squiblo Posted August 15, 2009 Share Posted August 15, 2009 this is my code that gets the info from the database but something is wrong, it goes not redirect me to either google or yahoo if my loggin details are correct or not, can anyone help me find the problem please... <?php $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); if(isset($_POST['Login'])){ // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $mycompany=$_POST['mycompany']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $mycompany = stripslashes($mycompany); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $mycompany = mysql_real_escape_string($mycompany); //$_SESSION['myusername']=$dbusername; $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and company='$mycompany'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword and $mycompany, table row must be 1 row if($count==1){ // Register $myusername, $mycompany and $mypassword and redirect to file "profile.php" session_register("myusername"); session_register("mypassword"); session_register("mycompany"); header("location:http://www.yahoo.com"); } else { header("location: http://www.google.com"); } } ?> Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted August 15, 2009 Share Posted August 15, 2009 Rather than use header() to see what is happing just use echo. if($count==1){ echo 'User is logged in'; } else { echo 'User is NOT logged in'; } Also you should not be using session_register for creating session variables. This function is depreciated. You should instead use the the $_SESSION superglobal when defining/using session variables. So instead of session_register("myusername"); session_register("mypassword"); session_register("mycompany"); You'd this instead $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; $_SESSION['mycompany'] = $mycompany; Quote Link to comment Share on other sites More sharing options...
squiblo Posted August 15, 2009 Author Share Posted August 15, 2009 so it is this?... if($count==1){ $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; $_SESSION['mycompany'] = $mycompany; echo 'User is logged in'; } else { echo 'User is NOT logged in'; } Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted August 15, 2009 Share Posted August 15, 2009 Yes. That is now the correct way for using sessions. What does your script output now? It should display user is logged in when using the correct username/password. For the wrong username/password the message user is NOT logged in will be displayed. Quote Link to comment Share on other sites More sharing options...
squiblo Posted August 15, 2009 Author Share Posted August 15, 2009 ok im still getting an error, this is my newest code.. <?php $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); if(isset($_POST['Login'])){ // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $mycompany=$_POST['mycompany']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $mycompany = stripslashes($mycompany); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $mycompany = mysql_real_escape_string($mycompany); //$_SESSION['myusername']=$dbusername; $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and company='$mycompany'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword and $mycompany, table row must be 1 row if($count==1){ $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; $_SESSION['mycompany'] = $mycompany; echo 'User is logged in'; } else { echo 'User is NOT logged in'; } } ?> and this is my html form... <form name="form1" method="post" action="checklogin.php"> <input type="text" id="myusername" style="font-size:15px;"><br><br> <input type="text" id="mycompany" style="font-size:15px;"><br><br> <input type="password" id="mypassword" style="font-size:15px;"><br><br> <input type="submit" id="indexsearch" name="log in" value="Log In" style="height:35px;"> </form> Quote Link to comment Share on other sites More sharing options...
squiblo Posted August 15, 2009 Author Share Posted August 15, 2009 i think i see it now, should my id for the submit button on the form be changed to "Login"? Quote Link to comment Share on other sites More sharing options...
squiblo Posted August 15, 2009 Author Share Posted August 15, 2009 i think i see it now, should my id for the submit button on the form be changed to "Login"? i change the id to "Login" but still not working Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted August 15, 2009 Share Posted August 15, 2009 The name of your submit button should be named as Login ok im still getting an error Which is what? Post the error you're getting here. Or are you just getting a blank page? If its a blank page then it could mean your script is failing. Quote Link to comment Share on other sites More sharing options...
squiblo Posted August 15, 2009 Author Share Posted August 15, 2009 i am just getting a blank page, what does it mean if i am getting a blank page and it is failing? Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted August 15, 2009 Share Posted August 15, 2009 i am just getting a blank page, what does it mean if i am getting a blank page and it is failing? It means there could be an error which is preventing the script from running. You'll get a blank screen is errors are disabled. To enable errors, at the top of your script add the following after the opening <?php tag error_reporting(E_ALL); ini_set('display_errors', 'on'); If there are any errors they should be displayed. Alternatively you can always check your servers error log Quote Link to comment Share on other sites More sharing options...
squiblo Posted August 15, 2009 Author Share Posted August 15, 2009 i am still getting a blank page with this... <?php error_reporting(E_ALL); ini_set('display_errors', 'on'); $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); if(isset($_POST['Login'])){ // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $mycompany=$_POST['mycompany']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $mycompany = stripslashes($mycompany); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $mycompany = mysql_real_escape_string($mycompany); //$_SESSION['myusername']=$dbusername; $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and company='$mycompany'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword and $mycompany, table row must be 1 row if($count==1){ $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; $_SESSION['mycompany'] = $mycompany; echo 'User is logged in'; } else { echo 'User is NOT logged in'; } } ?> Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted August 15, 2009 Share Posted August 15, 2009 Your first three form fields don't have any name="..." attributes either. After you add them, post your current form because it is likely that the actual name="..." attribute of the submit button is not what your php code is expecting. Quote Link to comment Share on other sites More sharing options...
squiblo Posted August 15, 2009 Author Share Posted August 15, 2009 still getting a black screen... :shrug: <form name="form1" method="POST" action="checklogin.php"> <input type="text" id="myusername" name="myusername" style="font-size:15px;"><br><br> <input type="text" id="mycompany" name="mycompany" style="font-size:15px;"><br><br> <input type="password" id="mypassword" name="mypassword" style="font-size:15px;"><br><br> <input type="submit" id="Login" name="Login" value="Log In" style="height:35px;"> </form> <?php error_reporting(E_ALL); ini_set('display_errors', 'on'); $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); if(isset($_POST['Login'])){ // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $mycompany=$_POST['mycompany']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $mycompany = stripslashes($mycompany); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $mycompany = mysql_real_escape_string($mycompany); //$_SESSION['myusername']=$dbusername; $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and company='$mycompany'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword and $mycompany, table row must be 1 row if($count==1){ $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; $_SESSION['mycompany'] = $mycompany; header("location:about.php"); } else { echo 'User is NOT logged in'; } } ?> Quote Link to comment Share on other sites More sharing options...
squiblo Posted August 15, 2009 Author Share Posted August 15, 2009 it is now working guys, i was just resending the data but i should have been refreshing the login page, thank you Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted August 15, 2009 Share Posted August 15, 2009 There was no session_start(); , Here i cleaned it up aswell. <?php session_start(); error_reporting(E_ALL); ini_set('display_errors', 'on'); $host="localhost"; $username=""; $password=""; $db_name=""; $tbl_name="members"; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); if(isset($_POST['Login'])){ $myusername = mysql_real_escape_string(stripslashes($_POST['myusername'])); $mypassword = mysql_real_escape_string(stripslashes($_POST['mypassword'])); $mycompany = mysql_real_escape_string(stripslashes($_POST['mycompany'])); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and company='$mycompany'"; $result = mysql_query($sql); if(mysql_num_rows($result) == '1'){ $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; $_SESSION['mycompany'] = $mycompany; echo 'User is logged in'; } else { echo 'User is NOT logged in'; } } ?> James. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.