PHP login help!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
jamiller
Forum Commoner
Posts: 26
Joined: Mon Mar 12, 2007 12:25 pm

Post by jamiller »

Everah wrote:

Code: Select all

<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");

// check our needed post array vars
if (isset($_POST['username']) && isset($_POST['pass']))
{
    // Assign them as needed
    $myusername = $_POST['username'];
    $mypassword = $_POST['pass'];
    
    // Query with the data
    $sql = "SELECT * FROM $tbl_name WHERE Username='$myusername' and Password='$mypassword'";
    
    // Error check to make sure we are clean
    if (!$result = mysql_query($sql))
    {
        die('Could not execute the query:' . $sql . ' because ' . mysql_error());
    }
    
    // Find out how many results were returned
    $count = mysql_num_rows($result);
    
    // If there are results...
    if ($count)
    {
        // If there is one result only, set some vars
        if($count==1)
        {
            $_SESSION['myusername'] = $myusername;
            $_SESSION['mypassword'] = $mypassword;
            
            // And send them home
            header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_FILENAME']) . $page);
            exit;
        }
        else
        {
            // This means there were more than one returns
            die('Data return was not in the appropriate context.');
        }
    }
    else
    {
        // This means there were none returns 
        die('Your information was not found');
    }
}
else
{
    // The form was not posted
    echo 'the form was not posted.';
}
?>
this one sends me to a crazy ass address. the address you put in the header/location was tacked onto the end of my website address. and no sign of .$page in the address bar
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Change this:

Code: Select all

<?php
header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_FILENAME']) . $page); 
?>
to

Code: Select all

<?php
header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . $page); 
?>
And see if the results are different.
User avatar
jamiller
Forum Commoner
Posts: 26
Joined: Mon Mar 12, 2007 12:25 pm

Post by jamiller »

Everah wrote:Change this:

Code: Select all

<?php
header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_FILENAME']) . $page); 
?>
to

Code: Select all

<?php
header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . $page); 
?>
And see if the results are different.
well that works better. takes me to the same page but still no sign of .$page...
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Humor me for a second, will you? Replace this

Code: Select all

<?php
header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . $page); 
?>
with this

Code: Select all

<?php
//header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . $page); 
echo $page . ' is the page name<br />';
echo 'Link to go to is http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . $page; 
exit;
?>
Run the page and post back what is spit out to the screen.
User avatar
jamiller
Forum Commoner
Posts: 26
Joined: Mon Mar 12, 2007 12:25 pm

Post by jamiller »

Everah wrote:Humor me for a second, will you? Replace this

Code: Select all

<?php
header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . $page); 
?>
with this

Code: Select all

<?php
//header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . $page); 
echo $page . ' is the page name<br />';
echo 'Link to go to is http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . $page; 
exit;
?>
Run the page and post back what is spit out to the screen.

Notice: Undefined variable: page in ....checklogin.php on line 41
is the page name

Notice: Undefined variable: page in ....checklogin.php on line 42
Link to go to is http://www.mysite.com/

in somebody's earlier code i copied and pasted $page isn't set anymore
User avatar
jamiller
Forum Commoner
Posts: 26
Joined: Mon Mar 12, 2007 12:25 pm

Post by jamiller »

This is my new code...

Code: Select all

<?php
$host="///.com"; // Host name
$username="///"; // Mysql username
$password="///"; // Mysql password
$db_name="///"; // Database name
$tbl_name="///"; // Table name

error_reporting(E_ALL);
ini_set('display_errors', true);

if ( !isset($_POST['username'], $_POST['pass']) ) {
  die('missing login parameter');
}

$mysql = mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name, $mysql)or die("cannot select DB");

$myusername=mysql_real_escape_string($_POST['username'], $mysql);
$mypassword=mysql_real_escape_string($_POST['pass'], $mysql);

$sql="SELECT
    Username
  FROM
    $tbl_name
  WHERE
    Username='$myusername'
    AND Password='$mypassword'
  LIMIT
        1";

$result=mysql_query($sql) or die(mysql_error());
$dbarray = mysql_fetch_array($result);

if ( false===$dbarray ) {   
	header("location:http://www.mysite/index.php?badlogin=true");
  die();
}
else {
  session_start();
  $_SESSION['myusername'] = $_POST['username'];
    echo $page . ' is the page name<br />';
	echo 'Link to go to is http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . $page; 
	die();
}
?>
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

I'm still not seeing page. The reason my code wasn't working for you was because $page was not set.
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Post by Mordred »

You need to check that $_SESSION['myusername'] is set and non-empty in http://whataver/$page, otherwise the whole login process would be void. You also need to specify when a person is logged out and is denied access to the page.
Post Reply