Jump to content

Here we go again.. login page produces blank page

simcoweb

By simcoweb
in PHP Coding Help

 Share

Recommended Posts

simcoweb Advanced Member

simcoweb

Posted
Posted

I had this same issue once before ( http://www.phpfreaks.com/forums/index.php/topic,129403.0.html ) which was resolved. I'm using the exact same code that we used in the solving of that with the exception of a couple of minor snippets here and there in the queries.

 

What I get when I enter username/password and hit submit is a blank page and the URL never changes. In other words, the login page is 'index.php' and when submitted it should redirect to 'admin.php'. Instead the url/address stays at 'index.php' and the page turns completely blank.

 

In the previous thread, the problem turned out to be some missing indicator to the md5 encrypted password. Well, in this version, that's there! In fact, I used the ending scripts for that project in creating this project. So, why it won't work is a real mystery.

 

Here's the login page code:

 

<?php
ob_start();
session_start();

$loginError = ""; // declare this so it is always available

// Turn on magic quotes to prevent SQL injection attacks
if(!get_magic_quotes_gpc())
set_magic_quotes_runtime(1);
// Validate users input
if(!empty($_POST))
{
// Check username has a value
if(empty($_POST['username'])) 
  $loginError['username'] = "Please enter a user name!";
// Check password has a value
if(empty($_POST['password'])) 
  $loginError['password'] = "Please enter a password!";
// Check if any errors were returned and run relevant code
if(empty($loginError))
{
$username = $_POST['username']; 
$password = md5($_POST['password']);

include 'db_config.php';

// Connect to database
$con = mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($dbname, $con) or die(mysql_error());
// Get Record Set
$sql = ("SELECT * FROM admin  WHERE username = '$username' AND password = '$password'");
// mysql_query($sql) or die(mysql_error());
$results = mysql_query($sql, $con) or die(mysql_error());
$num_rows = mysql_num_rows($results) or die(mysql_error());

	if ($num_rows == "1")
{
$_SESSION['loggedin'] = $_POST['loggedin'];
header("Location: admin.php");
exit;
}
else
{
echo "Your user name and password do not match any in our database! Please try again. <a class='body' href='login.php'>Return to login page.<br>\n";
}

}
}
include 'adminheader.php';
?>
<div align="center">
<table style="BORDER-COLLAPSE: collapse" bordercolor="#666666" cellpadding="4" width="530" border="0">
<tbody>
	<tr>
	<td>  <h2 align="center">Login page</h2>
	<font color="red"><div align="center">
<? // Loop through all errors
if(!empty($loginError))
{
?>
<ul>
<?
foreach($loginError as $eg_message)
{
?>
<li id="validationError"><?= @$eg_message ?></li>
<?
}
?>
</ul>
<?
}
?>
</font></div>
<table border="0" width="450" align="center">
<tr><td> 
<form action="<? $_SERVER['PHP_SELF'] ?>" name="login" method="post" >
<input type="hidden" value="loggedin" name="loggedin">
<fieldset style="-moz-border-radius: 7pt;"><font face="Verdana" size="2">
<legend>Administration Login:</legend>
<br />Username <input type="text" name="username" size="21" /><br><br>
Password <input type="password" name="password" size="21" />
</font></fieldset>
<br><input type="submit" value="Login">
</form>
</td></tr></table>
</td></tr>
</tbody>
</table>
</div>
<p>

<?
include 'adminfooter.php';
?>

 

Should be simple:

 

* enter username/password, validates against the database records, if successful it sends you off to the admin.php page. If not, sends you back to the login page.

Link to comment
Share on other sites
steelmanronald06 Advanced Member

steelmanronald06

Posted
Posted

<? // Loop through all errors

 

<?

foreach($loginError as $eg_message)

 

<?

}

 

<?

include 'adminfooter.php';

 

I don't know what version of PHP your using, but what is the one thing you notice in all the above quotations? what is one thing that remains consistant?  You have:

 

<?

 

In newer version of PHP, short-tags are set to OFF by default, and if you haven't turned them on then you will get errors and blank pages.  So, you should go through and start PHP like so:

 

<?php

 

You did good with the first bit, but afterwards you kept leaving off the `php` part.

Link to comment
Share on other sites
simcoweb Advanced Member

simcoweb

Posted
  • Author
Posted

It's PHP 4.3.2 which, in this case, is the identical version used for the code utilized on another server as I posted in that other previous thread. The error messages show up fine and dandy on both. In other words, with the short tags the error messages display fine. Normally I use the full tags but this is a snippet I use over and over.

 

The big question is... WHY does this login page work fine at one site and not the other? They are virtually identical in the core functionality. Here's the login form as used on two different sites. One works, the other doesn't. The one that doesn't simply displays a blank page upon submit. In the previous thread this was fixed by modifying the password references in the code to allow for the md5 encryption. Take a look at these:

 

This one produces a blank page upon submit.

