HOW CAN I INSERT INTO THE NEXT PAGE USING FOLLOWING CODE

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Rameshwar
Forum Newbie
Posts: 3
Joined: Tue Feb 23, 2016 3:13 am

HOW CAN I INSERT INTO THE NEXT PAGE USING FOLLOWING CODE

Post by Rameshwar »

IN AM USING SESSION WITH FUNCTION THIS DOES NOT WORK...
Note:
"The password will be double md5 converted, which will be put offline in the SQL"
INSERT CODE:
INSERT INTO 'login'('id','username','password')VALUES(1,"ABC",md5(md5("abc"))));


THIS IS MY login.php PAGE

Code: Select all

<?php
 	error_reporting(0);
	session_start();
	include_once 'oesdb.php';

	if($_REQUEST['submit'])
	{
		$result = executeQuery("select username as std from login where username='".htmlspecialchars(preg_replace('/[^A-Za-z0-9\. -]/', '...',($_REQUEST

['loginid'])),ENT_QUOTES)."' and password= '".htmlspecialchars(md5(md5($_REQUEST['pass'])),ENT_QUOTES)."';");
		if(mysql_num_rows($result)>0)
		{
			$r=mysql_fetch_array($result);
			if(strcmp(htmlspecialchars($r['std'],ENT_QUOTES),(htmlspecialchars($_REQUEST['pass'],ENT_QUOTES)))==0)
			{
				$_SESSION['loginid']=htmlspecialchars($r['username'],ENT_QUOTES);
				$_SESSION['user_id']=$r['id'];
				unset($_GLOBALS['message']);
				header('Location: index.php');
			}
			else
			{
				$_GLOBALS['message']="Check Your user name and Password.";
			}
		}
		else
		{
			$_GLOBALS['message']="Check Your user name and Password.";
		}
		closedb();
	}
?>
<?php 
	if(isset($_SESSION['loginid']))
	{
		header('Location: index.php');
	} 
?>
 
<!DOCTYPE html>
<html lang="en">
	<head>
		<meta charset="utf-8">
		<meta name="viewport" content="width=device-width, initial-scale=1.0">
		<title></title>
	
	<body>

		<div>
			<form  method="post" action="">        
				<div>
					<div>
						<span class="errors">
						<?php
						if($_GLOBALS['message'])
        				{					
         					echo "<div class=\"message\">".$_GLOBALS['message']."</div>";
        				}
      					?>
			  		</span>
			  		</div>
					<div>
				  		<span><i></i></span>
				  		<input type="text" name="loginid" placeholder="Username" autofocus>
					</div>
					<div>
						<span><i></i></span>
						<input type="password" name="pass" placeholder="Password">
					</div>
					<label class="checkbox" style="margin-left: 20px;">
					<input type="checkbox" value="remember-me"> Remember me
					</label>
					<button class="btn btn-primary btn-lg btn-block" type="submit" name="submit" id="submit">Login</button>
				</div>
		  	</form>
		</div>
	</body>
</html>


<?php

THIS IS MY oesdb.php PAGE...

include_once 'dbsettings.php';

$conn=false;

function executeQuery($query)
{
    global $conn,$dbserver,$dbname,$dbpassword,$dbusername;
    global $message;
    if (!($conn = @mysql_connect ($dbserver,$dbusername,$dbpassword)))
         $message="Cannot connect to server";
    if (!@mysql_select_db ($dbname, $conn))
         $message="Cannot select database";

    $result=mysql_query($query,$conn);
    if(!$result)
        $message="Error while executing query.<br/>Mysql Error: ".mysql_error();
    else
        return $result;

}
function closedb()
{
    global $conn;
    if(!$conn)
    mysql_close($conn);
}
?>

THIS IS dbsettings.php PAGE
<?php
//This is the name of your server where the MySQL database is running
$dbserver="localhost";

//username of the MySQL server
$dbusername="root";

//password

$dbpassword="";

//database name of the online Examination system
$dbname="examination";

?>

PLEASE GIVE ME FULL MODIFIED CODE..
OR MAIL ME TO rameshwar129@gmail.com
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: HOW CAN I INSERT INTO THE NEXT PAGE USING FOLLOWING CODE

Post by Celauran »

Turn error reporting on for starters. Run the code, examine the errors, and proceed from there. "It doesn't work" is not helpful.
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: HOW CAN I INSERT INTO THE NEXT PAGE USING FOLLOWING CODE

Post by Celauran »

Rameshwar wrote:"The password will be double md5 converted, which will be put offline in the SQL"
Don't do that. Use bcrypt. Seriously. It's baked right into PHP.
http://php.net/manual/en/function.password-hash.php
Post Reply