Login

Beginners - Learning PHP
#1

Struggling to get my login page to work

database.php

<?php $cc = "mysql:host=localhost;dbname=onlinesweetshop;"; $username = "root"; $pass = ""; // there's a password of data base ?? $db = new PDO($cc, $username, $pass, null); class loginfunctions{ function newuser($user) { global $db; $statement = $db->prepare('INSERT INTO customer (First_name,Last_name,Username,Password,Street,Town,Postcode,Email_address,Telephone) VALUES (?,?,?,?,?,?,?,?,?)'); $statement->execute([$user->First_name, $user->Last_name, $user->Username, $user->Password, $user->Street, $user->Town, $user->Postcode, $user->Email_address, $user->Telephone]); $statement->fetch(); } function getuser($username, $password){ global $db; $sql="SELECT Customer_id, Username, Password FROM customer WHERE Username='$username' and Password='$password'"; //checking if the username is available in the table $result = $db->prepare($sql); $result->execute(array($username, $password)); $userdata = $result->fetchALL(PDO::FETCH_CLASS, 'customer'); $countrow = $result->rowCount; if ($countrow == 1) { session_start(); $_SESSION['customer'] = true; $_SESSION['Username'] = $username; $_SESSION['Password'] = $password; $_SESSION['login_msg'] = 'Login successfully'; return true; } else { return false; } } public function getSession(){ return $_SESSION['customer']; } } ?>

logcontroller.php

<?php require_once ('database.php'); require_once ('customer.php'); ?> <?php $username = $_POST['username']; $password = $_POST['password']; if(empty($username) or empty($password)){ echo "Field must not be empty..."; } else { $login = $user->getuser($username, $password); if($login){ header('Location: sweetsavailable.php'); } else { echo "Error... Email or Password not match"; } } ?>

Login-page.php (My view)

<?php require_once "logcontroller.php"; $userf = new loginfunctions(); if($userf->getSession()){ header('Location..sweetsavailable.php'); exit(); } ?> 
<form action='login-page.php' method='post'>
<table>
<tr>
	<td>Username</td>
	<td><input type='text' name='username' /></td>
</tr>
<tr>
	<td>Password</td>
	<td><input type='password' name='password' /></td>
</tr>
<tr>
	<td><input type='submit' name='log' value='Login' /></td>
</tr>
</table>
</form>

customer.php

<?php class customer { private $Customer_id; private $First_name; private $Last_name; private $Username; private $Password; private $Street; private $Town; private $Postcode; private $Email_address; private $Telephone; function __get($name) { return $this->$name; } function __set($name,$value) { $this->$name = $value; } } ?>
#2

What problems are you having?

#3

Here’s my error:

Notice: Undefined index: customer in C:\xampp\htdocs\database.php on line 51

line 51 : public function getSession(){
return $_SESSION[‘customer’];
}
}

#4

i started the session in the function above getSession

function getuser($username, $password){
global $db;
$sql=“SELECT Customer_id, Username, Password FROM customer WHERE Username=’$username’ and Password=’$password’”;
//checking if the username is available in the table
$result = $db->prepare($sql);
$result->execute(array($username, $password));
$userdata = $result->fetchALL(PDO::FETCH_CLASS, ‘customer’);
$countrow = $result->rowCount;
if ($countrow == 1) {
session_start();
$_SESSION[‘customer’] = true;
$_SESSION[‘Username’] = $username;
$_SESSION[‘Password’] = $password;
$_SESSION[‘login_msg’] = ‘Login successfully’;
return true;
}
else {
return false;
}
}

#5

You should just start every entrypoint to your site/app with session_start(). That way you’re sure the session system is started on every page load.

#6

been advised to organise my system as follows: View(what the user sees) - controller(to receive and manipulate data from view and data access) - Model(handles all communication with the database).

so i have a session start on 1 on of these pages and require_once() that page on my view and controller

#7

model(is database.php) displaying all my functions. which is where the getsession issue is

#8

Often you have a front controller (usually ome frameworks router) which takes a set of defined routes, matches the current request against them and fire off the routes method/controller. In these cases you can simply start the session in this bootstrap file as you would normally use the session system on every request anyway.

[hr]

If you run the getSession() method somewhere that’s accessible by non-authenticated users you will get this error. I think you should either add a “isAuthenticated()” method, or change the “getSession()” method to something like this, which wont fail if there is no session.

[php]public function getSession() {
return isset($_SESSION[‘customer’]) ? $_SESSION[‘customer’] : null;
}[/php]

Do note that if you change it you will have to make sure that everywhere you use it checks if there actually is a session there

[php]$user = $model->getSession();

if (!$user) {
throw new AccessDeniedException();
}

// do something with $user[/php]

#9

$user = $model->getSession();

what will $model variable be specified as?

#10

Your model, it was just an example to show that after the change the method would return either a user or null.

#11

would it be possible if you’d show me that reaction first hand on teamviewer? im still early in the learning process of PHP. but want to learn the right way

#12

http://www.phptherightway.com/ :smiley:

If you’re interested in really figuring out how to structure large PHP applications I suggest you download Symfony 3 and try it out.

#13

ok ill take a look

Sponsor our Newsletter | Privacy Policy | Terms of Service