Jump to content

Recommended Posts

It say Error.. Please anyone help me

 

<?php

$conn = new mysqli("localhost", "****", "****", "shahrior_user");


// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['pass']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

// Register $myusername, $mypassword andredirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>





<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="<?phpechohtmlspecialchars($_SERVER["PHP_SELF"]);?>">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="pass" type="text" id="mypassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
Edited by Barand
added code tags, removed password
Link to comment
https://forums.phpfreaks.com/topic/301172-please-help-me/
Share on other sites

As it clearly states at the top of the page, "PHPFreaks.com Questions, Comments, & Suggestions" is not a help forum but a forum for comments about the site.

 

Moving to PHP Coding Help forum.

 

Please put you code inside [ code ] tags or use the <> button in the toolbar.

 

And state the nature of the error, preferably the full error message. Just saying there is an error is not helpful.

Edited by Barand
Link to comment
https://forums.phpfreaks.com/topic/301172-please-help-me/#findComment-1532899
Share on other sites

<form name="form1" method="post" action="<?phpechohtmlspecialchars($_SERVER["PHP_SELF"]);?>">

Your action does not have any spaces so it read like one function.

session_register("mypassword"); 

This was removed at PHP 5.4.0 unless your version is below that. I am beginner myself i may be wrong.

Link to comment
https://forums.phpfreaks.com/topic/301172-please-help-me/#findComment-1532904
Share on other sites

Other issues:

 

1 - you can't mix the use of MySQL* and mysqli* functions which you are doing. At the risk of coming across sarcastically, the MySQL* functions have been deprecated for years and are no longer part of the current version of PHP. In other words - don't use them at all.

 

2 - session_register has also been deprecated as in the following message from the manual:

 

"Warning This function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0."

 

The preferred method is to simply say "$_SESSION['varname'] = (some value);" (quotes and caps required, parens not)

 

3 - when checking for a user/password record it is not necessary to retrieve the password value. Simply specifying it as part of the where clause is sufficient for verifying a login. Additionally - you really must store the password in an encrypted format and use that same format on the input value that you supply to the query. You should NEVER store it anywhere except in the user table, not in your script nor session vars. Assign a token of your own choosing to indicate that a user is authorized - not the pswd.

 

4 - your html is ANCIENT. Really really old. Much of what you have coded is years out of date and you really should revise it. Learn some css and get rid of all that deprecated stylng you are doing. Also - tables are no longer the preferred way of laying out screens (although I used them all the time) so certainly embedded tables are really to be avoided (which I do!). Why have a table of one cell wrapping another entire table?

 

If you copied this code from somewhere you would be well-advised to learn how to do this simple html form yourself and actually learn something from it while you are starting out.

Link to comment
https://forums.phpfreaks.com/topic/301172-please-help-me/#findComment-1532905
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.