Login page allowing entry incorrectly

I have a login form that requests user and password. If successful it is to bring me into a page called login2.php (as an example, not the real name) In the login2 page if the individual choses the wrong user then they are supposed to be diverted back to the login.php (see the code here)


<?php //check for required fields from the form if ((!$_POST['user']) || (!$_POST['password'])) { header("Location: login.php"); exit; } $link = mysqli_connect("host", "myuser", "mypassword", "mydatabase"); if (!$link) { echo "Error: No connection. User and Password needed" . PHP_EOL; exit; } echo "Welcome to the Page. " . PHP_EOL; //echo "Host information: " . mysqli_get_host_info($link) . PHP_EOL; mysqli_close($link); $display_block = "

My Mailing List

Master Listr

"; The issue is no matter what I put in the initial login.php when I click submit I am able to get into login2.php. Why isnt my if ((!$_POST['user']) || (!$_POST['password'])) { diverting me back to login.php when the user or password is incorrect. What code is needed to fix.

Just wanted to see a better format of your code

You aren’t checking for a valid user anywhere. You’re only checking that you get any values in the user and password fields.

The OP already has a thread - Login.php hangs in a loop where he was told how to post code on the forum so that it is readable and what the typical logic is for a user authentication/login system.

Sponsor our Newsletter | Privacy Policy | Terms of Service