Jump to content

Archived

This topic is now archived and is closed to further replies.

pixelsoul

function not working properly?

Recommended Posts

Well I am a php n00b heh, and I wanted to make a login page that authenticated users from a MySql database. I was just wondering if you all could look at the code and tell me what might be wrong with it. I do not get any php errors but also nothing shows on the page from the function like the login fields. I know I probably missed one small part but I seemed to have hit a road block. I just need some help in understanding how to connect the dots. Here is the code


[code]
<?php session_start(); ?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>

<title>User Login</title>

</head>

<body>

<?php
function login_form(){
//function that when called outputs the login form
echo "<form action=\"index.php\" method=\"POST\"><h3>System Login</h3>User Name: <input type=\"text\" name=\"user_name\"><br>Password : <input type=\"password\" name=\"password\"><br><input type=\"submit\" name=\"submit\" value=\"Login\"><br></form>";
}

if (isset($_POST['username'])) {

      $inputusername=$_POST['username'];
      $inputpassword=$_POST['password'];

      $host="";//mysql host
      $user="";//mysql username
      $pass="";//mysql password for the username
      $database="";//name of the database
      $connection=mysql_connect($host, $user, $pass) or die(mysql_error());//connect to db
      $db=mysql_select_db($database, $connection) or die(mysql_error());//select database
      $sql = "SELECT password FROM users WHERE username='$inputusername'";//the query
      $result = mysql_query($sql) or die("Incorrect username - <a href=\"index.php\">try again</a>");//run the query, if it can't find a user output error message and link to try login again
      $row=mysql_fetch_array($result);//get an array from the row
      list($dbpassword)=$row;//get $dbpassword out of the array
      if ($dbpassword == $inputpassword) {//if the password they entered is correct for that username
            //Logged in
            $_SESSION['username'] = $username;//start session for user to allow access to protected pages
            echo "You are now logged in";
            
      } else {
            echo "Incorrect password<br/>";
            login_form();
      }
}  
?>

</body>
</html>
[/code]

thanks for the help.

Share this post


Link to post
Share on other sites
Why dont you try and do it this way:
[code]<?php session_start(); ?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>

<title>User Login</title>

</head>

<body>

<?php
function login_form(){
//function that when called outputs the login form
echo "<form action=\"index.php\" method=\"POST\"><h3>System Login</h3>User Name: <input type=\"text\" name=\"user_name\"><br>Password : <input type=\"password\" name=\"password\"><br><input type=\"submit\" name=\"submit\" value=\"Login\"><br></form>";
}

if (isset($_POST['username'])) {

      $inputusername=$_POST['username'];
      $inputpassword=$_POST['password'];

      $host="";//mysql host
      $user="";//mysql username
      $pass="";//mysql password for the username
      $database="";//name of the database
      $connection=mysql_connect($host, $user, $pass) or die(mysql_error());//connect to db
      $db=mysql_select_db($database, $connection) or die(mysql_error());//select database
      $sql = "SELECT * FROM users WHERE username='$inputusername' AND password='$inputpassword'";//the query
      $result = mysql_query($sql) or die("Incorrect username - <a href=\"index.php\">try again</a>");//run the query, if it can't find a user output error message and link to try login again
      $rows=mysql_num_rows($result);
      if($rows==1){
            //Logged in
            $_SESSION['username'] = $username;//start session for user to allow access to protected pages
            echo "You are now logged in";
            
      } else {
            echo "Incorrect password<br/>";
            login_form();
      }
}  
?>

</body>
</html>
[/code]
Instead of what you did, this script checks if there's a row with a username and passwords, and if there's one, continue, else its wrong.

Orio.

Share this post


Link to post
Share on other sites
Pass the variables to your function

[code]function login_form($u,$p){
    //function that when called outputs the login form
    echo "<form action=\"index.php\" method=\"POST\">
            <h3>System Login</h3>
            User Name: <input type=\"text\" name=\"username\" value=\"$u\"><br>
            Password : <input type=\"password\" name=\"password\" value=\"$p\"><br>
            <input type=\"submit\" name=\"submit\" value=\"Login\"><br>
        </form>";
}


//call with
login_form ($inputusername, $inputpassword);[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.