Jump to content

Recommended Posts

Hi Guys,

 

Something seems to be up with my login script, once the credentials are put in it doesn't seem to goto the protected page which is: account.php

 

code:

 

<?php
ob_start();
session_start();
include("inc/inc-dbconnection.php");
include("inc/inc-online.php");
include("inc/inc-functions.php");
include("inc/inc-header.php");
?>
<div class="fcp-main-content-area">	
<div class="fcp-breadcrumb">
  <ul>
 <li><a href="index.php">Home</a></li> >>
 <li><a href="javascript:history.go(-1)">Previous Page</a></li> >>
 <li>Login in to your account.</li>
</ul>
</div>
<div id="div-regForm">
<div class="form-title">Log In</div>
<div class="form-sub-title">Login & see your points score!</div>
<form id="regForm" action="login.php" method="post">
<table>
  <tbody>
  <tr>
    <td><label for="fname">Email:</label></td>
    <td><div class="input-container"><input name="user" id="user" type="text" /></div></td>
  </tr>
  <tr>
    <td><label for="lname">Password:</label></td>
    <td><div class="input-container"><input name="pass" id="pass" type="text" /></div></td>
  </tr>
  <tr>
  <td> </td>
  <td><input type="submit" class="greenButton" name="submitLogin" value="Sign Up" />
</td>
  </tr> 
  </tbody>
</table>
</form>
<?php
if (isset($_POST['submitLogin']))
{

   $user = $_POST['user'];
   $pass = $_POST['pass'];

   $errors = array();
   
   // Potential errors  
   // Empty fields
   if (empty($user) || empty($pass))
   {
      $errors[] = "You never filled in all the fields above.";
   }
   
   // Does user exist?
   $qU = "SELECT * FROM `fso_users` WHERE `user_name`='$user' AND `user_password`='$pass' LIMIT 1";
   $rU = mysql_query($qU);  

   if (mysql_num_rows($rU) < 1)
   {   
      $errors[] = "Those login details are in-correct."; 
   }
    
   // Count the errors
   if (count($errors > 0))
   {
   
       foreach($errors as $error)
       {
       
            print "<div id=\"error\">$error</div>\n";
            
       }
     
   } else {
     
         // Update the login timer and redirect
         $timer = mysql_query("UPDATE `fso_users` SET `user_last_login`=NOW() WHERE `user_name`='$user' AND `user_password`='$pass'");
      
         // Array()
         $aU = mysql_fetch_array($rU);
      
         // Credentials
         $_SESSION['logged_in'] = 1; 
         $_SESSION['user_id']   = $aU['user_id'];

         // Lastly redirect to the account page
         header("Location: account.php"); 
         ob_clean(); 
         
   }  

} // End main isset
?>
</div>  
<?php
include("inc/inc-footer.php");
?>

 

I have something similar on another site and that seems to work i can't figure it out

 

any help would be appreciated

 

cheers

 

Graham

Link to comment
https://forums.phpfreaks.com/topic/189058-php-login-not-working/
Share on other sites

Hi Mate,

 

ah ok, i'll use that as a rule of thumb for all forms :)

 

i moved the PHP code to the top but this else code doesn't seem to be executed:

 

   } else {
   
    // Update the login timer and redirect
    $timer = mysql_query("UPDATE `fso_users` SET `user_last_login`=NOW() WHERE `user_name`='$user' AND `user_password`='$pass'");

 

the credentials are definately correct i can't see what's wrong.

 

cheers mate

 

Graham

Hi Mate,

 

Still never worked, the thing is if i do this:

 

<?php
ob_start();
session_start();
include("inc/inc-dbconnection.php");
include("inc/inc-online.php");
include("inc/inc-functions.php");
include("inc/inc-header.php");
?>
<div class="fcp-main-content-area">	
<div class="fcp-breadcrumb">
  <ul>
 <li><a href="index.php">Home</a></li> >>
 <li><a href="javascript:history.go(-1)">Previous Page</a></li> >>
 <li>Login in to your account.</li>
</ul>
</div>
<?php
if (isset($_POST['submitLogin']))
{

   // POST vars
   $user = $_POST['user'];
   $pass = $_POST['pass'];

   // Errors array()
   $errors = array();
   
   // Potential errors 
   // Empty fields
   if (empty($user) || empty($pass))
   {
      $errors[] = "You never filled in all the fields above.";
   }
   
   // Does user exist?
   $qU = "SELECT * FROM `fso_users` WHERE `user_email`='$user' AND `user_password`='$pass' LIMIT 1";
   $rU = mysql_query($qU);  

   if (mysql_num_rows($rU) < 1)
   {   
      $errors[] = "We don't recognise those login details, have you typed them correctly?"; 
   }
    
   // Count the errors and display
   if (count($errors > 0))
   {
     
       print "<div id=\"error\">";
     
       foreach($errors as $error)
       {
       
          print "<b>></b> $error<br />";
       
       }
     
       print "</div>";
     
   } 

      // Update the login timer and redirect
      $timer = mysql_query("UPDATE `fso_users` SET `user_last_login`=NOW() WHERE `user_email`='$user' AND `user_password`='$pass'");
      
      // Array()
      $aU = mysql_fetch_array($rU);
      
