SitePoint Sponsor

User Tag List

Results 1 to 7 of 7

Thread: Login problem

Hybrid View

  1. #1
    SitePoint Member
    Join Date
    Apr 2006
    Posts
    22
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Login problem

    Hi,

    I am creating a simple login page for my site, and am having a few problems. Here is the code for my login form (editorloginform.php):

    <?php
    include "admin_header.php";

    echo '<h align="middle"><h1>Editor Login</h1>';
    echo"<form action='posslogin2.php' method='POST'>
    <table border=0>
    <tr>
    <td>Username</td>
    <td><input size='16' name='username'></td>
    </tr>
    <tr>
    <td>Password</td>
    <td><input size='16' type='password' name='password'></td>
    </tr>
    </table>
    <input type='submit' value='Log in'>
    </form>";

    include "admin_footer.php";
    ?>


    and here is the code for my login script(posslogin2.php) :



    <?php
    session_start();
    include "db_connect";
    //get the data used to authenticate users

    $username = $_POST['username'];
    $password = $_POST['password'];

    //perform the query to see if you have a matching result

    $sql = mysql_query(
    "SELECT username
    , password
    FROM editors
    WHERE username = '$username'
    AND password = '$password'
    LIMIT 0,1")
    or die('<p>Unable to query the database at this time.<br />Error: ' . mysql_error() . '</p>');
    $row = mysql_fetch_array($sql);

    if(mysql_num_rows($sql) == 1) // if there is one matching result, then get some data to be displayed on your pages for the user logged in.
    {
    $_SESSION['username'] = $row['username'];
    $_SESSION['password] = $row['password'];
    $_SESSION['loggedin'] = TRUE; // Setting session var 'loggedin' to true
    header('Location:admin.php'); // redirects to the welcome page if everything is ok.
    exit;
    ****
    }else{
    ****header('Location:editorlist.php'); // Redirect to error page.
    ****exit;
    }
    ?>
    php]

    When i click on the submit button, I get a blank page. Can anyone help me out?

    Thanks,

    Sunny

  2. #2
    SitePoint Evangelist kooshin.com's Avatar
    Join Date
    Dec 2003
    Location
    http://kooshin.com
    Posts
    505
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    header('Location:admin.php'); // redirects to the welcome page if everything is ok.
    exit;


    when that page loads does it have the welcome information? When the username and password entered are correct it goes to that page so make sure that page is not blank or something. You might need to post that page's code too.

  3. #3
    SitePoint Wizard silver trophy Jelena's Avatar
    Join Date
    Feb 2005
    Location
    Universum, 3rd Corner
    Posts
    3,000
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    First of all, to see the error, it would be good to set up error reporting to show you all error messages. You can do that in php.ini or in your code.

    Anyway, first thing I've noticed is this line:
    include "db_connect";
    Included file doesn't have an extenstion. Other than that, code should be working.
    -- Jelena --

  4. #4
    SitePoint Member
    Join Date
    Apr 2006
    Posts
    22
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,
    thanks for your replies. Jelena, that was a mistake, i've now renamed it to db_connect.php. Admin.php is simply a page which displays two buttons to click to proceed to further areas. The page displays correctly on its own, but when i click the submit button on the login form, i just get a blank page with no debugging info. So here is the code with my alterations :

    [editorloginform.php] :
    <?php
    include "admin_header.php";

    echo '<h align="middle"><h1>Editor Login</h1>';
    echo"<form action='posslogin2.php' method='POST'>
    <table border=0>
    <tr>
    <td>Username</td>
    <td><input size='16' name='username'></td>
    </tr>
    <tr>
    <td>Password</td>
    <td><input size='16' type='password' name='password'></td>
    </tr>
    </table>
    <input type='submit' value='Log in'>
    </form>";

    include "admin_footer.php";
    ?>

    [posslogin2.php] :

    <?php
    session_start();
    include 'db_connect.php';
    //get the data used to authenticate users

    $username = $_POST['username'];
    $password = $_POST['password'];

    //perform the query to see if you have a matching result

    $sql = mysql_query(
    "SELECT username
    , password
    FROM editors
    WHERE username = '$username'
    AND password = '$password'
    LIMIT 0,1")
    or die('<p>Unable to query the database at this time.<br />Error: ' . mysql_error() . '</p>');
    $row = mysql_fetch_array($sql);

    if(mysql_num_rows($sql) == 1) // if there is one matching result, then get some data to be displayed on your pages for the user logged in.
    {
    $_SESSION['username'] = $row['username'];
    $_SESSION['password'] = $row['password'];
    $_SESSION['loggedin'] = TRUE; // Setting session var 'loggedin' to true--> check it on top of each you want to be protected.
    header('Location: admin.php'); // redirects to the welcome page if everything is ok. always use absolute URL!!
    exit;
    ****
    }else{
    ****header('Location:editorlist.php'); // Redirect to error page.
    ****exit;
    }
    ?>

    [editoradmin.php] :

    <?php

    include "admin_header.php";

    echo '<h align="middle"><h1>Editor Menu</h1>';
    echo '<p><p><p><a href="add_article.php"><img src="add_article_button.jpg" alt="add article button"></a><p>';
    echo '<p><p><p><a href="editarticlelist.php"><img src="edit_article_button.jpg" alt="editor login button"></a><p>';

    include "admin_footer.php";

    ?>

    I've tried everything, but it doesnt seem to want to work? :s

  5. #5
    SitePoint Wizard silver trophy Jelena's Avatar
    Join Date
    Feb 2005
    Location
    Universum, 3rd Corner
    Posts
    3,000
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    With no particular error, we can't help you much. Could you edit your php.ini to show all errors?
    You should uncomment this line:
    Code:
    error_reporting  =  E_ALL
    and set display_errors to On
    Code:
    display_errors = On
    Restart apache and try again and let us know if you got any error.
    -- Jelena --

  6. #6
    SitePoint Member
    Join Date
    Apr 2006
    Posts
    22
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    hi again, ok i've got the login script password using an older checklogin.php i did.

    <?php
    ob_start();
    $host="localhost"; // Host name
    $username="root"; // Mysql username
    $password=""; // Mysql password
    $db_name="chronicle"; // Database name
    $tbl_name="editors"; // Table name

    // Connect to server and select databse.
    mysql_connect("$host", "$username", "$password")or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");

    // Define $myusername and $mypassword
    $username=$_POST['username'];
    $password=$_POST['password'];

    $sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
    $result=mysql_query($sql);

    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);
    // If result matched $myusername and $mypassword, table row must be 1 row

    if($count==1){
    // Register $myusername and redirect to file "login_success.php"
    session_register("username");
    header("location:editoradmin.php");
    }
    else {
    echo "<CENTER>Wrong Username or Password - Please Go Back And Re-Try</CENTER>";
    }

    ob_end_flush();
    ?>

    How can i then protect the pages, as at the moment you can type in the address in the address bar to access the pages. Is something along the lines of adding include "start_session();" at the beginning of the pages?

  7. #7
    SitePoint Wizard silver trophy Jelena's Avatar
    Join Date
    Feb 2005
    Location
    Universum, 3rd Corner
    Posts
    3,000
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    On each page which requres user to be logged in, perform a check:
    PHP Code:
    session_start();
    if(!isset(
    $_SESSION['username'])) {
    header("Location:login.php");

    or something similar.
    -- Jelena --


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •