Foser Posted June 26, 2007 Share Posted June 26, 2007 So I try to have a simple login page. But The php and the html for the login page is the same file. So one small issue, is it executes like nothing was imputed therefore executing the message which indicates the person you have entered wrong data. My second major issue is that, when i press submit it does not do anything. Quote Link to comment Share on other sites More sharing options...
redarrow Posted June 26, 2007 Share Posted June 26, 2007 post the code? Quote Link to comment Share on other sites More sharing options...
Foser Posted June 26, 2007 Author Share Posted June 26, 2007 <body> <form id="form1" name="form1" method="post" action="<?php $_SERVER['PHP_SELF'] ?>"> <label></label> <table width="202" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#000000" bgcolor="#666666"> <tr> <th width="198" scope="col">Login System</th> </tr> <tr> <td height="63">Username: <input name="username2" type="text" id="username2" size="33" /> Password:<br /> <label> <input name="password" type="password" id="password" size="33" /> <input name="button2" type="submit" id="button2" value="Submit" /> <a href="register.php">Register here!</a></label></td> </tr> </table> <div align="center"> </div> </form> <div align="center"> <?php require("config.php"); $user = mysql_real_escape_string($_POST['username']); $pw = md5(sha1(md5(md5($_POST['password'])))); session_start(); if ($result = mysql_query("SELECT * FROM user_info WHERE username = '$user' and password = '$pw'")){ if (mysql_num_rows($result) > 0) { $_SESSION['LOGGEDIN'] = TRUE; $_SESSION['UNAME'] = $user; if ($SESSION['LOGGEDIN'] = TRUE){ header("Location: account.php");}} else { echo "You have typed in an incorrect password or/and username. Click <a href=\"index.php\">here</a> to try again."; }} ?> </div> Quote Link to comment Share on other sites More sharing options...
TreeNode Posted June 26, 2007 Share Posted June 26, 2007 Straight from PHP.net The filename of the currently executing script, relative to the document root. For instance, $_SERVER['PHP_SELF'] in a script at the address http://example.com/test.php/foo.bar would be /test.php/foo.bar. Quote Link to comment Share on other sites More sharing options...
Foser Posted June 26, 2007 Author Share Posted June 26, 2007 I fixed the second problem but the else statement still executes even though i just got to the page, and did not any info yet. Quote Link to comment Share on other sites More sharing options...
KevinM1 Posted June 26, 2007 Share Posted June 26, 2007 <body> <form id="form1" name="form1" method="post" action="<?php $_SERVER['PHP_SELF'] ?>"> <label></label> <table width="202" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#000000" bgcolor="#666666"> <tr> <th width="198" scope="col">Login System</th> </tr> <tr> <td height="63">Username: <input name="username2" type="text" id="username2" size="33" /> Password:<br /> <label> <input name="password" type="password" id="password" size="33" /> <input name="button2" type="submit" id="button2" value="Submit" /> <a href="register.php">Register here!</a></label></td> </tr> </table> <div align="center"> </div> </form> <div align="center"> <?php require("config.php"); $user = mysql_real_escape_string($_POST['user']); $pw = md5(sha1(md5(md5($_POST['pw'])))); session_start(); if ($result = mysql_query("SELECT * FROM user_info WHERE username = '$user' and password = '$pw'")){ if (mysql_num_rows($result) > 0) { $_SESSION['LOGGEDIN'] = TRUE; $_SESSION['UNAME'] = $user; if ($SESSION['LOGGEDIN'] = TRUE){ header("Location: account.php");}} else { echo "You have typed in an incorrect password or/and username. Click <a href=\"index.php\">here</a> to try again."; }} ?> </div> A couple of things: 1. Your logic is backwards. For sticky forms, you should handle processing first, then display the form (more on this in a moment). 2. You never check to see if someone has indeed submitted the form. The 'proper' way to construct a form in the manner you want is to do the following: 1. Check to see if the form has been submitted: a. If yes, have the other inputs been input correctly? I. If yes, process the info. II. If no, display the form. b. If the form hasn't been submitted, display it. This ensures that the form is always displayed when a user first visits the page, and will only be reshown if the user screws something up. For your form's action, try <?php echo $_SERVER['PHP_SELF']; ?> Hope this helps. Quote Link to comment Share on other sites More sharing options...
