Artur Posted October 19, 2014 Share Posted October 19, 2014 (edited) Hallo I have a problem. This is my code: <?php include 'connect.php'; ?> <html> <head> <title>Admin Insert page!</title> </head> <body> <?php error_reporting(-1);ini_set('display_errors',1); if (isset($_POST['submit'])){ $name = $_POST['name']; $password = $_POST['password']; $result = mysql_query("SELECT * FROM users WHERE user='$name' AND password='$password'"); $num = mysql_num_rows($result); if($num == 0){ echo "Bad login, go <a href='login.php'>back</a>"; }else{ session_start(); $_SESSION['name'] = $name; header("Location: admin.php"); } }else{ ?> <form action='login.php' methody='post'> Username: <input type='text' name='name'/><br /> Password: <input type='password' name='password'/><br /> <input type='submit' name='submit' value='Login' /> </body> </html> I try to use console to find the problem but I didn't.... I know that there is some problem with $num Can somebody help me? Thank you. Edited October 19, 2014 by Artur Quote Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/ Share on other sites More sharing options...
ginerjm Posted October 19, 2014 Share Posted October 19, 2014 How do you KNOW there is a problem with num? Are you getting an error? Try turning on error checking first. Maybe you will see an error. Quote Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/#findComment-1494181 Share on other sites More sharing options...
Artur Posted October 19, 2014 Author Share Posted October 19, 2014 Yes my problem was: <?php }?> at the line 30 =] Quote Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/#findComment-1494188 Share on other sites More sharing options...
ginerjm Posted October 19, 2014 Share Posted October 19, 2014 (edited) Are you messing with me? That string of chars isn't even IN this code! WHAT was the problem please? Edited October 19, 2014 by ginerjm Quote Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/#findComment-1494190 Share on other sites More sharing options...
QuickOldCar Posted October 19, 2014 Share Posted October 19, 2014 (edited) You should not be using any mysql_* functions, instead use mysqli_* or PDO Saving the raw password into a database is not good either, but at least escape any data inserting into mysql. Try this <?php error_reporting(E_ALL | E_NOTICE); ini_set('display_errors',1); session_start(); include('connect.php'); if (isset($_POST['name']) && trim($_POST['name']) != '' && isset($_POST['password']) && trim($_POST['password']) != ''){ $name = trim($_POST['name']); $password = trim($_POST['password']); $escape_name = mysql_real_escape_string($name); $escape_password = mysql_real_escape_string($password); $result = mysql_query("SELECT * FROM users WHERE user='{$escape_name}' AND password='{$escape_password}'"); if($result){ $_SESSION['name'] = $name; header("Location: admin.php"); exit(); } }else{ ?> <html> <head> <title>Admin Insert page!</title> </head> <body> <form action='login.php' methody='post'> Username: <input type='text' name='name'/><br /> Password: <input type='password' name='password'/><br /> <input type='submit' name='submit' value='Login' /> </body> </html> <?php } ?> Edited October 19, 2014 by QuickOldCar Quote Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/#findComment-1494195 Share on other sites More sharing options...
QuickOldCar Posted October 19, 2014 Share Posted October 19, 2014 Found the issue <form action='login.php' methody='post'> <?php error_reporting(E_ALL | E_NOTICE); ini_set('display_errors',1); session_start(); include('connect.php'); if (isset($_POST['name']) && trim($_POST['name']) != '' && isset($_POST['password']) && trim($_POST['password']) != ''){ $name = trim($_POST['name']); $password = trim($_POST['password']); $escape_name = mysql_real_escape_string($name); $escape_password = mysql_real_escape_string($password); $result = mysql_query("SELECT * FROM users WHERE user='{$escape_name}' AND password='{$escape_password}'"); if($result){ $_SESSION['name'] = $name; header("Location: admin.php"); exit(); }else{ header("Location: login.php"); exit(); } }else{ ?> <html> <head> <title>Admin Insert page!</title> </head> <body> <form action='login.php' method='post'> Username: <input type='text' name='name'/><br /> Password: <input type='password' name='password'/><br /> <input type='submit' name='submit' value='Login' /> </body> </html> <?php } ?> Quote Link to comment https://forums.phpfreaks.com/topic/291929-help-with-php-admin-login/#findComment-1494197 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.