Jump to content

Recommended Posts

When I enter a combo of username/password credentials, the form isn't redirecting as it should

<?php

 

include('config.php');

 @ob_start();

if (isset($_POST['submit']))

{

$username= $_POST['username'];

$password= $_POST['password'];

$myusername = mysql_real_escape_string($username);

$mypassword = mysql_real_escape_string($password);  

 

 

 

$sql="SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";

$result= mysql_query($sql) or die(mysql_error());

$row= mysql_fetch_array($result);

 

 

$count=mysql_num_rows($result);

 

 

// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1)

{

header('Location: welcome.php');

 

//header("Location: welcome.php");

 

 

}

}

else {

?>

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Login Page</title>

 

<style type="text/css">

body

{

font-family:Arial, Helvetica, sans-serif;

font-size:14px;

 

}

label

{

font-weight:bold;

 

width:100px;

font-size:14px;

 

}

.box

{

border:#666666 solid 1px;

 

}

</style>

</head>

<body bgcolor="#FFFFFF">

 

 

<div align="center">

<div style="width:300px; border: solid 1px #333333; " align="left">

<div style="background-color:#333333; color:#FFFFFF; padding:3px;"><b>Login</b></div>

 

 

<div style="margin:30px">

 

<form action="" method="post">

<label>UserName  :</label><input type="text" name="username" class="box"/><br /><br />

<label>Password  :</label><input type="password" name="password" class="box" /><br/><br />

<input type="submit" value=" Submit " name="submit"/><br />

 

</form>

<div style="font-size:11px; color:#cc0000; margin-top:10px"></div>

</div>

</div>

</div>

</body>

<?php } ?>

</html>

Link to comment
https://forums.phpfreaks.com/topic/285553-login-form-not-working/
Share on other sites

Also note that you could skip the mysql_num_rows() function altogether. The mysql_fetch_array() function returns false when there are no rows. Otherwise, it returns a value which will equate to true.

// If result matched $myusername and $mypassword, table row must be 1 row
if($row = mysql_fetch_array($result)) {
     header('Location: welcome.php');
     exit;
}
Still not working for me, this is my code with your suggestion

<?php

 

include('config.php');

 @ob_start();

if (isset($_POST['submit']))

{

$username= $_POST['username'];

$password= $_POST['password'];

$myusername = mysql_real_escape_string($username);

$mypassword = mysql_real_escape_string($password);  

 

 

 

$sql="SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";

$result= mysql_query($sql) or die(mysql_error());

$row= mysql_fetch_array($result);

 

 

 

 

 

// If result matched $myusername and $mypassword, table row must be 1 row

if($row = mysql_fetch_array($result)) {

     header("Location: welcome.php");

    

}

}

else {

?>

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Login Page</title>

 

<style type="text/css">

body

{

font-family:Arial, Helvetica, sans-serif;

font-size:14px;

 

}

label

{

font-weight:bold;

 

width:100px;

font-size:14px;

 

}

.box

{

border:#666666 solid 1px;

 

}

</style>

</head>

<body bgcolor="#FFFFFF">

 

 

<div align="center">

<div style="width:300px; border: solid 1px #333333; " align="left">

<div style="background-color:#333333; color:#FFFFFF; padding:3px;"><b>Login</b></div>

 

 

<div style="margin:30px">

 

<form action="" method="post">

<label>UserName  :</label><input type="text" name="username" class="box"/><br /><br />

<label>Password  :</label><input type="password" name="password" class="box" /><br/><br />

<input type="submit" value=" Submit " name="submit"/><br />

 

</form>

<div style="font-size:11px; color:#cc0000; margin-top:10px"></div>

</div>

</div>

</div>

</body>

<?php } ?>

</html>

Your calling mysql_fetch_array() twice. The first one processes the row leaving the second one with no results. Remove the first function call.

$sql="SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
$result= mysql_query($sql) or die(mysql_error());
$row= mysql_fetch_array($result);  //<-- REMOVE THIS
 
 
 
// If result matched $myusername and $mypassword, table row must be 1 row
if($row = mysql_fetch_array($result)) {
     header("Location: welcome.php");
     exit;
    
}
 
 
Also, remember to add the call to "exit" after the header() function.
<?php

 

include('config.php');

 @ob_start();

if (isset($_POST['submit']))

{

$username= $_POST['username'];

$password= $_POST['password'];

$myusername = mysql_real_escape_string($username);

$mypassword = mysql_real_escape_string($password);  

 

 

 

$sql="SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";

$result= mysql_query($sql) or die(mysql_error());

 

