Page 1 of 1

Login Validation Problem [solved]

Posted: Thu Mar 26, 2009 8:21 pm
by scarface222
Hey guys, I am rather new at php programming and have run into a problem when trying to validate a login script. The php script is ignored when the form is submitted and the form just executes its action and directs the browser to the next page. If anyone has any insight as to my errors, please let me know, it is greatly appreciated.

HTML script

Code: Select all

<html>
<div id="content2"><form action="preferences.php" method="post">
<table width="250" border="0" cellpadding="3" id="border">
  <tr>
  <td><img src="images/createwriting.gif"></td>
  </tr>
  <tr>
    <td class="redtext">Create Username: <input name="username" type="text" size="40" maxlength="50"/></td>
  </tr>
  <tr>
    <td class="redtext">Create Password: <input name="password" type="password" size="40" maxlength="50"/></td>
  </tr>
  <tr>
    <td class="redtext">Confirm Password: <input name="confirm_password" type="password" size="40" maxlength="50"/></td>
  </tr>
  <tr>
  <td align="right"><input name="submit" type="image" src="images/createbutton.gif" />
</html>
PHP script

Code: Select all

<?php 
if (isset($_POST['submit'])){
$username=mysql_real_escape_string($_POST["username"]);
$password=$_POST["password"];
$confirm_password=$_POST["confirm_password"];
$first_query="SELECT * FROM users WHERE username ='$username'";
$result=mysql_query($first_query);
$count=mysql_num_rows($result);
 
if ($password==""){
echo 'please fill in all fields';
    die();
}
else if ($username==""){
echo 'please fill in all fields';
    die();
}
else if ($confirm_password==""){
echo 'please fill in all fields';
    die();
}
else if ($count>0){
    echo 'user exists';
    die();
}
else if ($password!=$confirm_password){
echo 'passwords do not match';
    die();
}
 
else{
    $second_query = "INSERT INTO users (username,password) VALUES ('$username', '$password')";
mysql_query($second_query) or die('Error, insert query failed');
}
}
?>

Re: Login Validation Problem help appreciated

Posted: Thu Mar 26, 2009 9:38 pm
by tech603
If your php code is on the same page then you do not want to be posting your form to that page, you want to redirect to that page when your code is complete. You would want to change the action= to the page your currently on and at the end of your code after all checks are done and the user is logged in, do a redirect. Here is an excerpt from one of my earlier login checks.

Code: Select all

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}else{
echo "Wrong Username or Password";
}
hope that helps

Re: Login Validation Problem help appreciated

Posted: Thu Mar 26, 2009 10:17 pm
by scarface222
I tried changing the action to the current page but for some reason the php code does not execute. Instead the page just stays the same. I know you have the right idea and I am going to try to implicate it. I really appreciate your feedback, however do you know why my php still does not execute? Is the (isset($_POST['submit'])) command correct in an attempt to initiate the php when the form is executed?

Thanks again

Re: Login Validation Problem help appreciated

Posted: Fri Mar 27, 2009 7:28 pm
by scarface222
Anyone else have an idea?

Re: Login Validation Problem help appreciated

Posted: Fri Mar 27, 2009 7:36 pm
by tech603
The reason why the code is not executing is because your looking for a value that doesn't exist.

Code: Select all

<input name="submit" type="image" src="images/createbutton.gif" />
The submit button doesn't have a value because your using an image so the php code checking if that value is set is actually working the way it should. Try using something else to test the submit,

Code: Select all

 
if(isset($_POST['username']))
 
At which point you can also check for null values in the user name.

Hope that helps.

Re: Login Validation Problem help appreciated

Posted: Fri Mar 27, 2009 9:01 pm
by scarface222
Thank you so friggin much guys, this was a pain to overcome, but I am learning. Both of you were right and now the code is working as it should. I tried the post username and that is the correct value. Thanks again guys, really appreciate your help.