my login code doesnt work please help me

norielmi

New Member
Messages
3
Reaction score
0
Points
0
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>NMA LOGIN</title>








<style type="text/css">
body {
background-color: #333;
}
#login {
position: absolute;
left: 28px;
top: 78px;
background-color: #CCC;
}
h3 {
color: #FFF;
padding: 20px;
}
ul li{

color:#FFF;}


</style>
</head>
<body>


<?php
session_start();
if(isset($_POST['submit'])){
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);


$errors= array();


if($username && $password){
//connect to db.
mysql_connect("localhost","user","password");
mysql_select_db("db");

//query db
$sql = "SELECT * FROM register WHERE username = '$username'";
$result = mysql_query($sql);

$numrows = mysql_num_rows($result);

if($numrows != 1){
$errors = ("Invalid username!");
}else{
while($rows = mysql_fetch_array($result)){
$dbuser = $rows['username'];
$dbpass = $rows['password'];
}
if($dbpass == $password){
$_SESSION['mclhey'] = $password;
header('location:access/admin.php');
}else{
$errors = ("Invalid password!");
}
}
}else{
$errors = ('Please Enter username and password!');
}


}








?>






<h3>NMA ADMIN LOGIN</h3>




<div id="login">





<? if(!empty($errors)) echo $errors; ?>
<table border="0">
<form action="" method="post" >

<tr ><td>Username:</td><td><input name="username" type="text" ></td></tr>
<tr ><td>Password:</td><td><input name="password" type="password" ></td></tr>

<tr><td>&nbsp;<td></tr>
<tr><td colspan="2"> <input name="submit" type="submit" value="Login" id="submit">
<a href="http://localhost/nmaeduc/index.php"><input type="button" value="Exit" id="submit"></a></td></tr>
</form>
<tr><td width="100px" colspan="2"><a href="forgotpassword.php" >Forgot password</a></td></tr>
</table>


</div>


</body>
</html>
 

descalzo

Grim Squeaker
Community Support
Messages
9,373
Reaction score
326
Points
83
Note:

To use cookie-based sessions, session_start() must be called before outputing anything to the browser.

One obvious problem.
 

SierraAR

Community Advocate
Community Support
Messages
827
Reaction score
17
Points
18
Moved to the proper section.
 

disturbedart

Member
Messages
474
Reaction score
1
Points
18
Whats not working? Please provide more details so we can provide help, otherwise we are stabbing in the dark.
 

adflyx29

New Member
Messages
2
Reaction score
0
Points
0
look at this....

PHP:
if($username && $password)
{  //connect to db.
    mysql_connect("localhost","user","password");
    mysql_select_db("db");


    //query db
    $sql = "SELECT * FROM register WHERE username = '$username'";
    $result = mysql_query($sql);


    $numrows = mysql_num_rows($result);


    if($numrows != 1)
    {    $errors = ("Invalid username!");
    }
    else
    {    while($rows = mysql_fetch_array($result))        // you can see that this part will only return all but
        {    $dbuser = $rows['username'];                 // $dbuser and $dbpass will only hold the last part of the database
            $dbpass = $rows['password'];                 // in your case, you need to check all in your database 
        }                                                               // if something matches the variable $password
        if($dbpass == $password)
        {    $_SESSION['mclhey'] = $password;
            header('location:access/admin.php');
        }
        else
        {    $errors = ("Invalid password!");
        }
    }
}
else
{    $errors = ('Please Enter username and password!');
}




this is what you need to do...


PHP:
   else
    {    $temp=0;                                                  // add a temporary variable that will hold if it matches
        while($rows = mysql_fetch_array($result))
        {    $dbuser = $rows['username'];
            $dbpass = $rows['password'];
            
            if($dbpass == $password)                     // check if password matches, set $temp=1 if they match,

            { $temp=1;                                        // else, do nothing
            }
        }
        if($temp==1)                                              // check if $temp=1, other words, 
        {    $_SESSION['mclhey'] = $password;         // if the password matches any on database
            header('location:access/admin.php');
        }
        else
        {    $errors = ("Invalid password!");
        }
    }

hope i helped you...
 
Last edited:
Top