When I remove session_start() at the top of index.php, it will load, but when I login I get the error:
Notice: Undefined variable: error_message in C:\xampp\htdocs\MyProj\index.php on line 58
Line 58 is the php variable in the HTML.
Here is the index.php:
[php]<?php
session_start();
if(isset($_POST[‘submit’])) { //checks if submit is clicked
include_once(“db.php”); //include db
$username = strip_tags($_POST['email']); //get username&password
$password = strip_tags($_POST['password']); //removes tags/symbols in string/sql injection
// Three different sql injection prevention strategies
$username = stripslashes($username); //removes slashes in sql injection
$password = stripslashes($password);
$username = mysqli_real_escape_string($connection, $username);
$password = mysqli_real_escape_string($connection, $password);
//ENCRYPTING PASSWORD - in case of db intrusion
//$password = md5($password);
//-----------------------------------------------------------------------------
//Talk to db
$sql = "SELECT * FROM users WHERE Email = '$username' LIMIT 1";
$qry = mysqli_query($connection, $sql);
$row = mysqli_fetch_row($qry);
$id = $row['User_ID'];
$db_password = $row['Password'];
if ($password == $db_password) {
$_SESSION['Email'] = $username;
$_SESSION['User_ID'] = $id;
$error_message = "status";
header("Location: home.php");
} else {
$error_message = "Incorrect password.";
}
}
?>[/php]
JavaScript Example<div class="container">
<div class="login">
<div id="login_form">
<div class="h1Tag">
<h1>MyGarden</h1>
</div>
<p>[php]<?php echo "<div style='color:red;'>" . $error_message . "</div>"; ?>[/php]</p>
<div class="login_form">
<form action="index.php" method="POST" enctype="multipart/form-data">
<input type="text" name="email" id="email" placeholder="Email address"><br>
<input type="password" name="password" id="password" placeholder="Password"><br><br>
<input type="submit" name="submit" id="submit" value="Log In">
<p>Not registered?<br><a href="sign_up.php">Sign Up</a></p>
</form>
</div>
</div>
</div>
This is home.php:
[php]<?php
session_start();
if (!isset($_SESSION['Email'])) {
header("Location: index.php");
}
?>[/php]
homepage<div class="header">
<div class="top">
<p>Hello . Share your garden with friends from around the world.</p>
<div class="logout">
<p><a href="logout.php">Logout</a></p>
</div>
</div>
<div class="bottom">
<div class="logo">
<p><a href="home.php">MyGarden</a></p>
</div>
<ul class="menu">
<li><a href="home.php">Home<a/></li>
<li><a href="">Profile<a/></li>
<li><a href="">About<a/></li>
<li><a href="">Settings<a/></li>
<li><a href="">Privacy<a/></li>
</ul>
</div>
<div class="content">
<div class="side-menu">
<ul class="features">
<li><a href="">Gardners Near Me<a/></li>
<li><a href="">Country<a/></li>
<li><a href="">Top Ratings<a/></li>
</ul>
</div>
</div>
</div>
This is db.php:
[php]<?php
$connection = mysqli_connect(“localhost”, “root”, “”, “login_credentials”);
if (!$connection) {
die ("Connection failed: ".mysqli_connect_error());
}
?>[/php]