PDA

View Full Version : Login Script code


topdog
07-23-2009, 03:37 PM
I am working with Dj's video (the first one) on a login script using php. This idea is that a message appears on the screen if:-
The login information (user id and password) is correct or incorrect (This is triggered by the Submit action). With the code I am using, the message appears as soon as the paage opens and I cannot fathom why.
This is the code:+

<?php
require_once("Connections/connection.php");//database connection

//catch field data
$userid = $_POST['userid'];
$password = $_POST['password'];
$submitted = $_POST['submitted'];

if($userid && Spassword){

////////////////////////////////////////////////////////
$query = sprintf("SELECT * FROM users where user_name='$userid' and user_password='$password'");
$result = mysql_query($query);
$rowAccount = mysql_fetch_array($result);
///////////////////////////////////////////////////////
}

if ($rowAccount){
echo "User & Password Valid - You may enter<BR>";
echo "your name is '$userid'";
}elseif(Ssubmitted){
echo "This is supposed to print only if submitted pressed";
echo $password;
echo $userid;
}

?>



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<form method="post" id="form1" action="<?php $_SERVER['PHP_SELF'];?>">
<table width="200" border="2" align="center" cellpadding="1" cellspacing="1">
<tr>
<td>User ID</td>
<td><input type="text" name="userid" id="userid" /></td>
</tr>
<tr>
<td>Password</td>
<td><input type="text" name="password" id="password" /></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input name="submitted" type="hidden" id="submitted" value="1"> <input type="submit" name="Submit" id="Submit" value="Submit"></td>
</tr>
</table>
</form>
</body>
</html>


Thanks

Brian

Corrosive
07-23-2009, 05:45 PM
Two issues jump out right away. You have...

Spassword and Ssubmitted in you code. these are variables so should be $password and $submitted.

Change and try that. Btw, please wrap code in code tags if you post on the forum, thanks.

topdog
07-25-2009, 01:42 AM
Oops sorry about the missing code tags. Changing the variable typing certainly progressed one stage but the code is not opening the welcome.php page.
This is the code for the login.php


<?php
require_once("Connections/connection.php");//database connection

session_start();

//catch field data
$userid = $_POST['userid'];
$password = $_POST['password'];
$submitted = $_POST['submitted'];

if($userid && $password){

////////////////////////////////////////////////////////
$query = sprintf("SELECT * FROM users where user_name='$userid' and user_password='$password'");
$result = mysql_query($query);
$rowAccount = mysql_fetch_array($result);
///////////////////////////////////////////////////////
}

if ($rowAccount){

$_SESSION['id'] = $rowAccount['userid'];

header("location:welcome.php");
exit;

}elseif($submitted){
echo "You are not allowed to enter here";

}

?>



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<form method="post" id="form1" action="<?php $_SERVER['PHP_SELF'];?>">
<table width="200" border="2" align="center" cellpadding="1" cellspacing="1">
<tr>
<td>User ID</td>
<td><input type="text" name="userid" id="userid" /></td>
</tr>
<tr>
<td>Password</td>
<td><input type="text" name="password" id="password" /></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input name="submitted" type="hidden" id="submitted" value="1"> <input type="submit" name="Submit" id="Submit" value="Submit"></td>
</tr>
</table>
</form>
</body>
</html>


And this is the code for the welcome.php

<?php
require_once("Connections/connection.php"); //database connection

session_start();

if (! isset($_SESSION['id'])){

header("location: login.php");
exit;

}

$id = $_SESSION['id'];

///////////////////////////////////////
$query =sprintf("SELECT * FROM users where user_id='$id' ");
$result =@mysql_query($query);
$rowAccount = @mysql_fetch_array($result);
//////////////////////////////////////

?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
Welcome to the application <?php echo $rowAccount['user_name']; ?>
</body>
</html>


Thanks