Jump to content


Photo

function not working properly?


  • Please log in to reply
2 replies to this topic

#1 pixelsoul

pixelsoul
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 21 April 2006 - 11:24 PM

Well I am a php n00b heh, and I wanted to make a login page that authenticated users from a MySql database. I was just wondering if you all could look at the code and tell me what might be wrong with it. I do not get any php errors but also nothing shows on the page from the function like the login fields. I know I probably missed one small part but I seemed to have hit a road block. I just need some help in understanding how to connect the dots. Here is the code


<?php session_start(); ?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 
<html> 
<head> 

<title>User Login</title> 

</head> 

<body> 

<?php 
function login_form(){
//function that when called outputs the login form 
echo "<form action=\"index.php\" method=\"POST\"><h3>System Login</h3>User Name: <input type=\"text\" name=\"user_name\"><br>Password : <input type=\"password\" name=\"password\"><br><input type=\"submit\" name=\"submit\" value=\"Login\"><br></form>"; 
}

if (isset($_POST['username'])) { 

      $inputusername=$_POST['username']; 
      $inputpassword=$_POST['password']; 

      $host="";//mysql host 
      $user="";//mysql username 
      $pass="";//mysql password for the username 
      $database="";//name of the database 
      $connection=mysql_connect($host, $user, $pass) or die(mysql_error());//connect to db 
      $db=mysql_select_db($database, $connection) or die(mysql_error());//select database 
      $sql = "SELECT password FROM users WHERE username='$inputusername'";//the query 
      $result = mysql_query($sql) or die("Incorrect username - <a href=\"index.php\">try again</a>");//run the query, if it can't find a user output error message and link to try login again 
      $row=mysql_fetch_array($result);//get an array from the row 
      list($dbpassword)=$row;//get $dbpassword out of the array 
      if ($dbpassword == $inputpassword) {//if the password they entered is correct for that username 
            //Logged in 
            $_SESSION['username'] = $username;//start session for user to allow access to protected pages
            echo "You are now logged in";
            
      } else { 
            echo "Incorrect password<br/>"; 
            login_form(); 
      } 
}   
?> 

</body> 
</html> 

thanks for the help.

#2 Orio

Orio
  • Staff Alumni
  • Advanced Member
  • 2,491 posts

Posted 22 April 2006 - 12:35 PM

Why dont you try and do it this way:
<?php session_start(); ?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 
<html> 
<head> 

<title>User Login</title> 

</head> 

<body> 

<?php 
function login_form(){
//function that when called outputs the login form 
echo "<form action=\"index.php\" method=\"POST\"><h3>System Login</h3>User Name: <input type=\"text\" name=\"user_name\"><br>Password : <input type=\"password\" name=\"password\"><br><input type=\"submit\" name=\"submit\" value=\"Login\"><br></form>"; 
}

if (isset($_POST['username'])) { 

      $inputusername=$_POST['username']; 
      $inputpassword=$_POST['password']; 

      $host="";//mysql host 
      $user="";//mysql username 
      $pass="";//mysql password for the username 
      $database="";//name of the database 
      $connection=mysql_connect($host, $user, $pass) or die(mysql_error());//connect to db 
      $db=mysql_select_db($database, $connection) or die(mysql_error());//select database 
      $sql = "SELECT * FROM users WHERE username='$inputusername' AND password='$inputpassword'";//the query 
      $result = mysql_query($sql) or die("Incorrect username - <a href=\"index.php\">try again</a>");//run the query, if it can't find a user output error message and link to try login again
      $rows=mysql_num_rows($result);
      if($rows==1){
            //Logged in 
            $_SESSION['username'] = $username;//start session for user to allow access to protected pages
            echo "You are now logged in";
            
      } else { 
            echo "Incorrect password<br/>"; 
            login_form(); 
      } 
}   
?> 

</body> 
</html> 
Instead of what you did, this script checks if there's a row with a username and passwords, and if there's one, continue, else its wrong.

Orio.
Think you're smarty?

(Gone until 20 to November)

#3 Barand

Barand
  • Moderators
  • Sen . ( ile || sei )
  • 18,017 posts

Posted 23 April 2006 - 06:38 AM

Pass the variables to your function

function login_form($u,$p){
    //function that when called outputs the login form
    echo "<form action=\"index.php\" method=\"POST\">
            <h3>System Login</h3>
            User Name: <input type=\"text\" name=\"username\" value=\"$u\"><br>
            Password : <input type=\"password\" name=\"password\" value=\"$p\"><br>
            <input type=\"submit\" name=\"submit\" value=\"Login\"><br>
        </form>";
}


//call with
login_form ($inputusername, $inputpassword);

If you are still using mysql_ functions, STOP! Use mysqli_ or PDO. The longer you leave it the more you will have to rewrite.

Donations gratefully received






moon.png

|baaGrid| easy data tables - and more
|baaChart| easy line, column and pie charts




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users