Page 1 of 2

Need Help With A Login Form Please.

Posted: Sun Aug 10, 2003 5:55 am
by Dane
Hello,
I am currently learning PHP but i am having a problem with my login form.

I have a separate Login.php form but that has HTML in it aswell. What i need help on is.....

http://www.clanef.co.uk/DinghyNew

As you can see the Login in on the main page. Try clicking Submit without entering anything. Yup it takes you to my login.php form.

What i need is..... I need it so that you enter the information on the main page, click submit and you get logged into the admin.php.

If you need the php files im using i am willing to give you them.

My email address is xerox@clanef.co.uk

Thanks

Dane

Posted: Sun Aug 10, 2003 6:08 am
by skateis2s
READ this below if your looking for something to check a mysql database of registered users to check if its correct

if ($username && $password) {
/* Connect to your database code here */
$result = mysql_query ("SELECT * FROM tablenamehere WHERE name = '".$username."' AND password = '".$password."'");

if (!$result) {
echo "Sorry, we could log you in.";
}

if (mysql_num_rows($result) > 0) {
echo "You are now logged in.";
} else {
echo "Invalid login.";
}

} else if ($username || $password) {
echo "Please fill in both fields.";
}

$username and $password are the names of the text boxes

this is basically saying if $username & $password are filled in
connect to your sql database, setting $result to match the username and password entered...

if (!$result) {
if the result fails, the form cannot process


if (mysql_num_rows($result) > 0) {


this gets a number of rows in $result, if the row is greater than 0 and matches the $result query, you will be logged in successfully.

obviously you will have need the register script to store the password and username in a database...

--------------------------------------------------------------------------------

READ THIS below if you just want a login for you, no registerting needed...

if ($user == "mike" && $pass == "secret") {
echo "You are logged in.";
} else {
echo "Incorrect username and password";
}

Posted: Sun Aug 10, 2003 6:27 am
by Dane
I made the code to look like ths....
<? if ($username && $password) {
/* Connect to your database code here */
include('settings.php');
$result = mysql_query ("SELECT * FROM users WHERE name = '".$username."' AND password = '".$password."'");

if (!$result) {
echo "Sorry, we could log you in.";
}

if (mysql_num_rows($result) > 0) {
echo "You are now logged in.";
} else {
echo "Invalid login.";
}

} else if ($username || $password) {
echo "Please fill in both fields.";
}

if (!$result) {

if (mysql_num_rows($result) > 0) {
?>
In the admin.php part of my website, the top lines read...
<?
include_once('login.php');
if($valid_user = 1) {
?>
And the login form on the font page is...
<form name="form" method="post" action="admin.php">
Username:
<input name="textfield" type="username" size="15">
<br>
<br>
Password:
<input name="textfield2" type="password" size="15">
<br>
<input type="submit" name="Submit" value="Submit">
</form>
But it still isnt working :(. I have all the usernames and passwords stored in the mysql in "users"

Any suggestions

Thanks

Dane

Posted: Sun Aug 10, 2003 6:34 am
by skateis2s
<form name="form" method="post" action="admin.php">
Username:
<input name="textfield" type="username" size="15">
<br>
<br>
Password:
<input name="textfield2" type="password" size="15">
<br>
<input type="submit" name="Submit" value="Submit">
</form>

you need to change textfield to 'username' and textfield2 to 'password'
put the login.php code in admin.php, like this....

<?
if ($username && $password) {
/* Connect to your database code here */
include('settings.php');
$result = mysql_query ("SELECT * FROM users WHERE name = '".$username."' AND password = '".$password."'");

if (!$result) {
echo "Sorry, we could log you in.";
}

if (mysql_num_rows($result) > 0) {
echo "You are now logged in.";
} else {
echo "Invalid login.";
}

} else if ($username || $password) {
echo "Please fill in both fields.";
}
?>
-------------------------------------------------------------------

now on this line of code here

$result = mysql_query ("SELECT * FROM users WHERE name = '".$username."' AND password = '".$password."'");

where it says WHERE name = '".$username."' AND password = '".$password."'


make sure name is the same field as in your SQL database where the username is and same with password

Posted: Sun Aug 10, 2003 6:49 am
by Dane
I did what you asked.....

http://www.clanef.co.uk/DinghyNew

When you click on submit without entering anything it goes straight onto the admin.php page without the username or password :S

Posted: Sun Aug 10, 2003 6:54 am
by JAM

Code: Select all

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/clanefmoy/DinghyNew/admin.php on line 11
;)

