how to display a login error message on the same page

[benjipie]

 

Hi,

 

I'm making a log in / registration system that was working great but would display any error messages to the user (if they gave the wrong password / username) on a different page.  I want the error messages to appear on the same page as the page the user tried to log in on (less confusion for the user).  The problem I'm having is i call an

if ($submit) {

statement to test if the submit button was clicked, if it was run the code.  When i do this i don't get any error messages even when i put in the wrong password.  I would, however get error messages if I leave off the if submit function (but i think that's because the code is being run without the button being pushed).  What am I doing wrong and how can I get the error messages to display on the same page as the log in ?

 

Here's the code.  The code is on the same page as the HTML for the log in (which is just a simple form for now).

 

<?php
session_start();

$password = @$_POST['password'];
$username = @$_POST['username'];
$submit = @$_POST['submit'];

if ($submit) {
if (!isset($_POST['$username'])) {
echo 'Please enter your username';
}

if (!isset ($_POST['$password'])) {
echo 'Please enter your password';

}else if ($username && $password) {
$connect = mysql_connect("localhost", "root", "") or die ("couldnt connect");
mysql_select_db("phplogin") or die ("couldnt find the db");

$query = mysql_query("SELECT * FROM users WHERE username = '$username'");

$numrows = mysql_num_rows($query);

if ($numrows == 0) {
	echo 'that username doesnt exist';
}

if ($numrows != 0) {
	//code to log in
	while ($row = mysql_fetch_assoc($query)) {
		$db_username = $row['username'];
		$db_password = $row['password'];
	}
	//check to see if they match;
	if ($username == $db_username && md5($password) == $db_password) {
		echo "log in successfull, <a href = 'member.php'>Members only</a> click here to enter the member area";
		$_SESSION['username'] = $db_username;
	}else{
		echo 'Incorrect password';
	}
}
}
}

?>

 

Thanks for any help.

 

Ben.

 

[Adam]

Edit: Oops. mis-read. Ignore this. 2 minutes...

 

Edit 2: Show the HTML form...

[waterssaz]

Ok ,

basically all you do is, in the original form that posts the values you change the form action to submit to itself instead of the other page that it is going to to do the validation.

Then all you need to do is put the code from your validation page into the same page as the code for the form that does the submitting. That way when you hit submit, the page will redirect back to itself, then the if(submit) will pick up beacuse the form has been submitted and display errors etc in the same page.

Hope this makes sense.

If you posted the code for the actual form then I could have shown you an example instead of having to explain :-)

[benjipie]

Hi,

 

Thanks for the replies...Im still having problems with this so im going to post all the code from the page.  I'm pretty new to PHP so it might be something silly mistake.

 

<?php
session_start();

$password = @$_POST['password'];
$username = @$_POST['username'];
$submit = @$_POST['submit'];


if (empty($username)) {
   echo 'Please enter your username';
}

if (empty ($password)) {
   echo 'Please enter your password';

}else if ($username && $password) {
   $connect = mysql_connect("localhost", "root", "") or die ("couldnt connect");
   mysql_select_db("phplogin") or die ("couldnt find the db");
   
   $query = mysql_query("SELECT * FROM users WHERE username = '$username'");
   
   $numrows = mysql_num_rows($query);
   
   if ($numrows == 0) {
      echo 'that username doesnt exist';
   }
   
   if ($numrows != 0) {
      //code to log in
      while ($row = mysql_fetch_assoc($query)) {
         $db_username = $row['username'];
         $db_password = $row['password'];
      }
      //check to see if they match;
      if ($username == $db_username && md5($password) == $db_password) {
         echo "log in successfull, <a href = 'member.php'>Members only</a> click here to enter the member area";
         $_SESSION['username'] = $db_username;
      }else{
         echo 'Incorrect password';
      }
   }
}

?>


<div id="wrapper-menu-top">
<div id="menu-top">
<div id="date"><?php echo date("l M dS, Y") ?></div>

  <ul>
	<li><a href="../../index.php"><span>Home</span></a></li>
	<li><a href="../../contentPages/lessons.php"><span>Lessons</span></a></li>
  	<li><a href="../../contentPages/AboutUs.php"><span>About Us</span></a></li>
	<li><a href="../../contentPages/news.php"><span>news</span></a></li>
	<li><a href="../../contentPages/toolbox.php"><span>Toolbox</span></a></li>
	<li><a href="../../contentPages/contactUs.php"><span>Contact Us</span></a></li>

</ul>
</div><!--menu-top-->
<!--<div id="login">

</div>-->
</div><!--wrapper-menu-top-->

<div id="wrapper-header">
<div id="header">

<div id="wrapper-header2">
<div id="wrapper-header3">
<h1><img src="index/images/new-logo2.png" alt="logo" longdesc="../../contentPages/contentImages/GlossLogo.png" /></h1>
<div id="loginBox">
<!--<img src="index/images/login.png" width="207" height="110"  />-->
<form action="index.php" method="post" >
<p class="formHeader">Log in</p>
<div id="loginInfo">
<p>
  <label for="username">username:</label>
  <input name="username" id="username" type="text" value="" />
  </p>
  
  <p>
  <label for="password">password:</label>
  <input name="password" id="password" type="password" />
  </p>
  
  <table class="loginTable" width="300" border="0">
  <tr>
   <td width="48" height="17"><input type="submit"  class="registerButton" value="" /></td>
    <td><input type="submit" class="loginButton" value="" /></td>
  </tr>

</table>

</div>

    
   
</form>
</div>



</div>
</div>
</div>
</div>

 

Once again, thanks for any help offered.

[Adam]

You're basically testing for $_POST['submit'] which is never submitted with the form. You need to name the submit button like this:

 

<input type="submit" name="submit" class="loginButton" value="" />