PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Hi All ! I'm Tom and i'm 14 years old, also I'm beggining my php adventure with website. I've got proplem which I can't solve.
Here is my login.html http://jsfiddle.net/M87Pm/2/
I've made some echos to see what is going on but nothing has been sawn.
If anybody could help me ? Thanks for all advice, answers and clues.
<?php
ob_start();
$host="correct"; // Host name
$username="correct"; // Mysql username
$password="correct"; // Mysql password
$db_name="correct"; // Database name
$tbl_name="User"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['myusername']="myusername";
$_SESSION['mypassword']="mypassword";
header("location:login_success.php");
}
else {
echo "Niepoprawny login lub hasło";
echo $myusername;
echo $mypassword;
}
ob_end_flush();
?>
Your form has neither action nor method, and there doesn't appear to be any JS attached to handle that either. $_POST is probably an empty array. Change the link to a submit button, add action and method to your form, and proceed from there.
A few other notes:
You're using mysql_query, which is deprecated, throws errors in recent versions of PHP, and is slated for removal. Especially if you're just getting started, don't learn bad habits. Take a look at PDO instead.
Your query suggests that you're storing your passwords in plain text. Don't do that. Hash them using bcrypt, hash the password provided in the login form, and compare the hashes.
Yes, looks perfect, but after writing login and password (chcecked with database, just in case), script still reject it and still the is no echo from it. I think it could be the problem with names compatibility in verificator and login. What are you think about it ?
Here is how does it look like http://jsfiddle.net/3BGD4/ focus on button. In reality button submit should looks like this http://jsfiddle.net/mplungjan/HKyWY/. On my website panel looks like in the first link with button Zaloguj from second link. Maybe this is problem ?
The action on the two forms is different. The second form uses a JS listener to submit the form, whereas the first uses a submit button. Both can work.
Something like this should be fine assuming your validation script is actually located at checklogin.php