Log in not working

[Fredundant14]

Its been a long time since I coded.

 

Okay so I've created a register and log in form.

 

The problem:

People dont need to enter details. They can leave the log in form blank, click submit and says they have logged in.

They can enter any details and the same happens.

 

The register form:

<HTML>
<head><title>Scarborough Music Nights</title>
<link rel='stylesheet' href='layout.css'>
</head>
<body bgcolor="#ffffff">
<img src="headerpage.jpg">
<br>
<div class="navbar">
<div class="button"><a href="index.html">Home</a></div>
<div class="button"><a href="register.php">Register</a></div>
<div class="button"><a href="login.html">Login</a></div>
<div class="button"><a href="events.html">Events</a></div>
<div class="button"><a href="gallery.html">Gallery</a></div>
<div class="button"><a href="links.html">Links</a></div>
<div class="button"><a href="contact.html">Contact Me</a></div>
<div class="button"><a href="Advertise.html">Advertise</a></div>
</div>

<div class="frame">

<frameset cols="25%,75%" noresize="noresize">

</body>

<?php
  //include("header.php");

  //can we use mysql?
  if(!function_exists('mysql_connect')) die("MySQL extension not enabled");

  //connect to mysql server
  mysql_pconnect('HIDDEN','HIDDEN','HIDDEN') or die(mysql_error());
  mysql_select_db('HIDDEN_HIDDEN') or die(mysql_error());

  //find our script name
  $script = $_SERVER['PHP_SELF'];
?>
<h1>
<FONT FACE="Arial, Helvetica, Geneva"> 


<?php
  //are we being posted to?
  if($_SERVER['REQUEST_METHOD'] == "POST"){
    //yes! set our variables
    
    $first_name = (isset($_POST['first_name'])) ? mysql_real_escape_string($_POST['first_name']) : '';
    $last_name = (isset($_POST['last_name'])) ? mysql_real_escape_string($_POST['last_name']) : '';
    $email = (isset($_POST['email'])) ? mysql_real_escape_string($_POST['email']) : '';
    $username = (isset($_POST['username'])) ? mysql_real_escape_string($_POST['username']) : '';
    $password = (isset($_POST['password'])) ? mysql_real_escape_string($_POST['password']) : '';
    $verify = (isset($_POST['verify'])) ? mysql_real_escape_string($_POST['verify']) : '';
    

    //verify password start
    
     if($password != $verify) {
     die ('Sorry, The passwords you entered didn\'t match<br>Please use your browsers back button to try again');
     }
    
    //verify password ends
    
    if($username != '' && $password != ''){
      //database stuff: insert a new user
      
      
      if (strlen($password) < 6) {
   $error = "Your password must be at least 6 characters long.";
   }
      
      
      $sql = "INSERT INTO db_1 (first_name, last_name, email, username, password) VALUES('$first_name', '$last_name', '$email', '$username', '$password')";
      mysql_query($sql) or die(mysql_error());
?>
<FONT FACE="Arial, Helvetica, Geneva">
thanks for registering.
<a href="login.php">Login</a>
</FONT>
<?php
    }else{
      //they didn't fill something in
      $error = true;
    }
  }
  if(isset($error) || $_SERVER['REQUEST_METHOD'] != "POST"){
    //show the form

?>
<table width='100%'>
<table width='100%'>
<form method="post" action="<?php echo $script; ?>">
<tr><td align=center>
    <table>
    <tr><td>
    <table>
    <tr><td>
  fisrt name:</td><td><input type="text" name="first_name" />
  </td></tr>
    <tr><td>last name:</td><td><input type="text" name="last_name" />
  </td></tr>
    <tr><td>email address:</td><td><input type="text" name="email" />
  </td></tr>
    <tr><td>username:</td><td> <input type="text" name="username" />
  </td></tr>
    <tr><td>password: (minimum 6 characters)</td><td>  <input type="password" name="password" />
</td></tr>
    <tr><td> verify password:</td><td><input type="password" name="verify" />
   </table>
    </td></tr>
    <tr><td align=center>
  <input type="submit" value="Register" />
</table>
    </td></tr>
    </form>
    </table>


<?php } ?> 


</body>
</html>

 

Then the log in form:

HTML:

<HTML>
<head><title>Scarborough Music Nights</title>
<link rel='stylesheet' href='layout.css'>
</head>
<body bgcolor="#ffffff">
<img src="headerpage.jpg">
<br>
<div class="navbar">
<div class="button"><a href="index.html">Home</a></div>
<div class="button"><a href="register.php">Register</a></div>
<div class="button"><a href="login.html">Login</a></div>
<div class="button"><a href="events.html">Events</a></div>
<div class="button"><a href="gallery.html">Gallery</a></div>
<div class="button"><a href="links.html">Links</a></div>
<div class="button"><a href="contact.html">Contact Me</a></div>
<div class="button"><a href="Advertise.html">Advertise</a></div>

</div>

<div class="frame">

<frameset cols="25%,75%" noresize="noresize">
<table width='100%'> 
    <form method='POST' action='redirect.html'> 
    <tr><td align=center> 
    <table> 
    <tr><td> 
    <table> 
    <tr><td>Login:</td><td><input type='text'
        name='username' size='15'></td></tr> 
    <tr><td>Password:</td><td><input
        type='password' name='password' size='15'></td></tr> 
    </table> 
    </td></tr> 
    <tr><td align=center><input type='submit' name='ok'
        value='Enter'></td></tr> 
    </table> 
    </td></tr> 
    </form> 
    </table> 

</html>

 

The PHP

<HTML>
<head><title>Scarborough Music Nights</title>
<link rel='stylesheet' href='layout.css'>
</head>
<body bgcolor="#ffffff">
<img src="headerpage.jpg">
<br>
<div class="navbar">
<div class="button"><a href="index.html">Home</a></div>
<div class="button"><a href="register.php">Register</a></div>
<div class="button"><a href="login.html">Login</a></div>
<div class="button"><a href="events.html">Events</a></div>
<div class="button"><a href="gallery.html">Gallery</a></div>
<div class="button"><a href="links.html">Links</a></div>
<div class="button"><a href="contact.html">Contact Me</a></div>
<div class="button"><a href="Advertise.html">Advertise</a></div>

</div>

<div class="frame">

<frameset cols="25%,75%" noresize="noresize">


<?
session_start(); //initialize session mechanism

if(!isset($_POST['ok'])) {
// if the form is not completed, display it
    echo"
   
   
   
   
    <table width='100%'>
    <form method='POST' action='login.php'>
    <tr><td align=center>
    <table>
    <tr><td>
    <table>
    <tr><td>Login:</td><td><input type='text'
        name='username' size='15'></td></tr>
    <tr><td>Password:</td><td><input
        type='password' name='password' size='15'></td></tr>
    </table>
    <table>
    <tr><td>
    </td></tr>
    <tr><td align=center><input type='submit' name='ok'
        value='Enter'></td></tr>
    </table>
    </td></tr>
    </form>
    </table>
    ";
}
else{    
    //supposed that user data
    //is saved in database, in users table, that includes id, login, pass fields

    $db=mysql_pconnect(ALL HIDDEN) or die(mysql_error());
  mysql_select_db(HIDDEN) or die(mysql_error());
    
    //check if there is a user with such login and password
    $res=mysql_query("SELECT * FROM users WHERE username='".$_POST['username']."'
        AND password='".$_POST['password']."'", $db);
    if(mysql_num_rows($res)!=1){    //such user doesn?t exist
        echo "Incorrect login and password";
    }
    else{    //user is found
        $_SESSION['username']=$_POST['username'];    //set login & pass
        $_SESSION['password']=$_POST['password'];
        header("Location: index.php");    // redirect him to home
    }
    
    mysql_close();
}
?>
</body>
</html>

 

Can you see where I'm going wrong?

[Pikachu2000]

Do you have error reporting set up by setting the following directives in your PHP.ini file, and restarting apache?

 

error_reporting = -1

display_errors = On

[Fredundant14]

Unfortunately not possible as its not my server.

[Pikachu2000]

That's unfortunate. Not knowing if there are errors makes debugging quite difficult. The best thing would be to set up a local development environment by installing MAMP/WAMP/LAMP depending on your OS. In the meantime, you can add these lines to your scripts.

 

Ini_set('display_errors', 'On');

error_reporting(-1);

[Fredundant14]

I used to have WAMP set up. It's been a while. I'll add those lines thank you when I get back to the desk.