KevinM1 Posted June 26, 2007 Share Posted June 26, 2007 Looking over your code again, your biggest errors is that you attempt to use headers and session_start after displaying your HTML. That's not allowed by PHP. You must send headers and start sessions before anything is sent to the browser (including whitespace). There's a thread on it here: http://www.phpfreaks.com/forums/index.php/topic,37442.0.html Quote Link to comment Share on other sites More sharing options...
Foser Posted June 26, 2007 Author Share Posted June 26, 2007 than is there another way to use the javascript location code? Quote Link to comment Share on other sites More sharing options...
trq Posted June 26, 2007 Share Posted June 26, 2007 All you need do is move all your php to the top of the file and wrap it in an if(). eg; <?php if (isset($_POST['submit'])) { // process form. } else{ // display form. } ?> Quote Link to comment Share on other sites More sharing options...
KevinM1 Posted June 26, 2007 Share Posted June 26, 2007 than is there another way to use the javascript location code? I assume you mean the code: header("Location: account.php")? That's not JavaScript code. It's still PHP. Yes, the syntax is the same, but you're still writing PHP when you code that. A nitpick, maybe, but IMO it's important to understand exactly what you're coding. There is no JavaScript in the code you provided. Check out the link I had in my previous message. In order to do what you want to do, you'll need to employ output buffering. That link explains the concept, as well as provides a link to the output buffering code itself. Quote Link to comment Share on other sites More sharing options...
trq Posted June 26, 2007 Share Posted June 26, 2007 In order to do what you want to do, you'll need to employ output buffering. Or simply do as I suggested and put your php at the top. Quote Link to comment Share on other sites More sharing options...
KevinM1 Posted June 26, 2007 Share Posted June 26, 2007 In order to do what you want to do, you'll need to employ output buffering. Or simply do as I suggested and put your php at the top. True, that. It never hurts to learn about output buffering, though. Quote Link to comment Share on other sites More sharing options...
TreeNode Posted June 26, 2007 Share Posted June 26, 2007 <?php ob_end_flush(); ... do a bunch of stuff ... set_time_limit(30); flush(); ... ?> I use set_time_limit(30) if I suspect that the script will run longer than the defaulted time allocated for php (30 seconds). FYI, don't use this unless your script is expected to run for a long time, no script should ever run this long if it's being used publicly. Quote Link to comment Share on other sites More sharing options...
Foser Posted June 26, 2007 Author Share Posted June 26, 2007 How could I do that else statement or if statement at the beguining? how will it run through it all? my output buffering is on in my php.ini does that mean i can still do it anywhere? or is output buffering a type of function? Quote Link to comment Share on other sites More sharing options...
bigbob Posted June 26, 2007 Share Posted June 26, 2007 How about trying this: <?php require("config.php"); $user = mysql_real_escape_string($_POST['user']); $pw = md5(sha1(md5(md5($_POST['pw'])))); session_start(); if ($result = mysql_query("SELECT * FROM user_info WHERE username = '$user' and password = '$pw'")){ if (mysql_num_rows($result) > 0) { $_SESSION['LOGGEDIN'] = TRUE; $_SESSION['UNAME'] = $user; } if ($SESSION['LOGGEDIN'] = TRUE){ header("Location: account.php");}} else { die('You have typed in an incorrect password or/and username. Click <a href=\"index.php\">here</a> to try again.'); }} } ?> <form id="form1" name="form1" method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>"> <label></label> <table width="202" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#000000" bgcolor="#666666"> <tr> <th width="198" scope="col">Login System</th> </tr> <tr> <td height="63">Username: <input name="username2" type="text" id="username2" size="33" /> Password:<br /> <label> <input name="password" type="password" id="password" size="33" /> <input name="button2" type="submit" id="button2" value="Submit" /> <a href="register.php">Register here!</a></label></td> </tr> </table> <div align="center"> </div> </form> <div align="center"> Foser, for your form action, use echo $_SERVER['PHP_SELF'] next time. Oh, and Nightslyr, with all due respect, the PHP function code should be BEFORE the html form code. Quote Link to comment Share on other sites More sharing options...
KevinM1 Posted June 26, 2007 Share Posted June 26, 2007 Oh, and Nightslyr, with all due respect, the PHP function code should be BEFORE the html form code. You might want to re-read my posts. I specifically mentioned, in my second post, that form processing should be done before displaying the form. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.