "stylesheet.css";
</style>

if ($_GET["op"] == "login")
{
if (!$_POST["username"] || !$_POST["password"])
  {
  die("You need to provide a username and password.");
  }

// Create query
$q = "SELECT * FROM `dbUsers` "
  ."WHERE `username`='".$_POST["username"]."' "
  ."AND `password`=PASSWORD('".$_POST["password"]."') "
  ."LIMIT 1";
// Run query
$r = mysql_query($q);

if ( $obj = @mysql_fetch_object($r) )
  {
  // Login good, create session variables
  $_SESSION["valid_id"] = $obj->id;
  $_SESSION["valid_user"] = $_POST["username"];
  $_SESSION["valid_time"] = time();

  // Redirect to member page
  Header("Location: home.php");
  }
else
  {
  // Login not successful
  die("Sorry, You have enterd a wrong Username or Paswword please try again and be more carefull with your spelling!");
  }
}
else
{

echo "<body bgcolor=\"#666666\">";
echo "<center>";
echo '<font size="2" face="verdana" color="#3d3d3d">';
echo "<form action=\"?op=login\" method=\"POST\">";
echo "Username<br /><input name=\"username\" size=\"15\"><br />
";
echo "Password<br /><input type=\"password\" name=\"password\" size=\"15\"><br />
";
echo "<input type=\"submit\" value=\"Login\">";
echo "</form>";
echo "</font>";
}
?>
<a href="register.php">Click Here To Register!

DyslexicDog Newbie

DyslexicDog

Posted
Posted

Try this

 

<?php
session_start();//At the start!
include "dbConfig.php";
?>
<head>
<title>Welcome To UltimateRavers.Net, Your Ultimate Online Raving Destiny!</title>
<style type="text/css">
@import "stylesheet.css";
</style>
<?php
if ($_GET["op"] == "login")
{
if (!$_POST["username"] || !$_POST["password"])
  {
  die("You need to provide a username and password.");
  }

// Create query
$q = "SELECT * FROM `dbUsers` "
  ."WHERE `username`='".$_POST["username"]."' "
  ."AND `password`=PASSWORD('".$_POST["password"]."') "
  ."LIMIT 1";
// Run query
$r = mysql_query($q);

if ( $obj = @mysql_fetch_object($r) )
  {
  // Login good, create session variables
  $_SESSION["valid_id"] = $obj->id;
  $_SESSION["valid_user"] = $_POST["username"];
  $_SESSION["valid_time"] = time();

  // Redirect to member page
  Header("Location: home.php");
  }
else
  {
  // Login not successful
  die("Sorry, You have enterd a wrong Username or Paswword please try again and be more carefull with your spelling!");
  }
}
else
{

echo "<body bgcolor=\"#666666\">";
echo "<center>";
echo '<font size="2" face="verdana" color="#3d3d3d">';
echo "<form action=\"?op=login\" method=\"POST\">";
echo "Username<br /><input name=\"username\" size=\"15\"><br />
";
echo "Password<br /><input type=\"password\" name=\"password\" size=\"15\"><br />
";
echo "<input type=\"submit\" value=\"Login\">";
echo "</form>";
echo "</font>";
}
?>
<a href="register.php">Click Here To Register!

rhodesa Newbie

rhodesa

Posted
Posted

The biggest issue is that you can't use header() after output is sent to the screen...try this instead:

 

<?php
  session_start();//At the start!
  include "dbConfig.php";

  $error = '';
  if($_SERVER['REQUEST_METHOD'] == 'POST')
  {
    if(!empty($_POST["username"]) && !empty($_POST["password"]))
    {
      // Create query
      $q = "SELECT * FROM `dbUsers` "
          ."WHERE `username`='".mysql_real_escape_string($_POST["username"])."' "
          ."AND `password`=PASSWORD('".mysql_real_escape_string($_POST["password"])."') "
          ."LIMIT 1";
      // Run query
      $r = mysql_query($q);
      if ( $obj = @mysql_fetch_object($r) )
      {
        // Login good, create session variables
        $_SESSION["valid_id"] = $obj->id;
        $_SESSION["valid_user"] = $_POST["username"];
        $_SESSION["valid_time"] = time();

        // Redirect to member page
        header("Location: home.php");
        exit;
      }else
        $error = "Sorry, You have enterd a wrong Username or Paswword please try again and be more carefull with your spelling!";
    }else
      $error = "You need to provide a username and password.";
  }
?>
<html>
  <head>
    <title>Welcome To UltimateRavers.Net, Your Ultimate Online Raving Destiny!</title>
    <style type="text/css">
@import "stylesheet.css";
    </style>
  </head>
  <body bgcolor="#666666">
    <center>
      <font size="2" face="verdana" color="#3d3d3d">
        <?php echo $error; ?>
        <form method="POST">
          Username<br /><input name="username" size="15"><br />
          Password<br /><input type="password" name="password" size="15"><br />
          <input type="submit" value="Login">
        </form>";
      </font>
      <a href="register.php">Click Here To Register!</a>
    </center>
  </body>
</html>

rarebit Regular Member

rarebit

Posted
Posted

mmm or this way...

<?php
session_start();//At the start!
include "dbConfig.php";

$flag = 0;
if ($_GET["op"] == "login")
{
if ($_POST["username"] && $_POST["password"])
{
	// Create query
	$q = "SELECT * FROM `dbUsers` "
		."WHERE `username`='".$_POST["username"]."' "
		."AND `password`=PASSWORD('".$_POST["password"]."') "
		."LIMIT 1";
	// Run query
	$r = mysql_query($q);
	if ( $obj = @mysql_fetch_object($r) )
	{
		// Login good, create session variables
		$_SESSION["valid_id"] = $obj->id;
		$_SESSION["valid_user"] = $_POST["username"];
		$_SESSION["valid_time"] = time();
		// Redirect to member page
		Header("Location: home.php");
	}
	else
	{
	$flag = 2;
	}
}
else
{
	$flag = 1;
}
}

echo "<head>
<title>Welcome To UltimateRavers.Net, Your Ultimate Online Raving Destiny!</title>
<style type='text/css'>
@import 'stylesheet.css';
</style>";

if($flag ==1)
{
echo "You need to provide a username and password.<br>";
}
elseif($flag==2)
{
echo "Sorry, You have enterd a wrong Username or Paswword please try again and be more carefull with your spelling!<br>";
}
else
{
echo "</head><body bgcolor=\"#666666\">";
echo "<center>";
echo '<font size="2" face="verdana" color="#3d3d3d">';
echo "<form action=\"?op=login\" method=\"POST\">";
echo "Username<br /><input name=\"username\" size=\"15\"><br />";
echo "Password<br /><input type=\"password\" name=\"password\" size=\"15\"><br />";
echo "<input type=\"submit\" value=\"Login\">";
echo "</form>";
echo "</font>";
}
?>
<a href="register.php">Click Here To Register!</a>
...

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.