      // $_SESSION[''];
      $_SESSION['loggedIn'] = 1; 
      $_SESSION['user_id']  = $aU['user_id'];

      // Lastly redirect to the account page
      header("Location: account.php"); 
      ob_clean(); 


}
?>
<div id="div-regForm">
<div class="form-title">Log In</div>
<div class="form-sub-title">Login & see your points score!</div>
<form id="regForm" action="login.php" method="post">
<table>
  <tbody>
  <tr>
    <td><label for="fname">Email:</label></td>
    <td><div class="input-container"><input name="user" id="user" type="text" /></div></td>
  </tr>
  <tr>
    <td><label for="lname">Password:</label></td>
    <td><div class="input-container"><input name="pass" id="pass" type="text" /></div></td>
  </tr>
  <tr>
  <td> </td>
  <td><input type="submit" class="greenButton" name="submitLogin" value="Login" />
</td>
  </tr> 
  </tbody>
</table>
</form>
</div>  
<?php
include("inc/inc-footer.php");
?>

 

The way it is above i can type anything in or even just hit the submit it logs in normally and even displays the proper data on the account page:

 

<?php
include("inc/inc-sessions-user.php");
include("inc/inc-dbconnection.php");
include("inc/inc-online.php");
include("inc/inc-functions.php");
include("inc/inc-header.php");
include("inc/inc-arrays.php");
?>
<div class="fcp-main-content-area">	
<div class="fcp-breadcrumb">
  <ul>
 <li><a href="index.php">Home</a></li> >>
 <li><a href="javascript:history.go(-1)">Previous Page</a></li> >>
 <li>My account - [<a href="logout.php">Logout</a>]</li>
</ul>
</div>
<?php
print $_SESSION['loggedIn'] . " + " . $_SESSION['user_id'];
?>
<?php
include("inc/inc-footer.php");
?>

 

I'm thinking it must be an error with my if/else code somewhere.

 

cheers mate

 

Graham

Try:

 

<?php
   session_start();

   include("inc/inc-dbconnection.php");
   include("inc/inc-online.php");
   include("inc/inc-functions.php");

   if (isset($_POST['submitLogin']))
   {
      // POST vars
      $user = $_POST['user'];
      $pass = $_POST['pass'];

      // Errors array()
      $errors = array();
      $errMsg = '';
   
      // Potential errors 
      // Empty fields
      if (empty($user) || empty($pass))
      {
         $errors[] = "You never filled in all the fields below.";
      }
   
      // Does user exist?
      $qU = "SELECT * FROM fso_users WHERE user_email = '$user' AND user_password = '$pass' LIMIT 1";
      $rU = mysql_query($qU);  

      if (mysql_num_rows($rU) < 1)
      {   
         $errors[] = "We don't recognise those login details, have you typed them correctly?"; 
      }
    
      // Count the errors and display
      if (count($errors) > 0)
      {
         errMsg .= '<div id="error">';

         foreach($errors as $error)
         {
            errMsg .= "<b>$error</b><br />";
         }

         errMsg .= "</div>";
      }
      else
      {
         // Update the login timer and redirect
         $timer = mysql_query("UPDATE  fso_users SET user_last_login = NOW() WHERE user_email = '$user' AND user_password = '$pass'");

         // Array()
         $aU = mysql_fetch_assoc($rU);
      
         // $_SESSION[''];
         $_SESSION['loggedIn'] = 1; 
         $_SESSION['user_id']  = $aU['user_id'];

         // Lastly redirect to the account page
         header("Location: account.php");
      }
   }
?>

<?php include("inc/inc-header.php"); ?>
<div class="fcp-main-content-area">
   <?php if ($errMsg != '') { echo $errMsg; } ?>
   <div class="fcp-breadcrumb">
      <ul>
         <li><a href="index.php">Home</a></li> >>
         <li><a href="javascript:history.go(-1)">Previous Page</a></li> >>
         <li>Login in to your account.</li>
      </ul>
   </div>
<div id="div-regForm">
<div class="form-title">Log In</div>
<div class="form-sub-title">Login & see your points score!</div>
<form id="regForm" action="login.php" method="post">
<table>
  <tbody>
  <tr>
    <td><label for="fname">Email:</label></td>
    <td><div class="input-container"><input name="user" id="user" type="text" /></div></td>
  </tr>
  <tr>
    <td><label for="lname">Password:</label></td>
    <td><div class="input-container"><input name="pass" id="pass" type="text" /></div></td>
  </tr>
  <tr>
  <td> </td>
  <td><input type="submit" class="greenButton" name="submitLogin" value="Login" />
</td>
  </tr> 
  </tbody>
</table>
</form>
</div>  
<?php include("inc/inc-footer.php"); ?>

 

To reiterate - the consensus on what proper PHP structure is has form processing happening before form display.  It's done this way due to the nature of the HTTP request cycle and the fact that PHP is essentially a fire-once language.  Once a script is run, nothing else is happening in the background.  It also helps remove those pesky "Headers already sent" errors, makes it easier to edit/maintain scripts, and is a smart way to structure code regardless as it separates concerns.

 

This code isn't tested, but it should give you a better idea of the approach to take, while hopefully fixing the errors you have.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.