PDA

View Full Version : Issue's with Login System


Cascade
08-14-2009, 04:38 PM
<?php
ob_start();
require_once("Actions/config.php");

// Define $myusername and $mypassword
$email = (isset($_POST['email']));
$password = (isset($_POST['password']));

// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($email);
$password = stripslashes($password);
$email = @mysql_real_escape_string($email);
$password = @mysql_real_escape_string($password);

$sql = "SELECT * FROM $tbl_name WHERE username='$email' and password='$password'";
$result = @mysql_query($sql);

// Mysql_num_row is counting table row
$count = @mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("email");
session_register("password");
header("Location: http://localhost/Actions/home.php");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title></title>
</head>
<body>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="index.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Email</td>
<td width="6">:</td>
<td width="294"><input name="email" type="text" id="email"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="text" id="password"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
</body>
</html>


it automaticly tells me that the username or password is incorrect. Before entering any information...any help? I've taken a look at DavidJ's but I get a lot of errors with the code he tells us to use.

I am using WAMP Server with Mysql and php5

bee80
08-14-2009, 05:10 PM
because its testing the script before its submitted

Cascade
08-14-2009, 05:33 PM
How do I get it to stop testing the script?

bee80
08-14-2009, 07:20 PM
$submit = $_POST['Submit'];


if($submit){
$sql = "SELECT * FROM $tbl_name WHERE username='$email' and password='$password'";
$result = @mysql_query($sql);

// Mysql_num_row is counting table row
$count = @mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("email");
session_register("password");
header("Location: http://localhost/Actions/home.php");
}
else {
echo "Wrong Username or Password";
}
}

Cascade
08-15-2009, 12:18 AM
Arn't you supposed to use isset? Because I get a error with $submit = $_POST['Submit'];

But when I make it

$submit = (isset($_POST['Submit']));

but then I get a error with the mysql

bee80
08-15-2009, 09:55 AM
you shouldnt get an error from $submit = $_POST['Submit'];

you can use isset but if you do dont put it in brackets :
$submit = (isset($_POST['Submit']));
use
$submit = isset($_POST['Submit']);

Cascade
08-15-2009, 04:55 PM
When I do $Submit = $_POST['Submit'];

I get a undefined index error on Submit.

I also get the undefined index error on Email_address in my mysql SELECT