Please Help me...

[Sagor]

It say Error.. Please anyone help me

 

<?php

$conn = new mysqli("localhost", "****", "****", "shahrior_user");


// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['pass']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

// Register $myusername, $mypassword andredirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>





<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="<?phpechohtmlspecialchars($_SERVER["PHP_SELF"]);?>">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="pass" type="text" id="mypassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

Edited May 6, 2016 by Barand
added code tags, removed password

[Barand]

As it clearly states at the top of the page, "PHPFreaks.com Questions, Comments, & Suggestions" is not a help forum but a forum for comments about the site.

 

Moving to PHP Coding Help forum.

 

Please put you code inside [ code ] tags or use the <> button in the toolbar.

 

And state the nature of the error, preferably the full error message. Just saying there is an error is not helpful.

Edited May 6, 2016 by Barand

[taquitosensei]

We kind of need the error to help you. It says Error. Could mean mysql, php or html.

[ginerjm]

Turn on error checking too to help provide you with more information about your coding as you write it.

[beginnerPHP]

<form name="form1" method="post" action="<?phpechohtmlspecialchars($_SERVER["PHP_SELF"]);?>">

Your action does not have any spaces so it read like one function.

session_register("mypassword"); 

This was removed at PHP 5.4.0 unless your version is below that. I am beginner myself i may be wrong.

[ginerjm]

Other issues:

 

1 - you can't mix the use of MySQL* and mysqli* functions which you are doing. At the risk of coming across sarcastically, the MySQL* functions have been deprecated for years and are no longer part of the current version of PHP. In other words - don't use them at all.

 

2 - session_register has also been deprecated as in the following message from the manual:

 

"Warning This function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0."

 

The preferred method is to simply say "$_SESSION['varname'] = (some value);" (quotes and caps required, parens not)

 

3 - when checking for a user/password record it is not necessary to retrieve the password value. Simply specifying it as part of the where clause is sufficient for verifying a login. Additionally - you really must store the password in an encrypted format and use that same format on the input value that you supply to the query. You should NEVER store it anywhere except in the user table, not in your script nor session vars. Assign a token of your own choosing to indicate that a user is authorized - not the pswd.

 

4 - your html is ANCIENT. Really really old. Much of what you have coded is years out of date and you really should revise it. Learn some css and get rid of all that deprecated stylng you are doing. Also - tables are no longer the preferred way of laying out screens (although I used them all the time) so certainly embedded tables are really to be avoided (which I do!). Why have a table of one cell wrapping another entire table?

 

If you copied this code from somewhere you would be well-advised to learn how to do this simple html form yourself and actually learn something from it while you are starting out.