// If result matched $myusername and $mypassword, table row must be 1 row

if($row = mysql_fetch_array($result)) {

     header("Location: welcome.php");

     exit;

}

}

else {

?>

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Login Page</title>

 

<style type="text/css">

body

{

font-family:Arial, Helvetica, sans-serif;

font-size:14px;

 

}

label

{

font-weight:bold;

 

width:100px;

font-size:14px;

 

}

.box

{

border:#666666 solid 1px;

 

}

</style>

</head>

<body bgcolor="#FFFFFF">

 

 

<div align="center">

<div style="width:300px; border: solid 1px #333333; " align="left">

<div style="background-color:#333333; color:#FFFFFF; padding:3px;"><b>Login</b></div>

 

 

<div style="margin:30px">

 

<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">

<label>UserName  :</label><input type="text" name="username" class="box"/><br /><br />

<label>Password  :</label><input type="password" name="password" class="box" /><br/><br />

<input type="submit" value=" Submit " name="submit"/><br />

 

</form>

<div style="font-size:11px; color:#cc0000; margin-top:10px"></div>

</div>

</div>

</div>

</body>

<?php } ?>

</html>

 

Removed the conflicting $row and added exit; yet it is still not working.

Edited by Andrew12313413

Did you try displaying the POST variables to see if they contain what you expect? For example, you could trying something like this:

<?php
print '<pre>' . print_r($_POST, true) . '</pre>';
 
 
include('config.php');
 @ob_start();
if (isset($_POST['submit']))
//...
?>
 
Note that you'll probably see some errors when the form first appears. But the form information should be displayed once the form is submitted.
 
Also note that you'll want to check out the following article regarding the use of PHP_SELF as the form action:

Corrections: Using a separate file for login check: processlogin.php

 

Here the code for that:

 

<?php
include('config.php');
 @ob_start();
if (isset($_POST['submit']))
{
$username= $_POST['username'];
$password= $_POST['password'];
$myusername = mysql_real_escape_string($username);
$mypassword = mysql_real_escape_string($password);  
 
 
 
$sql="SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
$result= mysql_query($sql) or die(mysql_error());
 
// If result matched $myusername and $mypassword, table row must be 1 row
if($row = mysql_fetch_array($result)) {
     header("Location: welcome.php");
     exit;
}
}
 
           i used the following function and it returned the username/password as an array, print '<pre>' . print_r($_POST, true) . '</pre>';
So I'm guessing that there must be something I'm not seeing in my SQL exec

Thanks for your continued help on this.

 

No problem :)

 

Have you tried echoing something inside the if construct? For example

<?php
include('config.php');
// @ob_start();
if (isset($_POST['submit'])) {
 
     echo 'here';
 
     //...

If it displays "here", try displaying the SQL query:

$sql = "SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
echo $sql;

I removed the @ob_start(); 

 

<?php
include('config.php');
if (isset($_POST['submit']))
{
$username= $_POST['username'];
$password= $_POST['password'];
$myusername = mysql_real_escape_string($username);
$mypassword = mysql_real_escape_string($password);  
 
 
 
$sql="SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
$result= mysql_query($sql) or die(mysql_error());
 
// If result matched $myusername and $mypassword, table row must be 1 row
if($row = mysql_fetch_array($result)) {
     header("Location: welcome.php");
     exit;
}
}
?>
 
I'm still seeing a blank page @processlogin.php

Note that you can check if the query returned matches by adding the echo statement below:

//...
 
$result= mysql_query($sql) or die(mysql_error());
 
echo 'Number of matches: ' . mysql_num_rows($result);
 
// If result matched $myusername and $mypassword, table row must be 1 row
if($row = mysql_fetch_array($result)) {
     header("Location: welcome.php");
     exit;
}
 
 
//...

I tried that, but the form isn't even doing anything, it should display processlogin.php

Here's the code I have:

 

<?php
include('config.php');
if (isset($_POST['submit']))
{
$username= $_POST['username'];
$password= $_POST['password'];
$myusername = mysql_real_escape_string($username);
$mypassword = mysql_real_escape_string($password);  
 
 
 
$sql="SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
$result= mysql_query($sql) or die(mysql_error());
 
echo 'Number of matches:' . mysql_num_rows($result);
 
// If result matched $myusername and $mypassword, table row must be 1 row
if($row = mysql_fetch_array($result)) {
     header("Location: welcome.php");
     exit;
}
}
?>

you have stated the form isn't doing anything, apparently not going to the processlogin.php page AND you have echoed the $sql variable and it contains what you expect. both of those events cannot be occurring at the same time.

 

what is your current form and current form processing code and please start posting any code from each file using the forum's


bbcode tags (the edit form's <> button).

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.