Jump to content

Display error message on a login page


Silent_Symon

Recommended Posts

Hello all, my first post after joining this very informative site, unfortunatly I was unable to find the answer to my simple yet frastrating dilemma.

 

I am in the process of building a website that will enable users to log-in through a dedicated loginU.php page, I have all of this working but I would like to display an error message on this page saying if the user has entered a wrong username/password, I have the message displaying on a blank white page, but I would like it to be displayed within the container I have created. the validation code is contained within a different login.php file.

 

At the moment I am using an iframe to display the messages, which I know is not the right way to do it, so am asking for a better way to do it. here is what I have so far:

 

loginU.php

<div id = "div-Login">
<form action="login.php"  method="POST" target="loginerror">
<center><h2>Login Here</h2> <p>
Username:  <input type="text" name="username"><p>
Password:  <input type="password" name="password"><p>
<input type="submit" name="submit" value="Login">
</center>
<a href="register.html"><pre>need to register? Click Here!</pre></a>
</form>

<iframe name="loginerror" style="border: 0px; width: 200px; height: 100px; overflow: hidden;" src="login.php"></iframe>
</div>

 

login.php

if ($username==$dbusername&&$enc_password==$dbpassword) //if the username & encrpyted password matches the records in the database
{
if($admin !=0) //if the admin flag is true
{
$_SESSION['level']='ADMIN';//admin is logging in
header ("Location: admin.php"); //the user is an admin, direct to admin page
}
else
header ("Location: index.php"); //user is a customer, direct user to index page
$_SESSION['username']=$dbusername; //set the session name to the database record username.
}
else 
//$nopass='TRUE'; 
//header ("location: loginU.php"); 
echo "Incorrect Password, Please try again"; // if incorrect password
}
else
die ("That username doesn't exist"); // if user doesn't exist
}
else
die ("Please enter a username and password"); //if either field is empty

?>

Link to comment
Share on other sites

One solution, that I typically use, is to have form pages post to themselves. Then if there are any errors I dimply re-display the form with the previously submitted data and include the error message on the page. If validation passes, then I include the script to process the data.

Link to comment
Share on other sites

There are a couple things I was not clear about like how are you getting your level and validating the information.... Are you going through a database If you are let me know and I can tweak the code I just did for you if not hopefully you can tweak it the way you need.

<?php
session_start();
//First off let me state you should not make yours errors say that the username does not exist
//I Would just say Incorrect Username/Password

//Create Error Array 
$LErrors = array();
//Create Array With User Info
$UserInfo = array(
"Username" => $_GET['username'],
"Password" => $_GET['password']
);
if (isset($_POST['submit'])) {
foreach ($UserInfo as $key => $val) {
	$val = mysql_real_escape_string($val);
	if ($key == "Password") {
		//encrypt your password if you like
		//I like to use hash
		//${$key} = hash("SHA256",$val);
	}
	if ($val == '') {
		$LErrors[] = "{$key}: is not allowed to be empty!"
	} else {
		${$key} = $val;
	}
}
//check if there are errors
if (empty($LErrors)) {
	//check if user information is correct
	if ($Username == $dbusername && $Password == $dbpassword) {
		//check if user is an admin
		$_SESSION['Username'] = $Username;
		if ($admin != 0) {
			$_SESSION['Level'] = "ADMIN";
			header("Location: admin.php");
		}
		header("Location: index.php"); 
	} else {
		$LErrors[] = "Incorrect Username/Password!";
	}
} else {
	foreach ($LErrors as $val) {
		echo "<li>{$val}</li>";
	}
	echo "<div id=\"div-Login\">
	<form action=\"\"  method=\"post\" target=\"loginerror\">
	<center><h2>Login Here</h2> <p>
	Username:  <input type=\"text\" name=\"username\"><p>
	Password:  <input type=\"password\" name=\"password\"><p>
	<input type=\"submit\" name=\"submit\" value=\"Login\">
	</center>
	<a href=\"register.html\"><pre>need to register? Click Here!</pre></a>
	</form>
	</div>";
}
} else {
echo "<div id=\"div-Login\">
<form action=\"\"  method=\"post\" target=\"loginerror\">
<center><h2>Login Here</h2> <p>
Username:  <input type=\"text\" name=\"username\"><p>
Password:  <input type=\"password\" name=\"password\"><p>
<input type=\"submit\" name=\"submit\" value=\"Login\">
</center>
<a href=\"register.html\"><pre>need to register? Click Here!</pre></a>
</form>
</div>";
}

Link to comment
Share on other sites

Hi all, I've included some optimized PHP to the loginU.php page, it is now calling itself when the user tries to log on, the error messages are now displaying but if the user enters a correct username and password it still goes back to the LoginU.php page and not to where it should go.

 

It's weird as the same code works when in an external .php file, but then the errors don't work, anyone have this problem before?

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.