Jump to content

Archived

This topic is now archived and is closed to further replies.

JosiaMFire2

Likely a Newb Question

Recommended Posts

Hey, Im still learning to use PHP. I would apreciate it if someone with 5 mins spare would help me out, tell me what I have done wrong.
<? Session_start() ?>
<HTML>
<HEAD>
<TITLE>Admin Login</TITLE/>
<HEAD>
<BODY>
<H2>Admin Login</H2>
<BR>
<?
$links = "<A HREF='Admin_panel.php'>Click here to goto main page</A><BR><BR>";
If($name && $password) {
If($logged_in_user == $name) {
  echo $user.", you are already logged in.<BR><BR>";
    echo $links;
    exit;
}
$db = mysql_connect("localhost");
mysql_select_db("Login", $db);
$result = mysql_query("SELECT * FROM Name where name = '".$user."'";
AND password = PASSWORD('".$password.")"');
if (!$result) {
  echo "sorry, there has been a technical glitch. We cannot enter your details";
  exit;
 
}
If (mysql_num_rows($result) > 0) {
  $logged_in_user = $user;
  session_register("logged_in_user");
  echo "Welcome, ".$logged_in_user.".<BR><BR>";
  echo $links;
  exit;
  } else {
    echo "invalid login. Please try again.<BR>.<BR>";
}
)
}
?>
<FORM METHOD=POST ACTION="Login.php">
Your Admin login name:
<BR>
<INPUT NAME="name" TYPE=TEXT MAXLENGTH=20 SIZE=20>
<BR>
<BR>
Your Admin password: 
<BR>
<INPUT NAME="password" TYPE=password MAXLENGTH=20 SIZE=20>
<BR>
<BR>
<Input type=submit value="login">
</FORM>
</Body>
</HTML>

Share this post


Link to post
Share on other sites
Why you using caps all the time

PHP is case sensative (Depending on the settings)
If and if are different functions

Where the the top variables coming from???
$name  $password  $logged_in_user
I am guessing $logged_in_user is a sesssion
and the other 2 are from the form

[code]

<?php Session_start() ?>
<html>
<head>
<title>Admin Login</title>
<head>
<body>
<h2>Admin Login</h2>

<?php
  $links = "<a href='Admin_panel.php'>Click here to goto main page</a><br /><br />";
  If($_POST["name"] && $_POST["password"]) {
      If($_SESSION["logged_in_user"] == $_POST["name"]) {
  //Where has $user come from?????????
          echo $user.", you are already logged in.<BR><BR>";
          echo $links;
          exit;
      }
      $db = mysql_connect("localhost","username","password");
      mysql_select_db("Login", $db);
      $result = mysql_query("SELECT * FROM Name where name = '".$user."'";
                  AND `password` = PASSWORD('".$password.")"');
  //password is a defind word in MySQL and should not really name fields password, try pwd or something
                  if (!$result) {
                    echo "sorry, there has been a technical glitch. We cannot enter your details";
                    exit;
                 
                  }
                  if (mysql_num_rows($result) > 0) {
                    $logged_in_user = $user;
                    $_SESSION["logged_in_user"] = $logged_in_user;
//This is the best practice for naming sessions
                    echo "Welcome, ".$logged_in_user.".<br /><br />";
                    echo $links;
                    exit;
                    } else {
                      echo "invalid login. Please try again.<br />.<br />";
                  }
                  )
  }
?>
<FORM METHOD=POST ACTION="Login.php">
Your Admin login name:
<BR>
<INPUT NAME="name" TYPE=TEXT MAXLENGTH=20 SIZE=20>
<BR>
<BR>
Your Admin password:
<BR>
<INPUT NAME="password" TYPE=password MAXLENGTH=20 SIZE=20>
<BR>
<BR>
<Input type=submit value="login">
</FORM>
</body>
</head>
[/code]

Share this post


Link to post
Share on other sites
[quote author=onlyican link=topic=104062.msg414892#msg414892 date=1155459775]
Why you using caps all the time

PHP is case sensative (Depending on the settings)
If and if are different functions
[/quote]

Uhrr? Did I miss something? I thought only variables, constants and properties where case sensitive?

