log in system
Posted: Sat Feb 07, 2004 4:30 pm
i am try to create a page where a user name and password has to be typed in so the user has to log in. i have a script but i dont know why it keeps on coming up with an error message. it keeps on saying that the users is not on record when they are. can anyone help im going mad.
<?php
if (isset($_POST['submit'])) { // Handle the form.
require_once ('../mysql_connect.php'); // Connect to the db.
$message = NULL; // Create an empty new variable.
// Check for a username.
if (empty($_POST['username'])) {
$u = FALSE;
$message .= '<p>You forgot to enter your username!</p>';
} else {
$u = escape_data($_POST['username']);
}
// Check for a password.
if (empty($_POST['password'])) {
$p = FALSE;
$message .= '<p>You forgot to enter your password!</p>';
} else {
$p = escape_data($_POST['password']);
}
if ($u && $p) { // If everything's OK.
// Retrieve the user_id and first_name for that username/
$query = "SELECT user_id,first_name FROM users WHERE (username='$u' AND password=PASSWORD('$p'))";
$result = @mysql_query ($query); // Run the query.
$row = mysql_fetch_array ($result, MYSQL_NUM); // Return a record, if applicable.
if ($row) { // A record was pulled from the database.
// Set the cookies & redirect.
//setcookie ('first_name', $row[1]);
//setcookie ('user_id', $row[0]);
header ("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/loggedin.php");
exit(); // Quit the script.
} else { // No record matched the query.
$message = '<p>The username and password entered do not match those on file.</p>';
}
mysql_close(); // Close the database connection.
} else {
$message .= '<p>Please try again.</p>';
}
} // End of the main Submit conditional.
// Set the page title and include the HTML header.
// Print the error message if there is one.
if (isset($message)) {
echo '<font color="red">', $message, '</font>';
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset><legend>Enter your information in the form below:</legend>
<p><b>User Name:</b> <input type="text" name="username" size="10" maxlength="20" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /></p>
<p><b>Password:</b> <input type="password" name="password" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
</form><!-- End of Form -->
</fieldset><?php
// Include the HTML footer.
?>
<?php
if (isset($_POST['submit'])) { // Handle the form.
require_once ('../mysql_connect.php'); // Connect to the db.
$message = NULL; // Create an empty new variable.
// Check for a username.
if (empty($_POST['username'])) {
$u = FALSE;
$message .= '<p>You forgot to enter your username!</p>';
} else {
$u = escape_data($_POST['username']);
}
// Check for a password.
if (empty($_POST['password'])) {
$p = FALSE;
$message .= '<p>You forgot to enter your password!</p>';
} else {
$p = escape_data($_POST['password']);
}
if ($u && $p) { // If everything's OK.
// Retrieve the user_id and first_name for that username/
$query = "SELECT user_id,first_name FROM users WHERE (username='$u' AND password=PASSWORD('$p'))";
$result = @mysql_query ($query); // Run the query.
$row = mysql_fetch_array ($result, MYSQL_NUM); // Return a record, if applicable.
if ($row) { // A record was pulled from the database.
// Set the cookies & redirect.
//setcookie ('first_name', $row[1]);
//setcookie ('user_id', $row[0]);
header ("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/loggedin.php");
exit(); // Quit the script.
} else { // No record matched the query.
$message = '<p>The username and password entered do not match those on file.</p>';
}
mysql_close(); // Close the database connection.
} else {
$message .= '<p>Please try again.</p>';
}
} // End of the main Submit conditional.
// Set the page title and include the HTML header.
// Print the error message if there is one.
if (isset($message)) {
echo '<font color="red">', $message, '</font>';
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset><legend>Enter your information in the form below:</legend>
<p><b>User Name:</b> <input type="text" name="username" size="10" maxlength="20" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /></p>
<p><b>Password:</b> <input type="password" name="password" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
</form><!-- End of Form -->
</fieldset><?php
// Include the HTML footer.
?>