Ok I am a newbie trying to teach myself PHP. I am trying to create a login system and am on day 3 trying to figure what is wrong. I am getting no error messages but am being directed back to the main_login. Can someone please help?
[php]
[/php]
Ok I am a newbie trying to teach myself PHP. I am trying to create a login system and am on day 3 trying to figure what is wrong. I am getting no error messages but am being directed back to the main_login. Can someone please help?
[php]
[/php]
This should help you out a little-bit…not guaranteeing that it will work for I didn’t test it. It should be close though if it doesn’t or a few modifications…well I pretty sure you will have to modify it.
notice form action=“login.php” …so the name of the file would have to be login.php
[php]<?php
session_start();
// A nice password hashing library:
// Find it here: https://github.com/ircmaxell/password_compat/blob/master/lib/password.php
// You will have to hash your user’s password in the registration file, but that is a different
// lesson.
// Read the Documentation for further help and how to use the pashing hashing library:
$mysqli = new mysqli(“127.0.0.1”, “my_user”, “my_password”, “mydatabase”);
/* check connection */
if (mysqli_connect_errno()) {
printf(“Connect failed: %s\n”, mysqli_connect_error());
exit();
}
// The above could go in a utility file for example require(“includes/common.php”);
require(“includes/common.php”);
include(‘includes/password.php’);
// Get Input from usually from a form:
if (isset($_POST[‘action’]) && $_POST[‘action’] == ‘login’) {
$username = $_POST['username'];
$password = $_POST['password']; // needs to be hased see above
// It uses a prepared statment, but you could had just used
// mysqli_real_escape_string for Username and just did username='username'
// I think (I might be mixing up my mysqli and PDO :D) in the query:
if ($stmt = $mysqli->prepare("SELECT user_id, username, password FROM mydatabase WHERE username=?")) {
/* bind parameters for markers */
$stmt->bind_param("s", $username);
/* execute query */
$stmt->execute();
/* bind result variables */
$stmt->bind_result($row['user_id'], $row['username'], $row['password']);
/* fetch value */
$stmt->fetch();
/* close statement */
$stmt->close();
}
// The Above checks to see if the username is in the databese
// The Belows checks the password.
if($row)
{
// Like already stated above this will have to be
// more secure, please refere above:
if ($password == $row['password']) {
$loginOK = true;
} else {
echo 'Login Failed';
$loginOK = false;
}
}
if ($loginOK) {
// You never want to store any critical data in $_SESSION
unset($row['password']);
// Format is this : $_SESSION['user']['username'] for example...
$_SESSION['user'] = $row;
// redirect to a members page of some sort:
header("Location:members.php");
exit;
}
}
?>
Username:
Password:
[/php]
Thank you sir for your help. After modifications I am getting an unexpected end of file error @ ?>.
[php]
<?php session_start(); $mysqli = new mysqli("127.0.0.1", "root", "", "mydatabase"); if ($mysqli->connect_errno) { printf("Connect failed: %s\n", $mysqli->connect_error); exit(); } if (isset($_POST['action']) && $_POST['action'] =='login') { $username = $_POST['username']; $password = $_POST['password']; if ($stmt = $mysqli->prepare("SELECT user_id, username FROM clients WHERE username = '$username')) { $stmt->bind_param(%s, $username); $stmt->execute(); $stmt->bind_result($row[user_id], $row[username], $row[password]); $stmt->fetch(); $stmt->close(); } } if($row) { if ($password == $row[password]) { $loginOK = true; } else { echo 'Login Failed'; $loginOK = false; } } if ($loginOK) { unset($row[password]); $_SESSION[username] = $row; header('Location:members.php'); exit; } ?>[/php]This is my error codes:
SCREAM: Error suppression ignored for
( ! ) Parse error: syntax error, unexpected end of file in C:\wamp\www\Project1\scripts\checklogin.php on line 50
Alrighty! I finally got passed the login. This is such a testy code with the ’ ', " ", ( ), { } but I am detemined to learn it. Thank you so much for your help. I am sure I will be back REAL soon.
Kay
Ok, well it’s logging in regarless of what I enter for the username and password. UGGGGH!!