Need help with login webpage
Moderator: General Moderators
-
legaljuicer
- Forum Newbie
- Posts: 6
- Joined: Sat Mar 06, 2004 1:32 pm
Need help with login webpage
This was working and now it quit working and I haven't changed anything. The loginsucces.php doesn't even show the username. Can anyone tell me what I am doing wrong?
login3.php
========================
<?
function login_form()
{
?>
<html>
<head>
<title> IronAddicts.com - Training Log Database </title>
</head>
<body bgcolor="#ffffff" text="#336699">
<hr noshade height=1>
<form method=post>
<table border=0>
<tr>
<td>username: </td>
<td><input type=text name=http_user></td>
</tr>
<tr>
<td>password: </td>
<td><input type=password name=http_pass></td>
</tr>
<tr>
<td colspan=2><input type=submit value="login"></td>
</tr>
</table>
</form>
<hr noshade height=1>
</body>
</html>
<?
}
if ((!isset($http_user)) or (!isset($http_pass)))
{
login_form();
exit;
}
else
{
include ('conf.php');
$dbh = mysql_connect($host,$usr,$pwd) or die("Could not connect to database");
mysql_select_db ($db, $dbh) or die("Could not select the database");
$sql = "select * from clients where username='$http_user' and password='$http_pass'";
$res = mysql_query($sql);
$err = mysql_error();
$num_rows = mysql_num_rows($res);
if ($num_rows != 1)
{
login_form();
exit;
}
else
{
session_start();
session_register('username');
$username = $http_user;
header('Location: loginsuccess.php');
//echo "you are authenticated as $http_user with password $http_pass<br>";
}
mysql_close($dbh);
}
?>
loginsuccess.php
<?
if(!isset($PHPSESSID))
{
//echo "no PHP session started";
header('Location: login3.php');
}
else
session_start();
include 'conf.php';
echo "Welcome, ". $username .". <BR><BR> You are now in our exclusive 'Trainees Only' section.</u><br><br>";
# connect to database
$cid = mysql_connect($host, $usr, $pwd);
if (!$cid) { echo("ERROR: " . mysql_error() . "\n"); }
# setup SQL statement
$SQL = " SELECT * FROM clientinfo WHERE username='$username'";
# execute SQL statement
$result = mysql_db_query($db, $SQL, $cid);
$row = mysql_fetch_array($result);
# check for errors
if (!$result) { echo( mysql_error()); }
else {
echo'<form method="post" action="update.php">';
echo'<input type="hidden" name="id" value="'.$row['id'].'" />';
echo'<input type="text" name="username" value="'. $row['username'].'" />';
echo'<input type="text" name="name" value="'. $row['name'].'" />';
echo'<input type="submit" value="Update" />';
echo'</form>';
printf("Name: %s<br>\n", mysql_result($result,0,"name"));
}
echo "<br><br><br><b><a href=logout.php>Logout</a><br>";
print "<br><br><br><br>";
?>
login3.php
========================
<?
function login_form()
{
?>
<html>
<head>
<title> IronAddicts.com - Training Log Database </title>
</head>
<body bgcolor="#ffffff" text="#336699">
<hr noshade height=1>
<form method=post>
<table border=0>
<tr>
<td>username: </td>
<td><input type=text name=http_user></td>
</tr>
<tr>
<td>password: </td>
<td><input type=password name=http_pass></td>
</tr>
<tr>
<td colspan=2><input type=submit value="login"></td>
</tr>
</table>
</form>
<hr noshade height=1>
</body>
</html>
<?
}
if ((!isset($http_user)) or (!isset($http_pass)))
{
login_form();
exit;
}
else
{
include ('conf.php');
$dbh = mysql_connect($host,$usr,$pwd) or die("Could not connect to database");
mysql_select_db ($db, $dbh) or die("Could not select the database");
$sql = "select * from clients where username='$http_user' and password='$http_pass'";
$res = mysql_query($sql);
$err = mysql_error();
$num_rows = mysql_num_rows($res);
if ($num_rows != 1)
{
login_form();
exit;
}
else
{
session_start();
session_register('username');
$username = $http_user;
header('Location: loginsuccess.php');
//echo "you are authenticated as $http_user with password $http_pass<br>";
}
mysql_close($dbh);
}
?>
loginsuccess.php
<?
if(!isset($PHPSESSID))
{
//echo "no PHP session started";
header('Location: login3.php');
}
else
session_start();
include 'conf.php';
echo "Welcome, ". $username .". <BR><BR> You are now in our exclusive 'Trainees Only' section.</u><br><br>";
# connect to database
$cid = mysql_connect($host, $usr, $pwd);
if (!$cid) { echo("ERROR: " . mysql_error() . "\n"); }
# setup SQL statement
$SQL = " SELECT * FROM clientinfo WHERE username='$username'";
# execute SQL statement
$result = mysql_db_query($db, $SQL, $cid);
$row = mysql_fetch_array($result);
# check for errors
if (!$result) { echo( mysql_error()); }
else {
echo'<form method="post" action="update.php">';
echo'<input type="hidden" name="id" value="'.$row['id'].'" />';
echo'<input type="text" name="username" value="'. $row['username'].'" />';
echo'<input type="text" name="name" value="'. $row['name'].'" />';
echo'<input type="submit" value="Update" />';
echo'</form>';
printf("Name: %s<br>\n", mysql_result($result,0,"name"));
}
echo "<br><br><br><b><a href=logout.php>Logout</a><br>";
print "<br><br><br><br>";
?>
-
Illusionist
- Forum Regular
- Posts: 903
- Joined: Mon Jan 12, 2004 9:32 pm
First thing, in the login function there is no action in your form.... And for everyone else, and myself:
login3.php:
loginsuccess.php
login3.php:
Code: Select all
<?
