Jump to content


Photo

php mySQL - a simple login section


  • Please log in to reply
3 replies to this topic

#1 gingercrock

gingercrock
  • New Members
  • Pip
  • Newbie
  • 6 posts

Posted 24 March 2006 - 04:01 PM

Hey,
I am a newbie, trying to produce a login form which will compare the user name and password entered by the user to a database in MySQL which contains a user name and password previously entered in a registration form. At the moment i have code which allows users to pass through to the 'members section' however.. it will allow a user with an invalid password to enter.. here is the code for the login html and php as i have written it:


<html>

<head>

</head>

<body>

<BODY BGCOLOR="teal">

<left>
<img src="http://users.cs.cf.a...s/cardiff.bmp">
</left><br>

<center>
<img src="http://users.cs.cf.a.../reunited.bmp">
</center>


<form method = "POST" action="members.html" onSubmit="returnverifyform(this)">

<h1> Please enter your password to use member only facilities: </h1>

<br>User Name: <input type = "text" name = "user_name">
<font color="black">*</font><br>

<br>Password: <input type = "password" name = "password">
<font color="black">*</font><br>

<br><input type="submit" name = "enter" value = "Enter">
<input type="reset" name = "clear" value = "Clear">


<li><a href = "register.html">Register Free!!</a></li>





<?php
$connection = mysql_connect("sentinel.cs.cf.ac.uk","scm5sjc",
"**MY PASSWORD HERE**");


$password=$_POST['password'];
$user_name=$_POST['user_name'];
$errorMessage = '';

mysql_select_db("sjcdb",$connection) or die("failed!");


if ($row) {

if ($password == $row[9]){

header("Location:members.html");
}

else {


$errorMessage = 'Sorry, wrong user id / password';
echo $errorMessage;
}

}
mysql_close();

?>


</body>

</html>

Any help would be great, cheers

#2 keeB

keeB
  • Staff Alumni
  • Advanced Member
  • 1,078 posts
  • LocationCalifornia

Posted 24 March 2006 - 05:07 PM

Well, it seems you forgot the query and to populate $row.. Please look at my additions.. also.. please note the
[!--sql--][div class=\'sqltop\']SQL[/div][div class=\'sqlmain\'][!--sql1--][span style=\'color:blue;font-weight:bold\']SELECT[/span] * FROM users [!--sql2--][/div][!--sql3--] You need to change that to whatever your tablename is.

I cleaned up your code a little bit, too. Always remember to tab.

<?php

$connection = mysql_connect("sentinel.cs.cf.ac.uk","scm5sjc",
"**MY PASSWORD HERE**");
$password=$_POST['password'];
$user_name=$_POST['user_name'];
$errorMessage = '';

mysql_select_db("sjcdb",$connection) or die("failed!");

//keeb additions

$query = "select * from users";

$result = mysql_query($query);

$row = mysql_fetch_array($result)

// end keeb additions..

    if ($row) {
        if ($password == $row[9]){
        header("Location:members.html");
    } else { 
        $errorMessage = 'Sorry, wrong user id / password'; 
        echo $errorMessage;
    }
?>

Come visit my site to see my latest projects
http://nick.stinemates.org/wordpress/


#3 gingercrock

gingercrock
  • New Members
  • Pip
  • Newbie
  • 6 posts

Posted 24 March 2006 - 07:15 PM

<html>

<head>

</head>

<body>

<BODY BGCOLOR="teal">

<left>
<img src="http://users.cs.cf.a...s/cardiff.bmp">
</left><br>

<center>
<img src="http://users.cs.cf.a.../reunited.bmp">
</center>


<form method = "POST" action="members.html" onSubmit="returnverifyform(this)">

<h1> Please enter your password to use member only facilities: </h1>

<br>Password: <input type = "password" name = "password">
<font color="black">*</font><br>

<br><input type="submit" name = "enter" value = "Enter">
<input type="reset" name = "clear" value = "Clear">


<li><a href = "register.html">Register Free!!</a></li>




<?php

$connection = mysql_connect("sentinel.cs.cf.ac.uk","scm5sjc",
"my password here");

$password=$_POST['password'];
$errorMessage = '';

mysql_select_db("sjcdb",$connection) or die("failed!");

//keeb additions

$query = "select * from users";

$result = mysql_query($query);

$row = mysql_fetch_array($result)

// end keeb additions..

if ($row) {
if ($password == $row[9]){
header("Location:members.html");
} else {
$errorMessage = 'Sorry, wrong user id / password';
echo $errorMessage;
}
?>


</body>


Sorry, here is the query.. the password is in row 9 of the database.. thanks for your help, the screen simply goes blank now without any form at all...

#4 keeB

keeB
  • Staff Alumni
  • Advanced Member
  • 1,078 posts
  • LocationCalifornia

Posted 24 March 2006 - 07:21 PM

[!--quoteo(post=358018:date=Mar 24 2006, 07:15 PM:name=patrick wolf)--][div class=\'quotetop\']QUOTE(patrick wolf @ Mar 24 2006, 07:15 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
the password is in row 9 of the database
[/quote]

yeah, but did you notice how you never actually asked the database to return data? [=

so I inserted a few things.. did you look them over? especially look at the $query variable.. that's the string I send to the database to ask for a list of users. You need to modify that to fix your form, and without knowing your database structure, i cant really help too much more.

good luck.




Come visit my site to see my latest projects
http://nick.stinemates.org/wordpress/





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users