Login Page Problems

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
sirk
Forum Newbie
Posts: 15
Joined: Sat Apr 03, 2010 8:40 am

Login Page Problems

Post by sirk »

Hi i've written a login page with the help of an online tutorial here (http://www.howtodothings.com/computers- ... ur-website), but im having a hard time to get it to work i created 2 pages one where the user submits the data using a form and another file containig php script to do the actual login

here is what i have on the JMSystemLogin.php page

Code: Select all

 <?
session_name("JMSLogin");
session_start();
session_destroy();

if($_GET['JMSLogin'] == "failed") {
print htmlentities($_GET['cause']);
}
?>
<form name="login_form" method="post" action="log.php?action=JMSLogin">
Login: <input type="text" name="user"><BR>
Password: <input type="password" name="pwd"><BR>
<input type="submit">
</form>
and here is what i have inthe log.php file

Code: Select all

<?
session_name("JMSLogin");
session_start();

if($_GET['action'] == "JMSLogin") {
$conn = mysql_connect("localhost","user","password"); 
$db = mysql_select_db("JMSystemDB"); 
$name = $_POST['user'];
$q_user = mysql_query("SELECT * FROM Employee WHERE EmployeeID='$name'");

if(mysql_num_rows($q_user) == 1) {

$data = mysql_fetch_array($q_user);
if($_POST['pwd'] == $data['SystemPassword']) {
session_register("Forename");
header("Location: Jobs.php"); 
exit;
} else {
header("Location: JMSystemLogin.php?login=failed&cause=".urlencode('Wrong Password'));
exit;
}
} else {
header("Location: JMSystemLogin.php?login=failed&cause=".urlencode('Invalid User'));
exit;
}
}

if(session_is_registered("Forename") == false) {
header("Location: JMSystemLogin.php");
}
?> 
when i try to test it all i get is a blank page.

im using MySQL InnoDB on XAMPP. im a bit of a noob when it comes to this stuff, any help or advice is very much appreciated.
samwho
Forum Newbie
Posts: 15
Joined: Sat Apr 03, 2010 8:06 am

Re: Login Page Problems

Post by samwho »

I don't think you've set a variable called $_GET['JMSLogin'] anywhere... Try changing it to $_GET['login'] and see what happens :)
sirk
Forum Newbie
Posts: 15
Joined: Sat Apr 03, 2010 8:40 am

Re: Login Page Problems

Post by sirk »

i just changed if($_GET['JMSLogin'] == "failed") to if($_GET['login'] == "failed") on the first page the one with the form on and didnt do anything shud i change all of the "JMSLogin"s to login then?
samwho
Forum Newbie
Posts: 15
Joined: Sat Apr 03, 2010 8:06 am

Re: Login Page Problems

Post by samwho »

No, that shouldn't be necessary...

I've noticed you call session_start() and session_destroy() right after each other... That's probably causing problems of its own. Try removing session_destroy() and see what happens :)

I don't think you need the exit; lines in log.php either...
sirk
Forum Newbie
Posts: 15
Joined: Sat Apr 03, 2010 8:40 am

Re: Login Page Problems

Post by sirk »

hmm that didnt seem to do anything either, i just tried doing everything the same as that tutorial right down to maiking a table with the variables he uses and that didnt work either, do you know of any other place where i can find help about creating a login page?
samwho
Forum Newbie
Posts: 15
Joined: Sat Apr 03, 2010 8:06 am

Re: Login Page Problems

Post by samwho »

A lot of the ones I found when I started out learning to write login systems were quite basic and badly written... Using cookies to store usernames and passwords *shudders*.

I don't know of any really good login system tutorials without doing a bit of Googling myself but I would advise you to look for a tutorial that does logins based on PHP sessions (which you seem to have found here but it hasn't really worked out for you ^_^).

Just keep trying, bud, you'll get it in the end! If you need to, take a little break from it and come back with a fresh mind :)
sirk
Forum Newbie
Posts: 15
Joined: Sat Apr 03, 2010 8:40 am

Re: Login Page Problems

Post by sirk »

Yeah just been looking nw a lot do seem to use cookies, i shall keep searching though, thank you for your time, very much appreciated.
lunarnet76
Forum Commoner
Posts: 67
Joined: Sun Apr 04, 2010 2:07 pm
Location: Edinburgh

Re: Login Page Problems

Post by lunarnet76 »

hi,

here the solution, has you had a lot of problem I have given you some advices, hope it will help you in the future

Code: Select all

<?php
// this line start the session if it has not already been done by PHP or before
if(!isset($_SESSION))session_start();
// register the session has having the name JMSLogin
session_name("JMSLogin");

// if the employee is not logged then we show the form
if(!isset($_SESSION['login'])){
	// if the form has been POSTED then we use the data received
	if(isset($_POST['user']) && isset($_POST['password'])) {// we use $_POST because the form uses method="post"
		// we register the $_POST variables in normal variable, not really required, just to show it
		$employeeId=$_POST['user'];
		$employeePassword=$_POST['password'];
					
		// its preferable to use long variable name to understand more easily what happens
		$connection 	= mysql_connect("localhost","user","password"); 
		$databaseName 	= mysql_select_db("JMSystemDB"); 
		// we are verifying that there is someone in the database with this Id and password
		// it is not a good idea in term of security to display to the user if it the wrong login comes
		// from the password or from the login
		$query			= mysql_query('
							SELECT 
							* 
							FROM 
								Employee 
							WHERE 
								EmployeeID="'.mysql_real_escape_string($employeeId).'"
								AND
								SystemPassword="'.mysql_real_escape_string($employeePassword).'"
						');
		// we have a results, it means that an employee has this id and password
		if(mysql_num_rows($query)) {
			// we register the login in a session variable, session_register is deprecated
			$_SESSION['login']=true;// you could actually register the employeeId if you want
			header("Location: Jobs.php"); 
			exit;
		// otherwise it has failed so we just fill the error variable instead of redirecting to another page
		} else {
			$error='bad login or password';
		}
	}
	// we display the form, it is shown only when there was an error or if the person is not logged
	?>
	<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
	Login: <input type="text" name="user"><BR>
	Password: <input type="password" name="password"><BR>
	<input type="submit">
	</form>
	<?php 
	// if there is an error we show it
	if(isset($error))
		echo $error;
}
?>
Everything goes in 1 file, so you can use require(); with this file one every pages you want to be password protected
Post Reply