function login_form()
{
?>
<html>
<head>
<title> IronAddicts.com - Training Log Database </title>
</head>
<body bgcolor="#ffffff" text="#336699">
<hr noshade height=1>
<form method=post>
<table border=0>
<tr>
<td>username: </td>
<td><input type=text name=http_user></td>
</tr>
<tr>
<td>password: </td>
<td><input type=password name=http_pass></td>
</tr>
<tr>
<td colspan=2><input type=submit value="login"></td>
</tr>
</table>
</form>
<hr noshade height=1>
</body>
</html>
<?
}
if ((!isset($http_user)) or (!isset($http_pass)))
{
login_form();
exit;
}
else
{
include ('conf.php');
$dbh = mysql_connect($host,$usr,$pwd) or die("Could not connect to database");
mysql_select_db ($db, $dbh) or die("Could not select the database");
$sql = "select * from clients where username='$http_user' and password='$http_pass'";
$res = mysql_query($sql);
$err = mysql_error();
$num_rows = mysql_num_rows($res);
if ($num_rows != 1)
{
login_form();
exit;
}
else
{
session_start();
session_register('username');
$username = $http_user;
header('Location: loginsuccess.php');
//echo "you are authenticated as $http_user with password $http_pass<br>";
}
mysql_close($dbh);
}
?>Code: Select all
<?
if(!isset($PHPSESSID))
{
//echo "no PHP session started";
header('Location: login3.php');
}
else
session_start();
include 'conf.php';
echo "Welcome, ". $username .". <BR><BR> You are now in our exclusive 'Trainees Only' section.</u><br><br>";
# connect to database
$cid = mysql_connect($host, $usr, $pwd);
if (!$cid) { echo("ERROR: " . mysql_error() . "\n"); }
# setup SQL statement
$SQL = " SELECT * FROM clientinfo WHERE username='$username'";
# execute SQL statement
$result = mysql_db_query($db, $SQL, $cid);
$row = mysql_fetch_array($result);
# check for errors
if (!$result) { echo( mysql_error()); }
else {
echo'<form method="post" action="update.php">';
echo'<input type="hidden" name="id" value="'.$row['id'].'" />';
echo'<input type="text" name="username" value="'. $row['username'].'" />';
echo'<input type="text" name="name" value="'. $row['name'].'" />';
echo'<input type="submit" value="Update" />';
echo'</form>';
printf("Name: %s<br>\n", mysql_result($result,0,"name"));
}
echo "<br><br><br><b><a href=logout.php>Logout</a><br>";
print "<br><br><br><br>";
?>-
Illusionist
- Forum Regular
- Posts: 903
- Joined: Mon Jan 12, 2004 9:32 pm
? why are you not consistent with your code??
Why didn't you use the same method here:
Not all that importnant, just caught my eye!!
Code: Select all
$dbh = mysql_connect($host,$usr,$pwd) or die("Could not connect to database");Code: Select all
$cid = mysql_connect($host, $usr, $pwd);
if (!$cid) { echo("ERROR: " . mysql_error() . "\n"); }-
Illusionist
- Forum Regular
- Posts: 903
- Joined: Mon Jan 12, 2004 9:32 pm
-
Illusionist
- Forum Regular
- Posts: 903
- Joined: Mon Jan 12, 2004 9:32 pm
hmmm... I don't think you can pass variables to pages like that:
I just tried that and... i doesn't work that way. You best bet would be to use sessions... Wait just looked over your code again, try adding session_start to your loginsucess.php page and see if that clears things up!!
Code: Select all
//login page
$username = "whatever";
header("Location: sucess.php");Code: Select all
//succes page
echo $username;-
legaljuicer
- Forum Newbie
- Posts: 6
- Joined: Sat Mar 06, 2004 1:32 pm
-
Illusionist
- Forum Regular
- Posts: 903
- Joined: Mon Jan 12, 2004 9:32 pm
oh ya! lol i didn't even see that!! i was looking for it at the very top!! You probably do not have register_globals ON in your php.ini file.
1)You can either turn them on
2)Use Super Globals(i think) $_POST, $_GET, $_SESSIONS for your variables....
1)You can either turn them on
2)Use Super Globals(i think) $_POST, $_GET, $_SESSIONS for your variables....
Code: Select all
$_SESSIONS['username'] = "Hugh G. Rection";
echo $_SESSIONS['username'];