nitation Posted October 29, 2008 Share Posted October 29, 2008 I have a login script that works fine. I decided to add this line of code error_reporting(E_ALL); ini_set('display_errors', 'on'); to my script. I keep getting this error Notice: Undefined index: admin_user in C:\Program Files\xampp\htdocs\myfiles\vest\newnd\admin\login.php on line 14 Notice: Undefined index: admin_pass in C:\Program Files\xampp\htdocs\myfiles\vest\newnd\admin\login.php on line 15 Warning: Cannot modify header information - headers already sent by (output started at C:\Program Files\xampp\htdocs\myfiles\vest\newnd\admin\login.php:14) in C:\Program Files\xampp\htdocs\myfiles\vest\newnd\admin\login.php on line 37 This is my login script <?php error_reporting(E_ALL); ini_set('display_errors', 'on'); session_start(); if (!isset ($_SESSION["admin_user"])) { header ("Location:main.php?login=missing"); } include 'connect.php'; // username and password sent from form $admin_user=$_POST['admin_user']; $admin_pass=$_POST['admin_pass']; // To protect MySQL injection (more detail about MySQL injection) $admin_user = stripslashes($admin_user); $admin_pass = stripslashes($admin_pass); $admin_user = mysql_real_escape_string($admin_user); $admin_pass = mysql_real_escape_string($admin_pass); $sql="SELECT * FROM newndAdmin WHERE admin_user='$admin_user' and admin_pass='$admin_pass'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("admin_user"); session_register("admin_pass"); header("location:index.php"); } else { header("location:main.php?login=wrong"); //echo "Please check your username or password. If you still cant login your account has been disabled. Please contact an admin."; } ?> Quote Link to comment Share on other sites More sharing options...
prexep Posted October 29, 2008 Share Posted October 29, 2008 Notice: Undefined index: admin_user in C:\Program Files\xampp\htdocs\myfiles\vest\newnd\admin\login.php on line 14 Notice: Undefined index: admin_pass in C:\Program Files\xampp\htdocs\myfiles\vest\newnd\admin\login.php on line 15 $admin_user and $admin_pass are empty. Quote Link to comment Share on other sites More sharing options...
nitation Posted October 29, 2008 Author Share Posted October 29, 2008 what do you mean by they are empty? Quote Link to comment Share on other sites More sharing options...
nitation Posted October 29, 2008 Author Share Posted October 29, 2008 Guys what am i doing wrong? Quote Link to comment Share on other sites More sharing options...
bobbinsbro Posted October 29, 2008 Share Posted October 29, 2008 the warnings mean that the $_POST[] array contains no keys called admin_user and admin_pass. this means that fields you think are called these names are actually called something else (or maybe don't exist?). i see that earlier in your code you use $_SESSION['admin_user']. is it possible that you should be using $_SESSION on lines 14,15 instead of $_POST? Quote Link to comment Share on other sites More sharing options...
revraz Posted October 29, 2008 Share Posted October 29, 2008 Honestly, how many things can this really mean? what do you mean by they are empty? Quote Link to comment Share on other sites More sharing options...
prexep Posted October 29, 2008 Share Posted October 29, 2008 What is the form code? Whats submitting to the login? Quote Link to comment Share on other sites More sharing options...
nitation Posted October 29, 2008 Author Share Posted October 29, 2008 the warnings mean that the $_POST[] array contains no keys called admin_user and admin_pass. this means that fields you think are called these names are actually called something else (or maybe don't exist?). i see that earlier in your code you use $_SESSION['admin_user']. is it possible that you should be using $_SESSION on lines 14,15 instead of $_POST? I created the form myself. The input name is the same variable i used in the login page. Quote Link to comment Share on other sites More sharing options...
prexep Posted October 29, 2008 Share Posted October 29, 2008 Do you have <form action='login.php' method='POST'> ?? Quote Link to comment Share on other sites More sharing options...
nitation Posted October 29, 2008 Author Share Posted October 29, 2008 surely. <form action='login.php' method='POST'> Username <input name="admin_user" type="text"> Password <input name="admin_pass" type="password"> <input name="submit" type="submit" value="Log In"> </form> Quote Link to comment Share on other sites More sharing options...
nitation Posted October 29, 2008 Author Share Posted October 29, 2008 Let me just explain myself again. I want to create a login page. I have created the form, and the user is validated at login.php, what am i doing wrong? Quote Link to comment Share on other sites More sharing options...
bobbinsbro Posted October 29, 2008 Share Posted October 29, 2008 could you post a print_r or a var_dump of $_POST in your login script? and you should manage your headers better so that you don't try to send both login=missing and login=wrong (which is why your getting the warning about the headers). Quote Link to comment Share on other sites More sharing options...
nitation Posted October 29, 2008 Author Share Posted October 29, 2008 I am using the both headers to show the error. I can always escape that. How do i show the error for the user if either password/username is wrong on the form it self. Quote Link to comment Share on other sites More sharing options...
bobbinsbro Posted October 29, 2008 Share Posted October 29, 2008 you mean reloading the form and having "Wrong Password" appear in intimidating bold red letters next to the password field? i would just post the form to itself, and move the login script to the top of the file with: <?php $passwordValid = TRUE; if (isset($_POST['submit']){ //submit being the name of the submit button if (//find out if password is wrong){ $passwordValid = FALSE; //password is wrong, don't allow entry! skip login code } else{ //more login.php code for valid passwords } } ?> <html> html code <input type="password" ..... /> <?php echo ($passwordValid?"":"beware! your password is wrong! muahahahah!"); ?> i'd still like to see the var_dump($_POST); in login.php. maybe even var_dump($_POST, $_SESSION); too cover everything. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.