 

<?php
ob_start();
session_start();

$loginError = ""; // declare this so it is always available

// Turn on magic quotes to prevent SQL injection attacks
if(!get_magic_quotes_gpc())
set_magic_quotes_runtime(1);
// Validate users input
if(!empty($_POST))
{
// Check username has a value
if(empty($_POST['username'])) 
  $loginError['username'] = "Please enter a user name!";
// Check password has a value
if(empty($_POST['password'])) 
  $loginError['password'] = "Please enter a password!";
// Check if any errors were returned and run relevant code
if(empty($loginError))
{
$username = $_POST['username']; 
$password = md5($_POST['password']);

include 'db_config.php';

// Connect to database
$con = mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($dbname, $con) or die(mysql_error());
// Get Record Set
$sql = ("SELECT * FROM admin  WHERE username = '$username' AND password = '$password'");
// mysql_query($sql) or die(mysql_error());
$results = mysql_query($sql, $con) or die(mysql_error());
$num_rows = mysql_num_rows($results) or die(mysql_error());

	if ($num_rows == "1")
{
$_SESSION['loggedin'] = $_POST['loggedin'];
header("Location: admin.php");
exit;
}
else
{
echo "Your user name and password do not match any in our database! Please try again. <a class='body' href='login.php'>Return to login page.<br>\n";
}

}
}
include 'adminheader.php';
?>
<div align="center">
<table style="BORDER-COLLAPSE: collapse" bordercolor="#666666" cellpadding="4" width="530" border="0">
<tbody>
	<tr>
	<td>  <h2 align="center">Login page</h2>
	<font color="red"><div align="center">
<? // Loop through all errors
if(!empty($loginError))
{
?>
<ul>
<?
foreach($loginError as $eg_message)
{
?>
<li id="validationError"><?= @$eg_message ?></li>
<?
}
?>
</ul>
<?
}
?>
</font></div>
<table border="0" width="450" align="center">
<tr><td> 
<form action="<? $_SERVER['PHP_SELF'] ?>" name="login" method="post" >
<input type="hidden" value="loggedin" name="loggedin">
<fieldset style="-moz-border-radius: 7pt;"><font face="Verdana" size="2">
<legend>Administration Login:</legend>
<br />Username <input type="text" name="username" size="21" /><br><br>
Password <input type="password" name="password" size="21" />
</font></fieldset>
<br><input type="submit" value="Login">
</form>
</td></tr></table>
</td></tr>
</tbody>
</table>
</div>
<p>

<?
include 'adminfooter.php';
?>

 

This one works fine.

 

<?php
ob_start();
session_start();

$loginError = ""; // declare this so it is always available

// Turn on magic quotes to prevent SQL injection attacks
if(!get_magic_quotes_gpc())
set_magic_quotes_runtime(1);
// Validate users input
if(!empty($_POST))
{
// Check username has a value
if(empty($_POST['username'])) 
  $loginError['username'] = "Please enter a user name!";
// Check password has a value
if(empty($_POST['password'])) 
  $loginError['password'] = "Please enter a password!";
// Check if any errors were returned and run relevant code
if(empty($loginError))
{
$username = $_POST['username']; 
$password = md5($_POST['password']);

include 'dbconfig.php';

// Connect to database
$con = mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($dbname, $con) or die(mysql_error());
// Get Record Set
$sql = ("SELECT * FROM eastside_admin  WHERE username = '$username' AND password = '$password'");
// mysql_query($sql) or die(mysql_error());
$results = mysql_query($sql, $con) or die(mysql_error());
$num_rows = mysql_num_rows($results) or die(mysql_error());

	if ($num_rows == "1")
{
$_SESSION['loggedin'] = $_POST['loggedin'];
header("Location: eastside_admin.php");
exit;
}
else
{
echo "Your user name and password do not match any in our database! Please try again. <a class='body' href='login.php'>Return to login page.<br>\n";
}

}
}
include 'adminheader.php';

?>
<div align="center">
<table style="BORDER-COLLAPSE: collapse" bordercolor="#666666" cellpadding="4" width="530" border="0">
<tbody>
	<tr>
	<td>  <h2 align="center">Login page</h2>
	<font color="red"><div align="center">
<? // Loop through all errors
if(!empty($loginError))
{
?>
<ul>
<?
foreach($loginError as $eg_message)
{
?>
<li id="validationError"><?= @$eg_message ?></li>
<?
}
?>
</ul>
<?
}
?>
</font></div>
<table border="0" width="450" align="center">
<tr><td> 
<form action="<? $_SERVER['PHP_SELF'] ?>" name="login" method="post" >
<input type="hidden" value="loggedin" name="loggedin">
<fieldset style="-moz-border-radius: 7pt;"><font face="Verdana" size="2">
<legend>Administration Login:</legend>
<br />Username <input type="text" name="username" size="21" /><br><br>
Password <input type="password" name="password" size="21" />
</font></fieldset>
<br><input type="submit" value="Login">
</form>
</td></tr></table>
</td></tr>
</tbody>
</table>
</div>
<p>

<?
include 'adminfooter.php';
?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.