Script problem.. Hoping for some help please.

Hi,

I am a beginner to PHP, and have been learning through a training CD, but I didn’t realize until half way through that the original CD was compiled in 2002, and PHP has come a long way since then. I am running MAMP V1.7.1 using PHP V5, and am having a (more than a few) hiccups. I have been able to research and get fixes or workarounds for most things till now, which has boosted my confidence somewhat, but am really stuck on this one. I have got to the stage where I am trying to put together a really basic login page (very basic) as per the instruction CD.

Would really appreciate someone helping me with this, or maybe I just need to start again with a different way of writing it?

Here are a few errors that I am getting at this moment.

Login
Notice: Undefined index: logged_in_user in /Applications/MAMP/htdocs/login_password/login.php on line 26
We are sorry, invalid login, please try again (So it appears to me that the script is executing to this stage?)

Login
Notice: Undefined index: user in /Applications/MAMP/htdocs/login_password/login.php on line 22

Your UserName:
Your Password:

And here is the script I have been learning. I have added the $_POST to everything I can think of, and have also rather than writing them as I have on every part, tried putting them at the top of the script as variables pre defined, but keep getting tons of ‘Undefined Index errors’ when I do it this way. Yet when I have written it the way below, I just get the ones above.

<?php ob_start(); ?> Login Page

Login

<?php $links = "Click here to return to the main page

Click here to Log Out"; if ($user=$_POST["user"] && $pass=$_POST["pass"]) { if($logged_in_user=$_POST["logged_in_user"] == $user=$_POST["user"]) { print $user .", you are already logged in.

"; print $links; exit; } $db = mysql_connect("localhost:8888","????","????"); mysql_select_db("userlist", $db); $query = "SELECT * from users WHERE name = '".$user=$_POST["user"]."' AND password = PASSWORD('".$pass=$_POST["pass"]."')"; $result = mysql_query($query); if(!$result) { print "Sorry, there appears to be a technical hitch, and we are unable to log you in"; exit; } if (mysql_num_rows($result) > 0) { $logged_in_user=$_POST["logged_in_user"] = $user=$_POST["user"]; session_register("logged_in_user"); print "Welcome" .$logged_in_user=$_POST["logged_in_user"] ."

"; print $links; exit; } else { print "We are sorry, invalid login, please try again"; exit; } if (!$user=$_POST["user"] || !$pass=$_POST["user"]) { print "Please fill in both form fields.

"; exit; } } ?>
Your UserName:
Your Password:

Again, hoping someone can help.
Regards - Timberman.

The reason you’re getting those undefined index errors is because you’re trying to access $_POST[‘user’] before it has been declared. That’s why you get a different error when you submit the page.

Notice the use of only a single ‘=’ in the following piece of code, they’re not comparing values (since that would require ‘==’) they’re checking to see if the assignment works. It doesn’t since $_POST[‘user’] isn’t set until the form is submitted.

if ($user=$_POST["user"] && $pass=$_POST["pass"])

One way to get around this is to first use isset() to see if the form has been submitted. For example,

if (isset( $_POST['user'] ) ) {
    // now you know that the form has been submitted and you want to do the processing
} else {
   //  form has not been submitted, no processing is necessary
}

The reason for the error with the “logged_in_user” is similar, but it’s not even a post variable. You’re using session_register() on the variable, so I think what you want to do is try accessing $_SESSION[‘logged_in_user’] instead, however, you will probably still need to use isset().

Let me know if that helps at all.

References:
http://us.php.net/manual/en/reserved.variables.php
http://us.php.net/manual/en/function.isset.php
http://us.php.net/manual/en/function.se … gister.php

Hi Monk,

Thankyou, appreciate your time very much.

I will try this and come back you a bit later, as I have only just picked this up, and will not be able to try out until tonight.

Regards - Timberman.

Hi Monk,

I tried as you suggested, and although there were no problems, it didn’t seem to fix it either. I am not quite understanding how to use the isset function properly by the looks of it, but will use the php manual to look into it more thoroughly. With this training CD I have been using, I have not been shown how to apply some of these functions at all. Not yet anyway.

The good news is I have tinkered and banged my head against the keyboard a few times, and have managed to come up with some sort of ‘hack’ that gives me no errors at all, and does everything it is supposed to in terms of logging in, and dealing with any error messages if need be. The problem is I am unable to get the ‘password’ function to work correctly in the SQL query, so have dropped it at this stage to just get things ‘moving along’. Will need to figure that one out, as passwords should be encrypted as they say. I also found that creating a separate html page with the login form on it, instead of having it on the same page as the script eliminated my index errors. Have no idea why!

Anyway, thanks Monk, really appreciate your help. I have included my ‘hacked’ version of the script, should give someone a laugh!!

Regards - Timberman.

<?php session_start(); ob_start(); $user=$_POST["user"]; $pass=$_POST["pass"]; $logged_in_user="logged_in_user"; $links = "Click here to return to the main page

Click here to Log Out"; if (!$user || !$pass) { print "Please fill in both form fields.

"; print $links; exit; } if ($user && $pass ) { if($logged_in_user == $user) { print $user .", you are already logged in.

"; print $links; exit; } $db = mysql_connect('localhost:8888','root','10cats'); mysql_select_db("userlist", $db); $query = "SELECT * from users WHERE name = '".$user."' AND password = '".$pass."'"; $result=mysql_query($query); if(!$result) { print "Sorry, there appears to be a technical hitch, and we are unable to log you in"; exit; } if (mysql_num_rows($result) > 0) { $logged_in_user = $user; session_register("$logged_in_user"); print "Welcome " .$logged_in_user ."

"; print $links; exit; } else { print "We are sorry, invalid login, please try again"; } } ob_end_flush(); ?>