Login not working

[funderboltz]

Every time I click login on my html document the php is displayed any help, would be great.

<?php

session_start();

$error='';

if(isset($_POST['submit'])){

if(empty($_POST['username']) || empty($_POST['password'])){

$error = "Username or Password are invalid";

}

else

{

$username = $_POST['username'];

$password = $_POST['password'];

 

$connection = mysql_connect("localhost", "reboot", "");

 

$username = stripslashes($username);

$password = stripslashes($password);

$username = mysql_real_escape_string($username);

$password = mysql_real_escape_string($username);

 

$db = mysql_select_db("company", $connection);

 

$query = mysql_query("select * from login where password = 'password' AND username = '$username'", $connection);

$rows = mysql_num_rows($query);

if($rows > 0) {

$_SESSION['login_user'] =$username;

header("location : profile.php");

}else{

$error = "Username or Password are invalid";

}

mysql_close($connection);

}

}

?>

[Frank_b]

this is a guess..

 

what is the file extension of your file? is it html? change it to .php

 

explanation:

Php scripts are executed on the webserver. The result of te script after execution (in most cases HTML) will be sent back to the client. 

Most webservers are setup to only execute files that have the .php extension.

[CroNiX]

You probably want 'password' to be '$password' too (has nothing to do with your code showing)

$query = mysql_query("select * from login where password = 'password' AND username = '$username'", $connection);

[CroNiX]

And I would urge you to use PDO, or MySQLi instead of the MySQL extension. The MySQL extension has been deprecated and will be removed from PHP soon, so you'd have to rewrite everything. Might as well learn it now and become a bit more future-proof

Edited December 22, 2014 by CroNiX

[maxxd]

Also, make sure that php is enabled on your server.

[funderboltz]

I have edited the html, as before the form action was linked to my php file! But after setting up the mysql database with login table not much seems to work. 
The only difference now is that when I submit the form, nothing happens. I'm not sure if it's my html login form, that's not working or if it's my php, I've set up the database and have created a record, so that I could try out my form, but it does nothing. Here's my html;

<!DOCTYPE html>

<html>

<head>

<title>Student Room Login</title>

</head>

<link rel="stylesheet" type="text/css" href="loginstyle.css">

<body>

<div id ="container">

<div id ="header">

<h1>Student Room</h1>

</div>

</div>

<div id ="content">

<div id = "nav">

<h3><h3 style = "font-size: 20px">Navigation</h3>

<img src="nav-image.png">

<ul>

<li><a href="Index.html">Home</a></li>

<li><a href="Login.html">Log in<a/></li>

</ul>

 

</div>

<div id ="jumbotron">

<h2>Login</h2>

<form action ="" method="post">

<label>Username :</label>

<input id = "name" name ="username" placeholder = "username" type = "text">

<label>Password :</label>

<input id = "password" name = "password" placeholder ="************" type ="password">

<input name ="submit" type = "submit" value = " Login ">

<span><?php echo $error; ?></span>

</form>

</div>

</div>

<div id ="footer">

Copyright © 2014 Reuben

</div>

</body>

</html>

I literally don't know what to do...

[hansford]

<link rel="stylesheet" type="text/css" href="loginstyle.css">

The stylesheet link needs to go inside the head element.

[ginerjm]

What is the name of the long file of html you just posted?  And where is the php that goes in there?

[funderboltz]

The name of the file is login.html. I didn't copy and paste the top part so that's probably why, but at the top there's code that is as follows 

 

<?php

$include(process.php)

?>

 

The name of the file of php code is process.php. And thanks @ginerjm for telling me this, I'll keep it in mind next time I post. 

[ginerjm]

As was mentioned earlier - you need to name these files with a .php extension if you have php code in them.

[hansford]

<?php

session_start();

$error = '';


if ( ! isset($_POST['submit']))

{

    // redirect them back to the login page

}


if ( ! isset($_POST['username']) || ! isset($_POST['password']))

{

    // redirect them back to the login page

}


$username = trim($_POST['username']);

$password = $_POST['password'];


if ($username != '' && $password != '')

{

    $con = new mysqli("localhost", $dbuser, $dbpass, $dbname);


    if ($con->connect_errno)

    {

        // debug mode - in production send the user some nice message like "try again later"

        echo 'Failed to make db connection: ' . $con->connect_error;

        exit();

    }

    else

    {

        // Just need the count from the query unless you need other data from the login table

        $stmt = $con->prepare("SELECT COUNT(*) FROM login WHERE password=? AND username=?");

        $stmt->bind_param($password, $username);

        $stmt->execute();


        // check if anything was returned from query

        if (($stmt->fetchColumn()) > 0)

        {

            $_SESSION['login_user'] = $username;

            header("location: profile.php");

        }

        else

        {

           $error = "Username or Password are invalid";

        }

    }

}

else 

{

    $error = "Username or Password are invalid";

}

 

Edited December 25, 2014 by hansford

[ginerjm]

This code:

<?php
$include(process.php)
?>

Try this:

 

<?php
include("process.php");
?>

Edited December 25, 2014 by ginerjm

[funderboltz]

@ginerjm, you want me to name the html code above with a .php extension?

And @hansford thanks for the code; but still nothing happens, not even the error message, I'm starting to think there's an error in my html code. 

[funderboltz]

And I changed the include part of the code @gingerjm, still nothing

[hansford]

funderboltz - answer this question and then post:

 

Are you attempting to post to the same page - or do you have an html page and then the form posts to a php page?

 

Put the name of the file and the extension ..ie ".html" or ".php" and then post the code for that page.

Tell us exactly the error you get or don't get.

 

make sure to have error reporting on with any pages that contain php coding.

<?php

error_reporting(E_ALL);
ini_set('display_errors', true);

If you are getting database related errors - post the error and then post what version of php you're using.

echo phpversion();

[funderboltz]

Thanks for all of your help. I solved the problem by saving the index.html as index.php. 

[ginerjm]

See - it pays to listen to what people are telling you.