Jump to content

Archived

This topic is now archived and is closed to further replies.

gingercrock

php mySQL - a simple login section

Recommended Posts

[b]Hey,
I am a newbie, trying to produce a login form which will compare the user name and password entered by the user to a database in MySQL which contains a user name and password previously entered in a registration form. At the moment i have code which allows users to pass through to the 'members section' however.. it will allow a user with an invalid password to enter.. here is the code for the login html and php as i have written it:[/b]

<html>

<head>

</head>

<body>

<BODY BGCOLOR="teal">

<left>
<img src="http://users.cs.cf.ac.uk/S.J.Crocker/pictures/cardiff.bmp">
</left><br>

<center>
<img src="http://users.cs.cf.ac.uk/S.J.Crocker/pictures/reunited.bmp">
</center>


<form method = "POST" action="members.html" onSubmit="returnverifyform(this)">

<h1> Please enter your password to use member only facilities: </h1>

<br>User Name: <input type = "text" name = "user_name">
<font color="black">*</font><br>

<br>Password: <input type = "password" name = "password">
<font color="black">*</font><br>

<br><input type="submit" name = "enter" value = "Enter">
<input type="reset" name = "clear" value = "Clear">


<li><a href = "register.html">Register Free!!</a></li>





<?php
$connection = mysql_connect("sentinel.cs.cf.ac.uk","scm5sjc",
"**MY PASSWORD HERE**");


$password=$_POST['password'];
$user_name=$_POST['user_name'];
$errorMessage = '';

mysql_select_db("sjcdb",$connection) or die("failed!");


if ($row) {

if ($password == $row[9]){

header("Location:members.html");
}

else {


$errorMessage = 'Sorry, wrong user id / password';
echo $errorMessage;
}

}
mysql_close();

?>


</body>

</html>

[b]Any help would be great, cheers[/b]

Share this post


Link to post
Share on other sites
Well, it seems you forgot the query and to populate $row.. Please look at my additions.. also.. please note the
[!--sql--][div class=\'sqltop\']SQL[/div][div class=\'sqlmain\'][!--sql1--][span style=\'color:blue;font-weight:bold\']SELECT[/span] * [color=green]FROM[/color] [color=orange]users[/color] [!--sql2--][/div][!--sql3--] You need to change that to whatever your tablename is.

I cleaned up your code a little bit, too. Always remember to tab.

[code]<?php

$connection = mysql_connect("sentinel.cs.cf.ac.uk","scm5sjc",
"**MY PASSWORD HERE**");
$password=$_POST['password'];
$user_name=$_POST['user_name'];
$errorMessage = '';

mysql_select_db("sjcdb",$connection) or die("failed!");

//keeb additions

$query = "select * from users";

$result = mysql_query($query);

$row = mysql_fetch_array($result)

// end keeb additions..

    if ($row) {
        if ($password == $row[9]){
        header("Location:members.html");
    } else {
        $errorMessage = 'Sorry, wrong user id / password';
        echo $errorMessage;
    }
?>[/code]

Share this post


Link to post
Share on other sites
<html>

<head>

</head>

<body>

<BODY BGCOLOR="teal">

<left>
<img src="http://users.cs.cf.ac.uk/S.J.Crocker/pictures/cardiff.bmp">
</left><br>

<center>
<img src="http://users.cs.cf.ac.uk/S.J.Crocker/pictures/reunited.bmp">
</center>


<form method = "POST" action="members.html" onSubmit="returnverifyform(this)">

<h1> Please enter your password to use member only facilities: </h1>

<br>Password: <input type = "password" name = "password">
<font color="black">*</font><br>

<br><input type="submit" name = "enter" value = "Enter">
<input type="reset" name = "clear" value = "Clear">


<li><a href = "register.html">Register Free!!</a></li>




<?php

$connection = mysql_connect("sentinel.cs.cf.ac.uk","scm5sjc",
"my password here");

$password=$_POST['password'];
$errorMessage = '';

mysql_select_db("sjcdb",$connection) or die("failed!");

//keeb additions

$query = "select * from users";

$result = mysql_query($query);

$row = mysql_fetch_array($result)

// end keeb additions..

if ($row) {
if ($password == $row[9]){
header("Location:members.html");
} else {
$errorMessage = 'Sorry, wrong user id / password';
echo $errorMessage;
}
?>


</body>


Sorry, here is the query.. the password is in row 9 of the database.. thanks for your help, the screen simply goes blank now without any form at all...

Share this post


Link to post
Share on other sites
[!--quoteo(post=358018:date=Mar 24 2006, 07:15 PM:name=patrick wolf)--][div class=\'quotetop\']QUOTE(patrick wolf @ Mar 24 2006, 07:15 PM) [snapback]358018[/snapback][/div][div class=\'quotemain\'][!--quotec--]
the password is in row 9 of the database
[/quote]

yeah, but did you notice how you never actually asked the database to return data? [=

so I inserted a few things.. did you look them over? especially look at the $query variable.. that's the string I send to the database to ask for a list of users. You need to modify that to fix your form, and without knowing your database structure, i cant really help too much more.

good luck.



Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.