Page 1 of 1

authentication remix(new code, new problem)

Posted: Wed Jan 31, 2007 10:13 pm
by surban99
I changed my idea about authentication to this new forms based one, it has 3 scripts

the first one main_login.php

Code: Select all

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
the second one checklogin.php

Code: Select all

<?php
$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password="root"; // Mysql password 
$db_name="portal"; // Database name 
$tbl_name="members"; // Table name 
// Connect to server and select databse.

mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from signup form 

$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row

$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
the third one login_success.php

Code: Select all

<? 
session_start();
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>

<html>
<body>
Login Successful
</body>
</html>
and what i get in my browser is

Notice: Use of undefined constant myusername - assumed 'myusername' in c:\program files\easyphp1-8\www\portal\login_success.php on line 3
Login Successful

how do i fix that notice?

Posted: Wed Jan 31, 2007 10:29 pm
by superdezign
Simple. Before you set $myusername=$_POST['myusername'], try this:

Code: Select all

$myusername="";
if(isset($_POST['myusername'])) $myusername=$_POST['myusername'];
The notice is from the possibility of the username not being set, and you attempting to set your variable to "undefined." Good practice is to always ensure isset() or !empty()

Posted: Wed Jan 31, 2007 10:36 pm
by superdezign
Wait.. you have the error here?

Code: Select all

if(!session_is_registered(myusername)){
Oh, well in that case, the problem is in your lack of quotation marks

To be honest, it's more modern to use isset($_SESSION['myusername'])

Posted: Wed Jan 31, 2007 10:39 pm
by surban99
assuming your talking about the line in checklogin.php that says

Code: Select all

$myusername=$_POST['myusername'];
i changed the single line to the 2 lines you gave me and i still get the same prob.

Posted: Wed Jan 31, 2007 10:40 pm
by surban99
what is the error?

Posted: Wed Jan 31, 2007 10:43 pm
by surban99
never mind we were both posting at the same time, i got it, thanks a ton

Posted: Wed Jan 31, 2007 10:44 pm
by superdezign
...

Okay, I responded, then for ome reason re-read it and noticed your problem was actually in login_success.php --- Notice: Use of undefined constant myusername - assumed 'myusername' in c:\program files\easyphp1-8\www\portal\login_success.php on line 3

So, I posted what you SHOULD put for line 3 to get rid of the warning

Edit: :lol: I guess we were.