I used this coding. But even when the user logins from the default page also, it is sending back to the default page.
Code: Select all
if (!isset($txtusrname) || !isset($txtusrpwd)){
header("Location: http://localhost/snw/default.php");
}
Moderator: General Moderators
Code: Select all
if (!isset($txtusrname) || !isset($txtusrpwd)){
header("Location: http://localhost/snw/default.php");
}
Code: Select all
<?php
//checking whether the users are coming from login page
if (!isset($txtusrname) || !isset($txtusrpwd)){
header("Location: http://localhost/snw/default.php");
}
else
{
//coverting the field values to variables
$usrname = addslashes($_POST['txtusrname']);
$usrpwd = md5($_POST['txtusrpwd']);
echo ($usrname);
echo ($usrpwd);
//setting the database connection variables
$dbhost = "localhost";
$dbuser = "root";
$dbpwd = "admin";
$dbDatabase = "db_snw";
//connecting to the database
$db = mysql_connect("$dbhost","$dbuser","$dbpwd") or die("Error Connecting to the Database");
mysql_select_db("$dbDatabase",$db) or die("Couldn't Select the database");
$result = mysql_query("select * from tbl_login where Username='$username' and Userpwd='$userpwd'");
//checking the rows are present
$rowcheck = mysql_num_rows($result);
if($rowcheck>0){
while ($row = mysql_fetch_array($result)){
//start the session variable
session_start();
session_register('Username');
echo ('Success');
}
}
else{
echo ("Incorrect Username and Password");
}
}
?>I am very beginner in php. That code is too i learnt from tutorial. So can you pls make me more clear. What part do i need to change.jason wrote:Yeah, they aren't set, so it will always send them away.
Check $_POST['txtusrname'] and company instead.
Code: Select all
if (!isset($_POST['txtusrname']) || !isset($_POST['txtusrpwd'])){
header("Location: http://localhost/snw/default.php");
}bharanidharanit wrote:ya thankyou this works for me.But each and every time when the page loads, my 2 textboxes are filled up with some default texts which i entered at my first login. How to rectify it?Code: Select all
if (!isset($_POST['txtusrname']) || !isset($_POST['txtusrpwd'])){ header("Location: http://localhost/snw/default.php"); }
Code: Select all
<?PHP
$username = $_POST['txtusrname'];
$userpwd = $_POST["txtusrpwd"];
//echo ($username);
//echo ($userpwd);
//connecting to database
$dbhost = "localhost";
$dbuser = "root";
$dbpass = "admin";
$dbname = "db_snw";
$dbconn = mysql_connect($dbhost,$dbuser,$dbpass) or die("Can't connect database");
mysql_select_db($dbname,$dbconn) or die("can't select table");
//removing special characters
$username = mysql_real_escape_string($username);
//selecting row for the current username
$query = "SELECT userpwd,salt
FROM tbl_users
WHERE username = '$username';";
$result = mysql_query($query);
if(mysql_num_rows($result) < 1)
{
echo ("No Such User Exists");
}
// echo ($query);
// echo ($result);
//checking if the user is true
$userdata = mysql_fetch_array($result,MYSQL_ASSOC);
$hash = sha1( $userdata['salt'] . sha1($userpwd) );
echo ($userdata['userpwd']);
// echo ($hash);
//incorrect password
if($hash != $userdata['userpwd'])
{
echo("Incorrect Login");
header('Location: default.php');
}
else
{
echo ("Login Successful");
}
?>