Jump to content

My login form wont login!

Tylor_Famous

By Tylor_Famous
in MySQL Help

 Share

Recommended Posts

Tylor_Famous Member

Tylor_Famous

Posted
Posted

Hello. I have spent the last three hours trying to get my login form to work. But, obviously, I have had NO luck. I don't know why it wont log users in!

 

I put in the correct information but once I submit it, it just seems to refresh the page.

 

Please take a look at my code. It should be noted that this code (which is my menu) will be included into my index file.

 

Theoretically a user should enter their information and click submit. It will check to make sure the password matches the username and then start a session so they don't have to log in next time.

 

I am new to php so simple explanations are always appreciated!

 

 

 

<?php
session_start();
////////////Connect to database
include("db.php");
loginInfo();


$whattodo = "nologin";

if($_SESSION['session_var'] == "skipLogin"){
$textbox = "You are now logged in!<br>
Would you like to <form  action=\" $PHP_SELF \" method=\"post\" name=\"logout\">
<input type=\"hidden\" name=\"$whattodo\" value=\"logout\" />
<input name=\"logout\" type=\"submit\" value=\"Logout\" />
</form>";

///////////////// Relogin \\\\\\\\\\\\\\\\\\\\\\\

} else if ( $whattodo == "relogin" ){



mysql_pconnect($host, $user, $pass);
mysql_select_db($database);
$table = 'login';

$reloginname = '$reloginname';
$reloginpass = '$reloginpass';



$query = "SELECT password FROM $table WHERE username = '$reloginname' ";
$result = mysql_query($query);
$row = mysql_fetch_array($result);

	if($reloginpass == $row['password']){
		$textbox = "You are now logged in!";
		$_SESSION['session_var'] = "skipLogin";

	} else {
		$textbox = "sorry something is wrong";
		session_destroy();

	}


} else if ($whattodo == "nologin"){
	$textbox = "
<form action=\" $PHP_SELF \" method=\"post\" name=\"loginform\">
	<ul>
    		<li>Username:<br>
            <input name=\"$reloginname\" type=\"text\" maxlength=\"20\"></li>
            <li>Password:<br>
            <input name=\"$reloginpass\" type=\"password\" maxlength=\"20\"></li>
            <li><input name=\"Login\" type=\"submit\" value=\"Login\"></li>
            <li>Don't have an account? <a href=\"#\">sign up</a>!</li>
            <input type=\"hidden\" name=\"$whattodo\" value=\"relogin\">
    	</ul>
      </form>";

} else if ($whattodo == "logout"){
	session_destroy();
	$whattodo = "nologin";
}	
?>
<div id="menubox1">
      <h3>Account Information:</h3>
      <?php echo "$textbox" ?>
</div>
    	<div id="menubox2">
      <h3>Navigation:</h3>
	<ul>
    		<li><a href="#">Home Page</a></li>
            <li><a href="#">Village Trade Vine</a></li>
            <li><a href="#">Calendar</a></li>
            <li><a href="#">Local Service Finder</a></li>
            <li><a href="#">Business Finder</a></li>
    	</ul>
</div>
       	<div id="menubox3">
      <h3>Navigation:</h3>
	<ul>
    		<li><a href="#">Link will go here</a></li>
            <li><a href="#">Link will go here</a></li>
            <li><a href="#">Link will go here</a></li>
            <li><a href="#">Link will go here</a></li>
            <li><a href="#">Link will go here</a></li>
    	</ul>
</div>
	  	<div id="menubox4">
      <h3>Navigation:</h3>
	<ul>
    		<li><a href="#">Link will go here</a></li>
            <li><a href="#">Link will go here</a></li>
            <li><a href="#">Link will go here</a></li>
            <li><a href="#">Link will go here</a></li>
            <li><a href="#">Link will go here</a></li>
    	</ul>
</div>

Link to comment
Share on other sites
revraz Member

revraz

Posted
Posted

This is an odd way to do it

 

$query = "SELECT password FROM $table WHERE username = '$reloginname' ";

 

 

It should be something like

 

$query = "SELECT * FROM $table WHERE username = '$reloginname' AND password = '$password'";

 

What you are doing is pulling the password field and then comparing it after.  You should only pull the row when both username and password match.

 

Link to comment
Share on other sites
fenway Advanced Member

fenway

Posted
Posted

This is an odd way to do it

 

$query = "SELECT password FROM $table WHERE username = '$reloginname' ";

 

 

It should be something like

 

$query = "SELECT * FROM $table WHERE username = '$reloginname' AND password = '$password'";

 

What you are doing is pulling the password field and then comparing it after.  You should only pull the row when both username and password match.

 

Actually, this sends the password in plaintext across a network, will show up in logs, etc... checking the password after is more robust and more secure.

 

Echo the sql query.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.