Jump to content

php mySQL - a simple login section


gingercrock

Recommended Posts

[b]Hey,
I am a newbie, trying to produce a login form which will compare the user name and password entered by the user to a database in MySQL which contains a user name and password previously entered in a registration form. At the moment i have code which allows users to pass through to the 'members section' however.. it will allow a user with an invalid password to enter.. here is the code for the login html and php as i have written it:[/b]

<html>

<head>

</head>

<body>

<BODY BGCOLOR="teal">

<left>
<img src="http://users.cs.cf.ac.uk/S.J.Crocker/pictures/cardiff.bmp">
</left><br>

<center>
<img src="http://users.cs.cf.ac.uk/S.J.Crocker/pictures/reunited.bmp">
</center>


<form method = "POST" action="members.html" onSubmit="returnverifyform(this)">

<h1> Please enter your password to use member only facilities: </h1>

<br>User Name: <input type = "text" name = "user_name">
<font color="black">*</font><br>

<br>Password: <input type = "password" name = "password">
<font color="black">*</font><br>

<br><input type="submit" name = "enter" value = "Enter">
<input type="reset" name = "clear" value = "Clear">


<li><a href = "register.html">Register Free!!</a></li>





<?php
$connection = mysql_connect("sentinel.cs.cf.ac.uk","scm5sjc",
"**MY PASSWORD HERE**");


$password=$_POST['password'];
$user_name=$_POST['user_name'];
$errorMessage = '';

mysql_select_db("sjcdb",$connection) or die("failed!");


if ($row) {

if ($password == $row[9]){

header("Location:members.html");
}

else {


$errorMessage = 'Sorry, wrong user id / password';
echo $errorMessage;
}

}
mysql_close();

?>


</body>

</html>

[b]Any help would be great, cheers[/b]
Link to comment
Share on other sites

Well, it seems you forgot the query and to populate $row.. Please look at my additions.. also.. please note the
[!--sql--][div class=\'sqltop\']SQL[/div][div class=\'sqlmain\'][!--sql1--][span style=\'color:blue;font-weight:bold\']SELECT[/span] * [color=green]FROM[/color] [color=orange]users[/color] [!--sql2--][/div][!--sql3--] You need to change that to whatever your tablename is.

I cleaned up your code a little bit, too. Always remember to tab.

[code]<?php

$connection = mysql_connect("sentinel.cs.cf.ac.uk","scm5sjc",
"**MY PASSWORD HERE**");
$password=$_POST['password'];
$user_name=$_POST['user_name'];
$errorMessage = '';

mysql_select_db("sjcdb",$connection) or die("failed!");

//keeb additions

$query = "select * from users";

$result = mysql_query($query);

$row = mysql_fetch_array($result)

// end keeb additions..

    if ($row) {
        if ($password == $row[9]){
        header("Location:members.html");
    } else {
        $errorMessage = 'Sorry, wrong user id / password';
        echo $errorMessage;
    }
?>[/code]
Link to comment
Share on other sites

<html>

<head>

</head>

<body>

<BODY BGCOLOR="teal">

<left>
<img src="http://users.cs.cf.ac.uk/S.J.Crocker/pictures/cardiff.bmp">
</left><br>

<center>
<img src="http://users.cs.cf.ac.uk/S.J.Crocker/pictures/reunited.bmp">
</center>


<form method = "POST" action="members.html" onSubmit="returnverifyform(this)">

<h1> Please enter your password to use member only facilities: </h1>

<br>Password: <input type = "password" name = "password">
<font color="black">*</font><br>

<br><input type="submit" name = "enter" value = "Enter">
<input type="reset" name = "clear" value = "Clear">


<li><a href = "register.html">Register Free!!</a></li>




<?php

$connection = mysql_connect("sentinel.cs.cf.ac.uk","scm5sjc",
"my password here");

$password=$_POST['password'];
$errorMessage = '';

mysql_select_db("sjcdb",$connection) or die("failed!");

//keeb additions

$query = "select * from users";

$result = mysql_query($query);

$row = mysql_fetch_array($result)

// end keeb additions..

if ($row) {
if ($password == $row[9]){
header("Location:members.html");
} else {
$errorMessage = 'Sorry, wrong user id / password';
echo $errorMessage;
}
?>


</body>


Sorry, here is the query.. the password is in row 9 of the database.. thanks for your help, the screen simply goes blank now without any form at all...
Link to comment
Share on other sites

[!--quoteo(post=358018:date=Mar 24 2006, 07:15 PM:name=patrick wolf)--][div class=\'quotetop\']QUOTE(patrick wolf @ Mar 24 2006, 07:15 PM) [snapback]358018[/snapback][/div][div class=\'quotemain\'][!--quotec--]
the password is in row 9 of the database
[/quote]

yeah, but did you notice how you never actually asked the database to return data? [=

so I inserted a few things.. did you look them over? especially look at the $query variable.. that's the string I send to the database to ask for a list of users. You need to modify that to fix your form, and without knowing your database structure, i cant really help too much more.

good luck.



Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.