Niixie Posted January 21, 2011 Share Posted January 21, 2011 Hello PHPFreaks, i have 2 problems. The first problem is, that what i want help to is on my other computer. And its not possible for me to get to it atm. So i'll do it as good as i remember. My second problem is, i made a website and i want a login on one of the pages. I made a form etc. The username field is called 'usernamebox' and the password field is called 'passwordbox'. So, in the php part I do like this. <?php $username_string = $_POST['usernamebox']; $password_string = $_POST['passwordbox']; rest of code ... ?> Is there any problem doing that, because my SQL server shows me error every place i try to connect it with the strings? Quote Link to comment Share on other sites More sharing options...
Valakai Posted January 21, 2011 Share Posted January 21, 2011 The code you submitted is perfectly fine, the rest of the code you didn't probably contains the error. Quote Link to comment Share on other sites More sharing options...
Niixie Posted January 21, 2011 Author Share Posted January 21, 2011 My error lines is 73-74 and two others. And line 73 and 74 is $username_string = $_POST['usernamebox']; $password_string = $_POST['passwordbox']; Thanks for the quick answer -Anyone knows where i can find a good tutorial for php login script? Quote Link to comment Share on other sites More sharing options...
Valakai Posted January 21, 2011 Share Posted January 21, 2011 Can you please post the entire error string? There is no reason why that code would cause an error. Quote Link to comment Share on other sites More sharing options...
Niixie Posted January 21, 2011 Author Share Posted January 21, 2011 The first problem is, that what i want help to is on my other computer. And its not possible for me to get to it atm. Got a link for a tutorial? Quote Link to comment Share on other sites More sharing options...
Valakai Posted January 21, 2011 Share Posted January 21, 2011 From a quick search http://www.phpeasystep.com/phptu/6.html http://www.1337labs.com/2010/12/23/multiple-admin-login-over-mysql-database-table/ http://www.php-mysql-tutorial.com/wikis/php-tutorial/basic-user-authentication.aspx Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted January 21, 2011 Share Posted January 21, 2011 The tutorials in the first two links you posted are obsolete, and I wouldn't recommend that anyone actually use them to try to learn anything about php. Quote Link to comment Share on other sites More sharing options...
Valakai Posted January 21, 2011 Share Posted January 21, 2011 Well there's some value (however slight) in them, but if you need/want something more advanced I'd suggest finding some open source software and taking it apart bit by bit. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted January 21, 2011 Share Posted January 21, 2011 I didn't say they weren't advanced, I said they are obsolete. There's no value whatsoever in teaching that it's a good idea to arbitrarily apply stripslashes() to form data, or that deprecated functions like session_register() should be used. Quote Link to comment Share on other sites More sharing options...
Valakai Posted January 21, 2011 Share Posted January 21, 2011 Well I'd suggest then to search for tutorials on session_*() functions, storing/retrieving information from a database and handling form inputs. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted January 21, 2011 Share Posted January 21, 2011 You're completely missing the point. Quote Link to comment Share on other sites More sharing options...
Niixie Posted January 22, 2011 Author Share Posted January 22, 2011 Well Pikachu2000, you know where i could learn how to do it correctly or "In the right way"? -I scripted Sa-mp server, where i made alot of login systems. and somehow it doesnt work with php aswell? (Yes i did change all from pawno to php ...) Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted January 22, 2011 Share Posted January 22, 2011 Can you post the problematic code, and the exact error it's returning? Quote Link to comment Share on other sites More sharing options...
Niixie Posted January 23, 2011 Author Share Posted January 23, 2011 Theres my code: (* means error line) <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <table border="0"> <tr><td>Username:</td><td> <input type="text" name="usernamebox" maxlength="60"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="passbox" maxlength="60"> </td></tr> <tr><th colspan=2><input type="submit" name="submit" value="Login"><input type="reset" class="knapper" name="slet" value="Reset" /></th></tr> </table> </form></center> <?php session_start(); $conn = mysql_connect("localhost", "root", ""); mysql_select_db("phpdb"); *$username_string = $_POST['usernamebox']; *$userpassword_string = $_POST['passbox']; $query = sprintf("SELECT NULL FROM memberlist WHERE Username = '%s' AND Password = '%s'", mysql_real_escape_string($username_string), mysql_real_escape_string($userpassword_string)) or die(mysql_error()); $result = mysql_query($query); if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; $message .= 'Whole query: ' . $query; die($message); } if (mysql_num_rows($result) > 0){ $_SESSION['loggedin'] = 1; *$_SESSION['username'] = $_POST['usernamebox']; *$_SESSION['password'] = $_POST['passwordbox']; } else { echo "<h1>Invalid login!</h1> <p>The login was unvalid, either the password didnt match the username. Else the user isn't registered. Try again</p>"; } ?> Errors is attached [attachment deleted by admin] Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted January 23, 2011 Share Posted January 23, 2011 You have the logic backwards. You should have the php code before the form is echoed, and check to see if the form has been submitted before allowing the code to run. The notices above are all caused by attempting to use the values in the $_POST array before the form has been submitted. I've commented the code; see if it makes sense to you. <?php session_start(); if( $_POST['submitted'] === 'yes' ) { // Check for added hidden field to see if form has been submitted, if not don't execute code. $conn = mysql_connect("localhost", "root", ""); mysql_select_db("phpdb"); array_map('trim', $_POST); // run the $_POST array through trim() to get rid of extra whitespace $username_string = !empty($_POST['usernamebox']) ? $_POST['usernamebox'] : ''; // If $_POST['usernambox'] has a value, assign it to $uername_string $userpassword_string = !empty($_POST['passbox']) ? $_POST['passbox'] : ''; // If $_POST['passbox'] has a value, assign it to $userpassword_string $query = sprintf("SELECT NULL FROM memberlist WHERE Username = '%s' AND Password = '%s'", mysql_real_escape_string($username_string), mysql_real_escape_string($userpassword_string)) or die(mysql_error()); $result = mysql_query($query); if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; $message .= 'Whole query: ' . $query; die($message); } if (mysql_num_rows($result) > 0) { $_SESSION['loggedin'] = 1; $_SESSION['username'] = $username_string; // use the variables that already have the trim()med values assigned, rather than $_POST values $_SESSION['password'] = $userpassword_string; // not a great idea to store a password in a $_SESSION variable } else { echo "<h1>Invalid login!</h1> <p>The login was unvalid, either the password didnt match the username. Else the user isn't registered. Try again</p>"; } } ?> <form action="" method="post"> <table border="0"> <tr><td>Username:</td><td> <input type="text" name="usernamebox" maxlength="60"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="passbox" maxlength="60"> <input type="hidden" name="submitted" value="yes"><!-- ADDED HIDDEN FIELD TO BETTER TEST FOR FOR SUBMISSION --> </td></tr> <tr><th colspan=2><input type="submit" name="submit" value="Login"><input type="reset" class="knapper" name="slet" value="Reset" /></th></tr> </table> </form></center> Quote Link to comment Share on other sites More sharing options...
Niixie Posted January 23, 2011 Author Share Posted January 23, 2011 Why isn't there any detailed tutorial on how to make a login system in php? -How to store variables so they can be used in all pages etc. I'd like that... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.