PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
<?php
session_start();
// dBase file
include "dbConfig.php";
if ($_GET["op"] == "login")
{
if (!$_POST["username"] || !$_POST["password"])
{
die("You need to provide a username and password.");
}
// Create query
$q = "SELECT * FROM `dbUsers` "
."WHERE `username`='".$_POST["username"]."' "
."AND `password`=PASSWORD('".$_POST["password"]."') "
."LIMIT 1";
// Run query
$r = mysql_query($q);
if ( $obj = @mysql_fetch_object($r) )
{
// Login good, create session variables
$_SESSION["valid_id"] = $obj->id;
$_SESSION["valid_user"] = $_POST["username"];
$_SESSION["valid_time"] = time();
// Redirect to member page
Header("Location: members.php");
}
else
{
// Login not successful
die("Sorry, could not log you in. Wrong login information.");
}
}
else
{
//If all went right the Web form appears and users can log in
echo "<form action=\"?op=login\" method=\"POST\">";
echo "Username: <input name=\"username\" size=\"15\"><br />";
echo "Password: <input type=\"password\" name=\"password\" size=\"8\"><br />";
echo "<input type=\"submit\" value=\"Login\">";
echo "</form>";
}
?>
If I enter a username and password that I know is correct it returns "You need to provide a username and password." It never takes me to the members page
try using the empty() or isset() function to determine if the post vars are set. Also, using the scenario you are, you will need to make sure you're passing along the get param that you have listed in your code (op).
is checking to see if the "op" parameter in the GET[] array is eqivalent to "login". What I mean is you need to make sure that you're sending GET information with your POST information otherwise that condition will never be met and the rest of your code is pointless.
you can certainly do this (although I wouldn't recommend it) by doing this: