Artur Posted October 19, 2014 Share Posted October 19, 2014 Hallo I have a problem. This is my code: <?php include 'connect.php'; ?> <html> <head> <title>Admin Insert page!</title> </head> <body> <?php error_reporting(-1);ini_set('display_errors',1); if (isset($_POST['submit'])){ $name = $_POST['name']; $password = $_POST['password']; $result = mysql_query("SELECT * FROM users WHERE user='$name' AND password='$password'"); $num = mysql_num_rows($result); if($num == 0){ echo "Bad login, go <a href='login.php'>back</a>"; }else{ session_start(); $_SESSION['name'] = $name; header("Location: admin.php"); } }else{ ?> <form action='login.php' methody='post'> Username: <input type='text' name='name'/><br /> Password: <input type='password' name='password'/><br /> <input type='submit' name='submit' value='Login' /> </body> </html> I try to use console to find the problem but I didn't.... I know that there is some problem with $num Can somebody help me? Thank you. Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/ Share on other sites More sharing options...
ginerjm Posted October 19, 2014 Share Posted October 19, 2014 How do you KNOW there is a problem with num? Are you getting an error? Try turning on error checking first. Maybe you will see an error. Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/#findComment-1494181 Share on other sites More sharing options...
Artur Posted October 19, 2014 Author Share Posted October 19, 2014 Yes my problem was: <?php }?> at the line 30 =] Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/#findComment-1494188 Share on other sites More sharing options...
ginerjm Posted October 19, 2014 Share Posted October 19, 2014 Are you messing with me? That string of chars isn't even IN this code! WHAT was the problem please? Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/#findComment-1494190 Share on other sites More sharing options...
QuickOldCar Posted October 19, 2014 Share Posted October 19, 2014 You should not be using any mysql_* functions, instead use mysqli_* or PDO Saving the raw password into a database is not good either, but at least escape any data inserting into mysql. Try this <?php error_reporting(E_ALL | E_NOTICE); ini_set('display_errors',1); session_start(); include('connect.php'); if (isset($_POST['name']) && trim($_POST['name']) != '' && isset($_POST['password']) && trim($_POST['password']) != ''){ $name = trim($_POST['name']); $password = trim($_POST['password']); $escape_name = mysql_real_escape_string($name); $escape_password = mysql_real_escape_string($password); $result = mysql_query("SELECT * FROM users WHERE user='{$escape_name}' AND password='{$escape_password}'"); if($result){ $_SESSION['name'] = $name; header("Location: admin.php"); exit(); } }else{ ?> <html> <head> <title>Admin Insert page!</title> </head> <body> <form action='login.php' methody='post'> Username: <input type='text' name='name'/><br /> Password: <input type='password' name='password'/><br /> <input type='submit' name='submit' value='Login' /> </body> </html> <?php } ?> Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/#findComment-1494195 Share on other sites More sharing options...
QuickOldCar Posted October 19, 2014 Share Posted October 19, 2014 Found the issue <form action='login.php' methody='post'> <?php error_reporting(E_ALL | E_NOTICE); ini_set('display_errors',1); session_start(); include('connect.php'); if (isset($_POST['name']) && trim($_POST['name']) != '' && isset($_POST['password']) && trim($_POST['password']) != ''){ $name = trim($_POST['name']); $password = trim($_POST['password']); $escape_name = mysql_real_escape_string($name); $escape_password = mysql_real_escape_string($password); $result = mysql_query("SELECT * FROM users WHERE user='{$escape_name}' AND password='{$escape_password}'"); if($result){ $_SESSION['name'] = $name; header("Location: admin.php"); exit(); }else{ header("Location: login.php"); exit(); } }else{ ?> <html> <head> <title>Admin Insert page!</title> </head> <body> <form action='login.php' method='post'> Username: <input type='text' name='name'/><br /> Password: <input type='password' name='password'/><br /> <input type='submit' name='submit' value='Login' /> </body> </html> <?php } ?> Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/#findComment-1494197 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.