How are you passing the info from page 1 -> 2?
Maybe you should try reading the link, and think about using $_POST ?
http://se.php.net/manual/en/function.se ... gister.php

Posted: Sun Aug 10, 2003 6:58 am
by skateis2s
You have it all backwards... Here
index.html or whatever LOGIN code
---------------------------------------------------------------------------
<html>
<head>
<title>login</title>
</head>
<body>
<form name="form" method="post" action="login.php">
Username:
<input name="username" type="text" size="15">
<br>
<br>
Password:
<input name="password" type="password" size="15">
<br>
<input type="submit" name="Submit" value="Submit">
</form>
</body>
</html>
---------------------------------------------------------------------------
admin.php or whatever VERIFY CODE
---------------------------------------------------------------------------
<html>
<head>
<title>verify login</title>
</head>
<body>
<?
if ($username && $password) {

$dbh=mysql_connect ("localhost", "xpcnbxc_csp", "csp") or die ("Could not connect to the database");
mysql_select_db ("xpcnbxc_csp");

$result = mysql_query ("SELECT * FROM members WHERE name = '".$username."' AND password = '".$password."'");

if (!$result) {
echo "Sorry, we could log you in.";
}

if (mysql_num_rows($result) > 0) {
echo "You are now logged in.";
echo "You can put the admin links in here.";
} else {
echo "Invalid login.";
}

} else if ($username || $password) {
echo "Please fill in both fields.";
}
?>
</body>
</html>
---------------------------------------------------------------------------


now just make sure you have mysql tables and fields the same as the $result in the above code

I just tested it, works fine, good luck, if you need further help, IM me on aim or just post here again I guess?

Posted: Sun Aug 10, 2003 7:08 am
by toms100
in the veryify code you have:

Code: Select all

<?php
else if ($username || $password) { 
echo "Please fill in both fields."; 
} 
?>
but it should be:

Code: Select all

<?php
else if (!$_POST['username'] || !$_POST['password']) { 
echo "Please fill in both fields."; 
} 
?>
also try to use $_POST['formname'] instead of just $formname

Posted: Sun Aug 10, 2003 7:09 am
by JAM
Backwards or not...
The Manual wrote:

Code: Select all

<?php
// Available since PHP 4.1.0

   print $_POST['username'];
   print $_REQUEST['username'];

   import_request_variables('p', 'p_');
   print $p_username;

// Available since PHP 3.

   print $HTTP_POST_VARS['username'];

// Available if the PHP directive register_globals = on.  As of 
// PHP 4.2.0 the default value of register_globals = off.
// Using/relying on this method is not preferred.

   print $username;
?>
...so if register_globals = off, it wont probably work as prefered...

Check your php-version and use the above info to rearrange your code.

Read:http://www.php.net/manual/en/security.variables.php (Important)
Read:http://se.php.net/variables.external

Posted: Sun Aug 10, 2003 7:15 am
by skateis2s
why use that $_POST stuff??? works without it :roll:

Posted: Sun Aug 10, 2003 7:24 am
by JAM
Yah, until you move the 100's hours work-project to a host that has register_globals = off.
// PHP 4.2.0 the default value of register_globals = off.
// Using/relying on this method is not preferred.
"I wont..."
Perhaps, but if you want to learn, try to follow the flow. ;)
Also, it doesn't mean alot of work rearranging your code from one to the other.

[sidenote]No flaming, "You suck" or similiar intended[/sidenote]

Edit:
Also, it might work for you, but not for Dane, who was having the problems. Different server-settings might be an issue?

Posted: Sun Aug 10, 2003 7:42 am
by Dane
Here is my.....

index.php
login.php
admin.php

http://www.clanef.co.uk/index.zip

Files of my website. Take a look at them and try to figure it out please..

Thanks

Dane

Posted: Sun Aug 10, 2003 7:52 am
by skateis2s
Ok I edited the login form on index.html and I edited admin.php for you

I didnt mess with login.php cause I dont see that anywhere on your site, see if it works now, if it doesn't, the sql connection is correct or look at the $result line and make sure name and password is the same as in your users table

http://is2s.net/index.zip

Posted: Sun Aug 10, 2003 8:24 am
by Dane

Posted: Sun Aug 10, 2003 8:27 am
by skateis2s
What happens when you login with correct information, whats it say?

i know the coding is right, i tested on my server, go over the mysql statements