Login Session Problem....
Posted: Thu Apr 20, 2006 12:25 pm
feyd | Please use
inloggen.php:
thx in advance
feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
I've been trying to make loggin in on my website possible with php. I've made 2 files: inloggen.php (just with a simple form where you can login) and
test2.php (where it's supposed to check if the given username (gebruikersnaam) and password (wachtwoord) match.
My problem is that it checks whether the textfields are filled in or not, but it doesn't check any of the other if statements. Whatever I fill in. It always redirect to the link it supposed to redirect to when the username and password match.....
Here's my code:
test2.php:Code: Select all
<?php
$username = $_GET['gebruikersnaam'];
$password = $_GET['wachtwoord'];
if ( empty($username) && (empty($password)) ) { // Check if username and password fields were empty
echo "Voer uw gegevens in";
exit();
} else {
mysql_connect("localhost", "root");
mysql_select_db("test1");
// Define a query to check if the submitted username is found in the database
$check_user = "SELECT gebruikersnaam, wachtwoord FROM inloggen WHERE gebruikersnaam ='" . $gebruikersnaam . "' AND wachtwoord = '" . $wachtwoord . "'";
$r = mysql_query($check_user);
if (!$r) { // If query unsucessful, username not found, redirect to login
form
header ('Location: ../mario/error.php');
exit();
} else { // username found, check password
// Define a query to check if the password is correct for the username
$check_pass = "SELECT gebruikersnaam, wachtwoord FROM inloggen WHERE gebruikersnaam = '" . $gebruikernaam . "' && wachtwoord = '" . $password . "'";
$r = mysql_query($check_pass);
if (!$r) { // If query unsucessful, password is not correct for username, redirect to login form
//header ('Location: ../mario/error.php');
echo "MISLUKT";
exit();
} else {
session_start();
$_SESSION['gebruikersnaam'] = $_GET['gebruikersnaam'];
$_SESSION['loggedin'] = time();
header ('Location: ../mario/test.php');
exit();
}
}
}
mysql_close();
?>Code: Select all
<html>
<body>
<form name="inloggen" action="test2.php" method="GET">
<table>
<tr>
<td>Gebruikersnaam:</td> <td><input type="text" size="10" maxlength="50" name="gebruikersnaam"></td></tr>
<tr>
<td>Wachtwoord:</td> <td><input type="password" size="10" maxlength="50" name="wachtwoord"></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="submit" value="Inloggen"></td></tr></table>
</form>
</body>
</html>
feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]