Help with php login page

Hello, I recently followed some great videos from developphp.com (Custom CMS site, mysql/php).

I have the site working except, there is an admin page which I keep getting a HTTP 500 error after trying to login.
Some of the errors seen in the logs:

[27-Jan-2013 01:30:28 UTC] PHP Notice: Undefined index: username in /Applications/MAMP/htdocs/administrator/admin_check.php on line 3
[27-Jan-2013 01:30:28 UTC] PHP Notice: Undefined index: admin in /Applications/MAMP/htdocs/administrator/admin_check.php on line 26
[27-Jan-2013 01:30:59 UTC] PHP Notice: Undefined variable: _SESSION in /Applications/MAMP/htdocs/administrator/admin_check.php on line 26
[27-Jan-2013 01:31:08 UTC] PHP Notice: Undefined index: pid in /Applications/MAMP/htdocs/index.php on line 7
[27-Jan-2013 01:31:32 UTC] PHP Deprecated: Function ereg_replace() is deprecated in /Applications/MAMP/htdocs/index.php on line 10
[27-Jan-2013 01:31:36 UTC] PHP Deprecated: Function ereg_replace() is deprecated in /Applications/MAMP/htdocs/index.php on line 10
[27-Jan-2013 01:31:59 UTC] PHP Notice: Undefined variable: _SESSION in /Applications/MAMP/htdocs/administrator/admin_check.php on line 26
[27-Jan-2013 01:33:03 UTC] PHP Fatal error: Call to undefined function session_register() in /Applications/MAMP/htdocs/administrator/admin_check.php on line 15
[27-Jan-2013 02:01:56 UTC] PHP Notice: Undefined index: username in /Applications/MAMP/htdocs/administrator/admin_check.php on line 3
[27-Jan-2013 02:01:56 UTC] PHP Notice: Undefined index: admin in /Applications/MAMP/htdocs/administrator/admin_check.php on line 26
[27-Jan-2013 02:01:56 UTC] PHP Notice: Undefined index: pid in /Applications/MAMP/htdocs/index.php on line 7

[php]<?php
$error_msg = “”;
if ($_POST[‘username’]) {

$username = $_POST['username'];
$password = $_POST['password'];
// Simple hard coded values for the correct username and password
$admin = "admin";
$adminpass = "xxxxxxx";
// connect to mysql here if you store admin username and password in your database
// This would be the prefered method of storing the values instead of hard coding them here into the script
if (($username != $admin) || ($password != $adminpass)) {
	$error_msg = ': <font color="#FF0000">Your login information is incorrect</font>';
} else {
	session_register('admin');
    $_SESSION['admin'] = $username;
	require_once "index.php";
	exit();
}

}// close if post username
?>

<?php if ($_SESSION['admin'] != "admin") { echo '

Only the administrator can view this page


Please Log In Here' . $error_msg . '
Username:
Password:



Or click here to head back to the homepage'; exit(); } ?>

[/php]

Try taking out the hard coded user and pwd
You are posting them then hard coding them in the same php
Or take out the post user and pwd

Where exactly should I do this phpdavid? (thanks for your help).

I’ll try to address a couple issues.

[27-Jan-2013 01:30:28 UTC] PHP Notice:  Undefined index: username in /Applications/MAMP/htdocs/administrator/admin_check.php on line 3

On this line:

[php]if ($_POST[‘username’]) {[/php]

You should be checking that both username and password values have been posted.

[php]if (isset($_POST[‘username’]) && isset($_POST[‘password’])) {[/php]

[27-Jan-2013 01:30:59 UTC] PHP Notice:  Undefined variable: _SESSION in /Applications/MAMP/htdocs/administrator/admin_check.php on line 26

I believe you forgot to add session_start() to the beginning of your script?

[php]session_register(‘admin’);[/php]

Remove this line. The function is deprecated and you have $_SESSION assignment directly below it.

[php]if ($_SESSION[‘admin’] != “admin”) {[/php]

Since $_SESSION[‘admin’] is only defined on successful login you would need to assign a default value first. So on the first line of your script add:

[php]
session_start();
$_SESSION[‘admin’] = null;
[/php]

Sponsor our Newsletter | Privacy Policy | Terms of Service