Jump to content

Why Won't my login page actually login?

slotegraafd

By slotegraafd
in PHP Coding Help

 Share

Recommended Posts

slotegraafd Member

slotegraafd

Posted
Posted

Hello, I am once again desperately asking for your help,

I am working on a simple login page and I am having trouble actually getting it  to login. I display error messages for if the user doesn't enter anything but I can't seem to get it to work for if the credentials are wrong. It logs the user in whether the information is right or not and i dont even know what to do now

 

This is the code any suggestions would be greatly appreciated 

<?php
    /*
    Name: Deanna Slotegraaf 
    Course Code: WEBD3201
    Date: 2020-09-22
    */

    $file = "sign-in.php";
    $date = "2020-09-22";
    $title = "WEBD3201 Login Page";
    $description = "This page was created for WEBD3201 as a login page for a real estate website";
    $banner = "Login Page";
    require 'header.php';

    $error = "";

    if($_SERVER["REQUEST_METHOD"] == "GET")
    {
        $username = "";
        $password = "";
        $lastaccess = "";        
        $error = "";
        $result = "";
        $validUser = "";
    }
    else if($_SERVER["REQUEST_METHOD"] == "POST")
    {        
    	$conn;
        $username = trim($_POST['username']); //Remove trailing white space
        $password = trim($_POST['password']); //Remove trailing white space

    if (!isset($username) || $username == "") {
      $error .= "<br/>Username is required";
    }
    if (!isset($password) || $password == ""){
      $error .= "<br/>Password is required";
    }
    if ($error == "") {
      $password = md5($password);
      $query = "SELECT * FROM users WHERE EmailAddress='$username' AND Password='$password'";
      $results = pg_query($conn, $query);
      //$_SESSION['username'] = $username;
        //$_SESSION['success'] = "You are now logged in";
        header('location: dashboard.php');
      }else {
        $error .= "Username and/or Password is incorrect";
      }

}

?>

<div class = "form-signin">
    <?php
             echo "<h2 style='color:red; font-size:20px'>".$error."</h2>";
    ?>
<form action = "<?php echo $_SERVER['PHP_SELF'];  ?>" method="post">

      <label for="uname"><b>Login ID</b></label>
      <input type="text" name="username" value="<?php echo $username; ?>"/>
      <br/>
      <label for="psw"><b>Password</b></label>
      <input type="password" name="password" value="<?php echo $password; ?>"/>
      <br/>
        <button type="submit" name="login_user">Login</button>
        <button type="reset">Reset</button></div>
</form>
</div>

<?php require "footer.php"; ?>

 

Link to comment
https://forums.phpfreaks.com/topic/311543-why-wont-my-login-page-actually-login/
Share on other sites
Strider64 Advanced Member

Strider64

Posted
Posted

Throw that in file 13 and look for a safe secure login using PDO (My Suggestion) or mysqli. I did a Google search and found this https://levelup.gitconnected.com/how-to-build-a-secure-login-page-in-php-954f51d08701 and I am sure there are many others out there. 

slotegraafd Member

slotegraafd

Posted
  • Author
Posted
22 minutes ago, Strider64 said:

Throw that in file 13 and look for a safe secure login using PDO (My Suggestion) or mysqli. I did a Google search and found this https://levelup.gitconnected.com/how-to-build-a-secure-login-page-in-php-954f51d08701 and I am sure there are many others out there. 

I'm required to use pgadmin, this is an assignment for school, all I am focusing on right now is trying to get it to login

slotegraafd Member

slotegraafd

Posted
  • Author
Posted

I dont' know what to try because I was certain this was the right code which it obviously isnt, I retrieved it from the data as in the code in the if statement but it doesnt check to see if the input is the right combination that is why I am asking for help because I do not know what to do with this

requinix Prolific Member

requinix

Posted
Posted
33 minutes ago, slotegraafd said:

it doesnt check to see if the input is the right combination that is why I am asking for help because I do not know what to do with this

It should probably come as no surprise to learn that the answer is "to check if the input is the right combination".

You have a query that looks for matching username and password. What will happen if there is a match? What will happen if there is not a match? How can you get the code to tell which is happening?

slotegraafd Member

slotegraafd

Posted
  • Author
Posted
10 hours ago, requinix said:

It should probably come as no surprise to learn that the answer is "to check if the input is the right combination".

You have a query that looks for matching username and password. What will happen if there is a match? What will happen if there is not a match? How can you get the code to tell which is happening?

I know the answer is to check if the input is the right combination but I'm asking how you do that

kicken Prolific Member

kicken

Posted
Posted

The query just asks the database for information matching your criteria.  After you run the query you need to fetch the data to make use of it.  If nothing matches your criteria, you'll know because your attempt to fetch the data will return false instead of usable data.

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.