PDA

View Full Version : problem in login script


red_rose
12-12-2006, 07:03 PM
hie, i learned how to create login with PHP coding, rather than using dreamweaver to do it. i have followed exactly as how you showed in video tutorial but it's not functioning the way it is suppose to be. can you please check for me what's wrong? the text field for username is 'userid' and for password is 'password'. thanks


$userid = $_POST['userid'];
$password = $_POST['password'];
$submitted = $_POST['submitted'];
if($userid && $password) {
$query = sprintf("SELECT * FROM users where user_name = '$userid' and user_password = '$password'");
$result = @mysql_query($query);
$row = @mysql_fetch_array($result);
}
if($row) {
echo "The record exists so you can enter";
}
elseif($submitted){
echo "You dont exist in the system";
}
?>

domedia
12-12-2006, 07:09 PM
but it's not functioning the way it is suppose to be. Hi red, can you please tell us what goes wrong?

red_rose
12-12-2006, 07:20 PM
hie,

when i run the page, it shows undefined index for 'userid', 'password', 'submitted' and undefined variable for 'row' and followed by the table. i tried to log in with the correct username and password and yes, the page then doesn't show any errors and also shows "The record exists so you can enter". but i face problem when i tried to log in with incorrect username and password. when i click the login button, it redirects me again to login.php instead of showing "You dont exist in the system". can you please tell me where i went wrong? thanks alot

davidj
12-12-2006, 08:36 PM
post the code to the full page including the HTML

davidj
12-12-2006, 08:40 PM
try this

where you have this...


if($row) {
echo "The record exists so you can enter";
}
elseif($submitted){
echo "You dont exist in the system";
}


replace with...


if($row!='') {
echo "The record exists so you can enter";
}
elseif($submitted!=''){
echo "You dont exist in the system";
}

red_rose
12-13-2006, 12:49 AM
hie dj,

i tried with the code you posted but it's still the same. i tagged my php code inside the html also, but no changes. it keeps on saying undefined index and variable but i can still log in with correct details. what the reason could be?

davidj
12-13-2006, 08:41 AM
post your entire page code

red_rose
12-13-2006, 09:48 AM
here is the code. after the changes that i have made, if i type in the correct login, then i can see the "You have logged in" page but if i type in incorrect details, it doesn't redirect me to the "You have not logged in" page, the same thing happens if i "do not" type in anything in both fields and straight click Login button. what is wrong with my code?


<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?php
/////////////////////////////////////
$database = "services";
$username = "root";
$password = "sa";
/////////////////////////////////////
$link = @mysql_connect('localhost', $username, $password);
$db = @mysql_select_db($database, $link);

@ $name = $_POST['userid'];
@ $password = $_POST['password'];

if($name && $password){
$query = sprintf("SELECT * FROM users where user_name = '$name' and user_password = '$password'");
$result = @mysql_query($query);
@ $row = mysql_fetch_array($result);
}

if(@!$row)
{
?>

Please Log In
<form name="form1" method="post" action="<?php $_SERVER['PHP_SELF']; ?>">
<table width="60%" border="2" cellspacing="2" cellpadding="2">
<tr>
<td>Username</td>
<td><input name="userid" type="text" id="userid"></td>
</tr>
<tr>
<td>Password</td>
<td><input name="password" type="text" id="password"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input name="Login" type="submit" id="Login" value="Login"></td>
</tr>
</table>
</form>

<?php
}
elseif($row)
{
echo "You have logged in";
}
else
{
echo "You have not logged in";
}
?>

</body>
</html>

davidj
12-13-2006, 10:50 AM
red

if your following my vids then your not following them very well

your PHP is in the body of the page! not that this should be a problem but if your not following the vids as i showed you then the chances are you will make more mistakes


if i type in the correct login, then i can see the "You have logged in" page


you have no redirection function in the code so you do not see the "You have logged in" page just a message!

if i type in incorrect details, it doesn't redirect me to the "You have not logged in" page

there is no redirection function in the code you posted so how will it redirect you??

also what happened to the original problem you were having with undefined index ? thought we were trying to sort that with this thread?

red_rose
12-13-2006, 11:24 AM
actually i changed my code because i was having those errors, but now i changed back to the same coding you have showed in the tutorial. i dont see any errors "undefined index" anymore. so ok, now i only have one problem. if i insert incorrect details, i cant see the "You dont exist in the system" page. on the other hand, if i insert correct details, everything is fine. here is the code :


<?php
/////////////////////////////////////
$database = "services";
$username = "root";
$password = "sa";
/////////////////////////////////////

$link = @mysql_connect('localhost', $username, $password);
$db = mysql_select_db($database, $link);

$userid = $_POST['userid'];
$password = $_POST['password'];
$submitted = $_POST['submitted'];

if($userid && $password) {
$query = sprintf("SELECT * FROM users where user_name = '$userid' and user_password = '$password'");
$result = @mysql_query($query);
$row = @mysql_fetch_array($result);
}

if($row) {
echo "The record exists so you can enter";
}
elseif($submitted){
echo "You dont exist in the system";
}

