Syst3m Posted October 18, 2014 Share Posted October 18, 2014 (edited) Hey so this is my login script but when i enter something into the username and password box and submit it, the page just refreshes. <?php echo " <h1>LOGIN</h1> <form action='' method='POST'> <table> <tr> <td> <b>Username:</b> </td> <td> <input type='text' name='username' placeholder='Enter your username'> </td> </tr> <tr> <td> <b>Password:</b> </td> <td> <input type='password' name='password' placeholder='Enter your password'> </td> <td> <input type='submit' value='login' name='submit'> </td> </tr> </form> "; $host = "localhost"; $username = "root"; $password = ""; $db_name = "website"; mysql_connect("$host", "$username", "$password") or die("Could not connect"); mysql_select_db("$db_name") or die("Could not find database"); if(isset($_POST['submit'])) { if(!empty($_POST['username'])) { $sql = "SELECT * FROM members WHERE username='$username' AND password='$password'"; $result = mysql_query($sql); $count = mysql_num_rows($result); if($count==1) { $row = mysql_fetch_array($sql); $bancheck = mysql_query($row); if($row['active']==0 && count==0) { include 'userban.html'; } else if($count==1 && $bancheck==1) { $_SESSION['username'] = "$username"; include '/home/user/index.php'; } else { echo "You entered invalid information"; } } } } ?> Edited October 19, 2014 by Ch0cu3r Quote Link to comment https://forums.phpfreaks.com/topic/291911-php-login-script-need-help-please/ Share on other sites More sharing options...
jcbones Posted October 18, 2014 Share Posted October 18, 2014 (edited) 1. Don't use mysql functions, they are depreciated. Use PDO or mysqli. 2. You are not sanitizing any inputs, this is bad, and can lead to server hijacks. 3. You do not have error checking or display errors set (you should have this enabled for all development), or you would see multiple problems with this code. Top of script error_reporting(-1);ini_set('display_errors',1); 4. You are checking each username against your database password. 5. You are trying to query the database with an array from the database. $row = mysql_fetch_array($sql);$bancheck = mysql_query($row); 6. You are trying to use a constant that hasn't been defined, perhaps you mean it to be a variable (php will try to interpret it as a string, which means it will always fail in this instance). if($row['active']==0 && [b]count[/b]==0) { That is all I see at a quick glance. Edited October 18, 2014 by jcbones Quote Link to comment https://forums.phpfreaks.com/topic/291911-php-login-script-need-help-please/#findComment-1494107 Share on other sites More sharing options...
Syst3m Posted October 19, 2014 Author Share Posted October 19, 2014 (edited) I am now getting this error Catchable fatal error: Object of class mysqli could not be converted to string in /home/nebulafiles/public_html/testlog.php on line 11 <?phperror_reporting(-1);ini_set('display_errors',1); $host = "localhost"; $username= "nebulafi_syst3m"; $password = "Kuxx#Hd6u9gC"; $db_name = "nebulafi_syst3m"; $connect = mysqli_connect("$host", "$username", "$password")or die("Connection Failed."); $selectdb = mysqli_select_db("$db_name", "$connect")or die("DB Not Found."); ?> <html> <h1>LOGIN</h1> <form action='' method='POST'> <table> <tr> <td> <b>Username:</b> </td> <td> <input type='text' name='username' placeholder='Enter your username'> </td> </tr> <tr> <td> <b>Password:</b> </td> <td> <input type='password' name='password' placeholder='Enter your password'> </td> <td> <input type='submit' value='login' name='submit'> </td> </tr> </form> </html> Edited October 19, 2014 by Ch0cu3r Quote Link to comment https://forums.phpfreaks.com/topic/291911-php-login-script-need-help-please/#findComment-1494166 Share on other sites More sharing options...
ginerjm Posted October 19, 2014 Share Posted October 19, 2014 That means that the connect failed. Also you didn't finish your table. Quote Link to comment https://forums.phpfreaks.com/topic/291911-php-login-script-need-help-please/#findComment-1494167 Share on other sites More sharing options...
Ch0cu3r Posted October 19, 2014 Share Posted October 19, 2014 Using mysqli is not as simple as just placing i infront of mysql in the function names. Look at the mysqli documentation for how to use it correctly. Also please wrap code within tags when pasting code. Quote Link to comment https://forums.phpfreaks.com/topic/291911-php-login-script-need-help-please/#findComment-1494168 Share on other sites More sharing options...
Syst3m Posted October 19, 2014 Author Share Posted October 19, 2014 ok Quote Link to comment https://forums.phpfreaks.com/topic/291911-php-login-script-need-help-please/#findComment-1494170 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.