Jump to content

Unable to Login after Successfully Registering


Imtiyaaz
Go to solution Solved by Ch0cu3r,

Recommended Posts

Hi

Im having trouble logging into the live site. The below works perfectly in my testing environment but as soon as I test it on the live domain when I enter in the login details and submit it just clears the login form and does not login. I have checked the database after registering an account and it store the username and encrypted pass just as it stores it in my testing database. Any help will be appreciated.

My register.php is as follows:

<?php 
 include('connect.php'); 
//Define variable submitted by the form 
$Register = $_POST['register']; 
$title = $_POST['title']; 
$name = $_POST['name']; 
$surname = $_POST['surname']; 
$email = $_POST['email']; 
$username = $_POST['username']; 
$password1 = $_POST['password']; 
$password2 = $_POST['conf_password']; 

$EncPass = sha1($password1); 


if (isset($_POST['register'])) { //check if submit button was selected 
    if($name == "" or $surname == "" or $username == "" or $password1 == "" or $password2 == ""){  //check if fields in the form is empty 
            echo "<p align = 'center'>Please enter all required fields</p>"; 
        } 
        else{ 
  
$result = mysqli_query($connection,"SELECT username FROM member WHERE username='$username'"); //selects the username from the user table in the database that is the same as the username submitted by the form 
  
$num_rows = mysqli_num_rows($result); //checks the number of rows with this username 
  
if($num_rows > 0){ //if number of rows is more than 0, the below will be displayed 
echo "<p align='center'>The user $username already exists! Proceed to <a href=login.php>Login</a></p>"; 
  
  
} 
else{ 
if($password1 == $password2){ //check if the passwords match 
//Create query 
$query = "INSERT INTO member (title, name, surname, email, username, password) VALUES ('$title', '$name', '$surname', '$email', '$username', '$EncPass')"; //inserts the data that was entered in the form into the user table
$result = mysqli_query($connection,$query); 
if($result){ //if the query is successful, the below will be displayed 
echo "<p align='center'>Registration Succesful. Proceed to <a href=index.php>Login</a>!</p>"; 
} 
  
} 
else{ 
echo "<p align='center'>The Passwords does not match! Please try again</p>"; //Print a message to the user that passwords do no match 
  
} 
} 
} 
} 

  
?>

index.php: 

<?php 
include('connect.php'); 
//Define variable submitted by the form    
$Login = $_POST['login']; 
$username = $_POST['username']; 
$password1 = $_POST['password']; 

$EncPass = sha1($password1); 
      
if (isset($_POST['login'])) { //if submit button is clicked, the below query will run 
   $result = mysqli_query($connection,"SELECT * FROM member WHERE username='$username' AND password='$EncPass'"); //query to check if username and password matches what is stored in the user table 
  
    if($result) { 
        if(mysqli_num_rows($result)) { 
        session_start(); // start a session 
           $_SESSION['username'] = "$username"; //store username in the session 
           header("location:members_area.php"); // redirects to the members area 
      
    } 
    else 
            echo "<p align = 'center'>Incorect login! Please try again, or proceed to <a href='register.php'> Register </a></p>";
    } 
      
      
} 
      
      
?>
Link to comment
Share on other sites

 

enter in the login details and submit it just clears the login form

By that do you mean it displays a blank page? A blank page usually indicates an error. On production servers error reporting is usually turned off by default. To see if there is an error check your servers error log or at the top your php page change   <?php to

<?php
display_errors(TRUE);
error_reporting(E_ALL);

To enable error reporting.

Edited by Ch0cu3r
Link to comment
Share on other sites

By that do you mean it displays a blank page? A blank page usually indicates an error. On production servers error reporting is usually turned off by default. To see if there is an error check your servers error log or at the top your php page change   <?php to

<?php
display_errors(TRUE);
error_reporting(E_ALL);

To enable error reporting.

Hi

 

It does not give a blank page. Its gives the same page but just clears the form after I click the submit button. I have echoed out the $username and $EncPass after the below line and it gave the correct username and password. Could it be a browser issue? I was testing on firefox

if (isset($_POST['login'])) { //if submit button is clicked, the below query will run 
   $result = mysqli_query($connection,"SELECT * FROM member WHERE username='$username' AND password='$EncPass'"); //query to check if username and password matches what is stored in the user table

to me it seem the problem lies somewhere here:

if($result) { 
        if(mysqli_num_rows($result)) { 
        session_start(); // start a session 
           $_SESSION['username'] = "$username"; //store username in the session 
           header("location:members_area.php"); // redirects to the members area 
      
    } 
    else 
            echo "<p align = 'center'>Incorect login! Please try again, or proceed to <a href='register.php'> Register </a></p>";
    } 

but I cannot understand why it works on the testing server on not on the live site. It does not even print the line Incorect login! Please try again, or proceed to <a href='register.php'> Register </a>

Link to comment
Share on other sites

What line is  session_start(); on? Are you displaying your login form before this line?

 

session_start and header() cannot be used if you are outputting anything before the use of these functions. To see if PHP is failing on calling this function, enable error reporting at the top of your script - as I showed you earlier.

 

It probably worked ok on your development server because you had a setting called output buffering on, whereas your live site has this setting off. When developing you should always configure your development environment to be as close to your live production environment. So when you go to run your code on your live server there shouldn't any issues with your PHP code as you would of identified these issues earlier on.

Edited by Ch0cu3r
Link to comment
Share on other sites

  • Solution

Yes that is the problem.

 

When processing any kind of input you should always process it before you start outputting anything to the browser.  The order of your code logic should be input -> process -> output.

<?php

/* INPUT */
if(isset($_POST['login']))
{
    /* PROCESS */
   
    // query database
    // make sure username and password matches a record
    // set anY sessions variables required
    // redirect user

    // if database did not match any record set any errors to a variable
    // display errors near the login form
}

/* OUTPUT */
?>
<!-- now we output the login page -->
<html>
...

<!-- login form -->
<form>
 <span><!-- display any errors --></span>
 ...
</form>
</form>

...
</html>
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.