Share this post


Link to post
Share on other sites
yah, what i thought? anyways just ignore variables, for some reason it displays the actual php code past this line (echo $user.", you are already logged in.<BR><BR>"; ) so yah, ??

Share this post


Link to post
Share on other sites
So you're saying you get echoed:

[quote]       
echo $links;
          exit;
      }
      $db = mysql_connect("localhost");
      mysql_select_db("Login", $db);
      $result = mysql_query("SELECT * FROM Name where name = '".$user."'";
                  AND password = PASSWORD('".$password.")"');
    etc etc.
?>[/quote]

With 'echo $links' included?

Share this post


Link to post
Share on other sites
sorry, you saying that your page is showing the code?????

Is the page a .php?
Is it on a PHP server?

Share this post


Link to post
Share on other sites
well yah, past the point I showed you. Yes its working on a server (well actually on my local machine, in apache). I am using PHP designer 06 and it is .php

Share this post


Link to post
Share on other sites
What you should get, is a parsing error.

[u][b]It's got plenty of them.[/b][/u]

Check your level of error reporting in php.ini
For now, simply add [u][i]ini_set('error_reporting',E_ALL);[/i][/u] to the top op your file. That should ensure you get errors reported.

I'll ask one last time to avoid confusion:

This does not show:
[quote]?php
  $links = "<a href='Admin_panel.php'>Click here to goto main page</a><br /><br />";
  If($_POST["name"] && $_POST["password"]) {
      If($_SESSION["logged_in_user"] == $_POST["name"]) {
  //Where has $user come from?????????
          echo $user.", you are already logged in.<BR><BR>";[/quote]

This (and everything below it) does show:
[quote]        echo $links;
          exit;
      }
      $db = mysql_connect("localhost","username","password");
      mysql_select_db("Login", $db);
      $result = mysql_query("SELECT * FROM Name where name = '".$user."'";[/quote]

If so, it's probably an uncaught parsing error. Fix your parsing errors, have look at the content of $links (something seems fishy about it) and then we'll talk.

Share this post


Link to post
Share on other sites
is your browser showing
Click here to goto main page
or
the actual code
echo $link;

Share this post


Link to post
Share on other sites
Ok, I´m in a good mood, so I took the parsing errors out of your script for you.
Note that didn't change anything else, although I don't agree with most of the things you're doing in this script.. :o

One thing at the time I guess. Good luck with that.

[code]<? Session_start() ?>
<HTML>
<HEAD>
<TITLE>Admin Login</TITLE/>
<HEAD>
<BODY>
<H2>Admin Login</H2>
<BR>
<?
$links = "<A HREF='Admin_panel.php'>Click here to goto main page[/url]<BR><BR>";
if($name && $password) {
if($logged_in_user == $name) {
echo $name.", you are already logged in.<BR><BR>";
echo $links;
exit;
}
$db = mysql_connect("localhost");
mysql_select_db("Login", $db);
$result = mysql_query('SELECT * FROM Name where name = "'.$name.'" AND password = PASSWORD("'.$password.'")');
if (!$result) {
echo "sorry, there has been a technical glitch. We cannot enter your details";
exit;
}
if (mysql_num_rows($result) > 0) {
$logged_in_user = $user;
session_register("logged_in_user");
echo "Welcome, ".$logged_in_user.".<BR><BR>";
echo $links;
exit;
} else {
echo "invalid login. Please try again.<BR>.<BR>";
}
}
?>
<FORM METHOD=POST ACTION="Login.php">
Your Admin login name:
<BR>
<INPUT NAME="name" TYPE=TEXT MAXLENGTH=20 SIZE=20>
<BR>
<BR>
Your Admin password:
<BR>
<INPUT NAME="password" TYPE=password MAXLENGTH=20 SIZE=20>
<BR>
<BR>
<Input type=submit value="login">
</FORM>
</Body>
</HTML>[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.