SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Wizard lukeurtnowski's Avatar
    Join Date
    Mar 2003
    Location
    Coronado
    Posts
    1,645
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)

    login form question

    I am confused, the php doesnt seem to make sense
    PHP Code:
    <?
    if(isset($_POST['submit'])) {
    require_once(
    "db_conn.php");

    session_start();
    $user $_POST['name'];
    $pass $_POST['pass'];
    $result mysql_query("SELECT * FROM users WHERE name = '$user' AND password = '$pass'") or die(mysql_error()); 
    $row mysql_fetch_array$result );

    }
    ?>

    <span id="navbar">
    <?php
    if($row) {
    $_SESSION['id'] = $row['id'];
    header("Location: editable.php");
    exit;
    } else {
    ?>


    <div class="buttonwrapper">
    <a class="ovalbutton" ahref="#" onclick="showlayer('login_menu')">
    <span>Login</span>
    </a></div>
    <div id="login_menu" style="display:none;">
    <!--<div id="new-user-col">New User:<br /><br />
    <a href="register.html" class="green-button">Register</a>
    </div> -->

    <div id="signup-user-col">
    <form action="<?php $_SERVER['PHP_SELF'];?>" method="post">
    <ul>
    <li>
    <label for="email">Username:</label>
    <input type="text" id="email" size="18" name="name"/>
    </li>
    <li>
    <label for="psw">Password:</label>
    <input type="text" id="psw" size="18" name="pass"/>
    </li>
    <input type="submit" value="Log-in" name="submit"/>
    </ul>
    </form>
    </div>

    <div class="spacer"></div>

    </div>
    <?php ?>
    </span>
        <div id="logo"><a href="index.shtml">On The Ocean</a></div>
        <ul id="menu">
        <li><a href="index.php">Home</a></li>
        <li><a href="409.shtml">409</a></li>
        <li><a href="708.shtml">708</a></li>
        <li><a href="102.shtml">102</a></li>
        <li><a href="310.shtml">310</a></li>
        <li><a href="avail.shtml">Availability</a></li>
        <li><a href="loc.shtml">Location</a></li>
        <li><a href="blog">Blog</a></li>
        <li><a href="contact.shtml">Contact Us</a></li>
        </ul>
    the page is here
    On The Ocean: Home
    Shouldn't (once the login form is submitted, the if statement,
    [php]if(isset($_POST['submit']))[/php} be true and run the code in between. Also, shouldn't the
    PHP Code:
    if($row
    ring true if the login credentials are right and1 record is returned? but it doesn't seem to work as the
    PHP Code:
    header() 
    function doesn't run.

    Whats going on here?
    Thanks
    "Oh, and Jenkins--apparently your mother died this morning."

  2. #2
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,192
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    You may want to check what happens when you click the login button as when i clicked it all your database information appeared right in front of me including the username and password.

  3. #3
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    When conditional forks in your code do not behave as expected then make sure you temporarily var_dump() the variable you are testing against, and take a close look at it.

    Is the condition you are testing it against actually robust enough? Have you fallen into any of these traps?

    ps make sure you also test the form by clicking the submit button, and just filling in the form and pressing Enter, esp in IE - I never test for the existence of 'submit', but rather a required form element, e.g. email

  4. #4
    SitePoint Wizard lukeurtnowski's Avatar
    Join Date
    Mar 2003
    Location
    Coronado
    Posts
    1,645
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    K, this is wierd to me, but I tried to be more exact with my if statement by adding this
    PHP Code:
    <?
    if($_POST['name'] != "") {
    require_once(
    "db_conn.php");

    session_start();
    $user $_POST['name'];
    $pass $_POST['pass'];
    $result mysql_query("SELECT * FROM users WHERE name = '$user' AND password = '$pass'") or die(mysql_error()); 
    $row mysql_fetch_array$result );
    echo 
    $row;
    echo 
    $result;
    }
    ?>

    <span id="navbar">
    <?php
    if($row) {
    $_SESSION['id'] = $row['id'];
    header("Location: editable.php");
    exit;
    } else {
    ?>
    so why does my database connection string show when I use false data?
    and is that if statement robust enough?
    "Oh, and Jenkins--apparently your mother died this morning."

  5. #5
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    So what happens when you do :
    PHP Code:
    var_dump($_POST); 
    at the top of the page, does name appear? What value does it have? What if your form-field for name had a space in it?


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •