Jump to content

php login issue


Go to solution Solved by Barand,

Recommended Posts

Hi

 

I have created a registration php file script and works perfect but can't work out the login script issue I am having

 

Below is the errors I get

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/sites/it-doneright.co.uk/public_html/affiliate-login.php:149) in /home/sites/it-doneright.co.uk/public_html/affiliate-login.php on line 152

Warning: Cannot modify header information - headers already sent by (output started at /home/sites/it-doneright.co.uk/public_html/affiliate-login.php:149) in /home/sites/it-doneright.co.uk/public_html/affiliate-login.php on line 153

Notice: Undefined index: mail in /home/sites/it-doneright.co.uk/public_html/affiliate-login.php on line 155

Notice: Undefined index: pass in /home/sites/it-doneright.co.uk/public_html/affiliate-login.php on line 156

 

Below is the coding I have

<form method="POST" action="affiliate-login.php" class="signup">
<table>
<tr>
<td>
<td colspan="3">
<strong>Affiliate Login</strong>
</td>
</tr>

<tr>
<td width="78">E-Mail</td>
<td width="6">:</td>
<td width="294"><input size="25" name="mail" type="text" placeholder="Your Email Address"></td>
</tr>

<tr>
<td>Password</td><td>:</td>
<td><input name="pass" size="25" type="password" placeholder="Your Password"></td>
</tr>

<tr>
<td></td>
<td></td>
<td><input type="submit" name="Submit" value="Login" id="submit" ></td>
</tr>
</table>

<?
session_start();
if($_SESSION['user']!=''){header("Location:affiliate-profile.php");}
$dbh=new PDO('mysql:dbname=dbname;host=localhost', 'dbusername', 'dbpassword');/*Change The Credentials to connect to database.*/
$email=$_POST['mail'];
$password=$_POST['pass'];
if(isset($_POST) && $email!='' && $password!=''){
 $sql=$dbh->prepare("SELECT id,password,psalt FROM tablename WHERE username=?");
 $sql->execute(array($email));
 while($r=$sql->fetch()){
  $p=$r['password'];
  $p_salt=$r['psalt'];
  $id=$r['id'];
 }
 $site_salt="subinsblogsalt";/*Common Salt used for password storing on site. You can't change it. If you want to change it, change it when you register a user.*/
 $salted_hash = hash('sha256',$password.$site_salt.$p_salt);
 if($p==$salted_hash){
  $_SESSION['user']=$id;
  header("Location:affiliate-profile.php");
 }else{
  echo "<h2>Username/Password is Incorrect.</h2>";
 }
}
?>

</form>

Just can't work the issue out, the page just loads back to the affiliate-login.php page again instead of logging in and going to affiliate-profile.php page

Link to comment
https://forums.phpfreaks.com/topic/299620-php-login-issue/
Share on other sites

  • Solution

session_start() needs be called before any output is sent to the browser. You are currently sending the form fields first. Move the php code above the form code.

 

You are attempting to use the content of $_POST['mail'] and $_POST['pass'] before you check if any data was POSTed.

 

You only retrieve a single record with the query, so why is there a while() loop?

 

When you use header() to redirect, there should be an exit; command following it to prevent the rest of the script from being executed.

 

Use password_hash() and password_verify()

Link to comment
https://forums.phpfreaks.com/topic/299620-php-login-issue/#findComment-1527430
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.