pouria25 Posted January 1, 2019 Share Posted January 1, 2019 Hi I'm a beginner and I would like to create a simple login form by using PDO connection. I wrote all these codes but nothing happened. The only thing I know is my PDO connection is working. Any help I appreciate that. login form: <!DOCTYPE html> <html> <form method="post" action="loginaccess.php"> <br> <br> Username <input type="text" name="username"> <br> <br> Password <input type="text" name="password"> <br> <br> <input value="submit" type="submit" name="submit"> <br> <br> <br> <br> </form> <?php require 'Connection.php'; session_start(); if(isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; $query = $conn->prepare("SELECT COUNT ('id') FROM 'users' WHERE 'username' = '$username' AND 'password' = '$password'"); $query-> execute(); $count = $query->fetchColumn(); if ($count > "0"){ $_SESSION['username'] = $username; header('location: panel.php'); } else { echo "Wrong informations"; } } ?> </html> Quote Link to comment Share on other sites More sharing options...
Barand Posted January 1, 2019 Share Posted January 1, 2019 you need to call session_start() before any output is sent to the browser (top of the script usually) Do not put identifiers (table and column names) in quotes. The whole purpose of using prepared queries is so you don't put user-provided vaariable directly into the query. Do not needlessly create variables. Do not store passwords as plain text, use password_hash() and password_verify() $query = $conn->prepare("SELECT COUNT(id) FROM users WHERE username = ? AND password = ?"); $query-> execute( [ $_POST['username'], $_POST['password'] ] ); 1 Quote Link to comment Share on other sites More sharing options...
benanamen Posted January 2, 2019 Share Posted January 2, 2019 This tutorial should get you on your way with PDO. 1 Quote Link to comment Share on other sites More sharing options...
pouria25 Posted January 5, 2019 Author Share Posted January 5, 2019 Hi dearThank you for your answer I would like to ask you if even my connection works.Should I use a DNS connection?Yours faithfully Quote Link to comment Share on other sites More sharing options...
Cobra23 Posted January 5, 2019 Share Posted January 5, 2019 (edited) Do you mean PDO connection? DNS connection is completely different. We can't tell you if your PDO connection works at all if you don't provide any error messages you received when you submit the form. As with your Connection.php file, the code in there should be something similar to: <?php $host = 'localhost'; $db = 'my database name'; $user = 'my database username'; $pass = 'my database password'; $charset = 'utf8mb4'; $dsn = "mysql:host=$host;dbname=$db;charset=$charset"; $options = [ PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, PDO::ATTR_EMULATE_PREPARES => false, ]; try { $conn = new PDO($dsn, $user, $pass, $options); } catch (\PDOException $e) { throw new \PDOException($e->getMessage(), (int)$e->getCode()); } ?> Edited January 5, 2019 by Cobra23 Quote Link to comment Share on other sites More sharing options...
pouria25 Posted January 12, 2019 Author Share Posted January 12, 2019 Hi I've written as you told me but now I don't know if my DSN.Connection is connected to my database or not? How can µI understand that? <?php $host = 'localhost'; $db = 'cool'; $user = 'myweb'; $pass = '*********'; $charset = 'utf8mb4'; $dsn = "mysql:host=$host;dbname=$db;charset=$charset"; $options = [ PDO::ATTR_ERRMODE =>PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE =>PDO::FETCH_ASSOC, PDO::ATTR_EMULATE_PREPARS => false, ]; try { $pdo = new PDO($dsn, $user, $pass, $options); echo '<p style="color:#009933;">Connected successfully</p>'; } catch (\PDOEXCEPTION $e) { throw new \PDOException($e->getMessage(), (int)$e->getCode()); } ?> Yours faithfully Quote Link to comment Share on other sites More sharing options...
Barand Posted January 12, 2019 Share Posted January 12, 2019 Exceptions work on the general principle that if it fails you get an error. If you need convincing that you are connected, try running a query and check the result. Quote Link to comment Share on other sites More sharing options...
pouria25 Posted January 13, 2019 Author Share Posted January 13, 2019 Thanks again, I don't get even the message " Connected successfully"! Can you tell me what can I try like a query? I'm really a beginner with PHP, please? I've not thought it'll be so complicated to understand! Yours sincerely Quote Link to comment Share on other sites More sharing options...
Barand Posted January 13, 2019 Share Posted January 13, 2019 Have you got php error reporting turned on in your php.ini file? (You have ann error in the PDO options) 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.