?>

<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>

<form name="form1" method="post" action="<?php $_SERVER['PHP_SELF']; ?>">
<table width="32%" border="2" cellspacing="2" cellpadding="2">
<tr>
<td><div align="right">Username :</div></td>
<td><input name="userid" type="text" id="userid"></td>
</tr>
<tr>
<td><div align="right">Password : </div></td>
<td><input name="password" type="text" id="password"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input name="submitted" type="hidden" id="submitted">
<input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</form>
</body>
</html>

davidj
12-13-2006, 11:52 AM
in the php i have

elseif($submitted){


this will be blank because your submited hidden field does not have a value so will not echo the message...


<input name="submitted" type="hidden" id="submitted">



should be


<input name="submitted" type="hidden" id="submitted" value="1">

red_rose
12-14-2006, 05:26 AM
thanks dj, it's now working. but the errors "undefined index" do appear sometimes. but i ignore and just log in, it still works. so i dont know what does the errors means and why do they appear. so wat i did, i insert @, means it becomes @ $password = $_POST['password;]; after that, no errors appeared. is it ok to code it this way?

davidj
12-14-2006, 06:48 AM
@ is a supressor for warnings

this is ok but i would want to sort out why your getting those errors

davidj
12-14-2006, 07:09 AM
replace what you have with this


$userid = $_POST['userid'];
$password = $_POST['password'];
$submitted = $_POST['submitted'];
if(isset($userid) && isset($password)) {
$query = sprintf("SELECT * FROM users where user_name = '$userid' and user_password = '$password'");
$result = @mysql_query($query);
$row = @mysql_fetch_array($result);
}
if(isset($row)) {
echo "The record exists so you can enter";
}
elseif(isset($submitted)){
echo "You dont exist in the system";
}

red_rose
12-18-2006, 03:25 PM
dj, i have created 4 pages, login.php, welcome.php, logoff.php and security.php. i have done as how you showed but now i'm having problems with session. here are the errors displayed on the browser when i run login.php. can you please tell me what's wrong?

Warning: session_start() [<function.session-start>]: open(C:\Program Files\sessiondata\sess_ee23da6c476be0b0a1743106c56 df865, O_RDWR) failed: Permission denied (13) in c:\Inetpub\wwwroot\MySite\login.php on line 11

Warning: session_start() [<function.session-start>]: Cannot send session cookie - headers already sent by (output started at c:\Inetpub\wwwroot\MySite\login.php:11) in c:\Inetpub\wwwroot\MySite\login.php on line 11

Warning: session_start() [<function.session-start>]: Cannot send session cache limiter - headers already sent (output started at c:\Inetpub\wwwroot\MySite\login.php:11) in c:\Inetpub\wwwroot\MySite\login.php on line 11

Notice: Undefined index: userid in c:\Inetpub\wwwroot\MySite\login.php on line 13

Notice: Undefined index: password in c:\Inetpub\wwwroot\MySite\login.php on line 14

Notice: Undefined index: submitted in c:\Inetpub\wwwroot\MySite\login.php on line 15

Warning: Unknown: open(C:\Program Files\sessiondata\sess_ee23da6c476be0b0a1743106c56 df865, O_RDWR) failed: Permission denied (13) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (C:\Program Files\sessiondata) in Unknown on line 0

davidj
12-18-2006, 03:31 PM
make sure session_start() is at the top above any code

red_rose
12-18-2006, 03:57 PM
yes, the session_start() is at the top. but im still getting those errors. is there anything wrong with the session setting? do i need to make any changes in php.ini file? i just assumed because i saw the error saying :

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (C:\Program Files\sessiondata) in Unknown on line 0

davidj
12-18-2006, 04:36 PM
in your php.ini you should have PHP session save path

make sure you have permissions set for this dir

davidj
12-18-2006, 04:41 PM
if you have your server on a windows machine make sure you have permissions to access the session file

or if your using a unix machine chmod the rights

red_rose
12-19-2006, 06:18 AM
in your php.ini you should have PHP session save path
make sure you have permissions set for this dir


in my php.ini, my session save path is like this "session.save_path = "N;MODE;/path"
is it correct?


if you have your server on a windows machine make sure you have permissions to access the session file

how do i do this?

red_rose
12-19-2006, 06:31 AM
at one place, i saw the session set as this,
;session.save_path = "/tmp"

could you please tell me what's wrong here?

davidj
12-19-2006, 06:50 AM
you need to make sure you have access rights to the tmp dir

davidj
12-19-2006, 08:46 AM
Start -> Run -> Explorer -> Navigate to tmp Folder -> Right click on folder -> Properties -> Sharing-> Enable 'Share this folder on the network' and 'Allow network users to change my files' -> Apply/OK