Jump to content

Login Issues

madlady37

By madlady37
in PHP Coding Help

 Share

Recommended Posts

madlady37 Member

madlady37

Posted
Posted

Hello Everyone,

Im trying to allow a user to login to my website. I want to check and see if the user is in the database, then proceed to the main page, if not have the user register and then login. Can anyone tell me what the problem is here? Thank you so much in advance. ~MADLADY37~

 

Here is my code:

// checking the user

if(isset($_POST["submit"])){
    
  $email = trim($_POST["email"]);
  $email = strip_tags($email);
  $email = htmlspecialchars($email);

  $email = mysqli_real_escape_string($con,$_POST["email"]);
 $password = mysqli_real_escape_string($con,$_POST["password"]);

    if(email_exist($email, $con))
    {
        header("Location: test5.php");    
    }
    else
    {
        $error = "Email Does Not Exist!, Please Register, in order to login!";
    }
        
}
?>

 

HERE IS MY FUNCTIONS CODE:

<?php

    function email_exist($email,$con)
    {
        
        $result = mysqli_query($conn,"SELECT * FROM userstbl WHERE email = '$email'");
        
        if(mysqli_num_rows($result) == 1)
        {
        return true;        
        }
        else
        {
        return false;
        }
            
        
    }

?>

 

 

 

Link to comment
Share on other sites
cyberRobot Prolific Member

cyberRobot

Posted
Posted

Could you provide a little more information as to what the following means:

Can anyone tell me what the problem is here?

 

Do you get an error message? If so, what's the exact error? Does it do (or not do) something you expect?

 

 

Note that you need to call "exit" after performing a header redirect to prevent anything else in the script from executing.

header("Location: test5.php");
exit;
 
Also, the script only appears to be checking if the email address exists. You need to make sure the password associated with the email address matches.
 
 
In case you are not aware, PHP has a function for validating the email address. More information can be found here:
 
And here is some information on password hashing:
Link to comment
Share on other sites
ginerjm Prolific Member

ginerjm

Posted
Posted

So many issues.

 

Try turning on php error checking at the beginning.

 

Use the same 'connection' variable both in and outside of your querying function. "con" & "conn"

 

You do all kinds of sanitizing on your input email value, but then you don't do a darn thing with the password.

Furthermore you apparently are storing the password in plain text - bad, bad, bad.

 

Do you plan on ensuring that an email address will be unique?

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.