PHP SQL database login form

Register page works but when I try to use userid & password I can

Page 1 of 1

6 Replies - 19196 Views - Last Post: 18 June 2009 - 05:56 PM Rate Topic: -----

#1 mylifeishz  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 34
  • Joined: 20-May 08

PHP SQL database login form

Post icon  Posted 18 June 2009 - 03:41 PM

I am sorry to bother you all but I have a php problem. My login page won't work. When I click on the log in button it just refreshes the log in page even when the username and password are correct. I am posting my login form, login script and the form I am trying to access. If you can help me I would really appreciate it.
Login Form
<?php
//blank php code
?>
<html>
<head>
<title> Login Page</title>
</head>
<Body bgColor = #412700>
<!--body section with brown background-->
<!--center table and all contents-->
<center>
<!create table with blue background-->
<table bgColor= #2d73b9>
<tr><td>
<!--Title on Page-->
<h1>Please log in to the<br> Administration Page</h1>
<!--Form method and action-->
<form method = "POST" action = "StudentSurveyAdministrativeLogin.php">
<!--create labels and text boxes for ID, Password, and email-->
<label>User Id: </label><br>
<input type = "text" name = "userid" id = "userid"><br>
<label> User Password: </label><br>
<input type = "password" name = "password" id = "userpassword"><br>
<input type = "submit" name = "submit" id = "submit" value = "submit">
<form>
<!--end table, center-->
</td></tr>
</center>
<!--create link to register page-->
<a href="register.php">Register!</a>
<!--end body and html-->
</body>
</html>

Login Script
<?php
//Sean
//June 16, 2009
error_reporting(0);
//if loop to redirect to login page if fields are empty
if((!$_POST["userid"])|| (!$_POST["userpassword"]))
{	
	//redirect to login page
	header("Location: login.php");		
	exit;
}
	//declare database name, table name, connection and database connection
	$db_name = "student_survey_database";
	$table_name = "authorized_users";
	$connection = @mysql_connect("localhost", "sean", "efamily") or die(mysql_error());
	$db = @mysql_select_db($db_name, $connection) or die(mysql_error());
	//create sql database query
	$sql = "SELECT * FROM $table_name WHERE userid = '$_POST[userid]' 
		//verify password function matched user password
		AND userpassword = PASSWORD('$_POST[userpassword]')";
	//set result as query
	$result = @mysql_query($sql, $connection) or die(mysql_error());
	//set num as number of rows in database
	$num = mysql_num_rows($result);
	//if loop to see if there are more than 0 rows in database
	//if there are 1+ rows in database set cookies
	if($num != 0){
		$cookie_name = "auth";
		$cookie_value = "ok";
		$cookie_expire = time()+86400;
		$cookie_domain = "127.0.0.1";
		setcookie($cookie_name, $cookie_value, $cookie_expire, "/", $cookie_domain, 0);
	}
	//if there are 0 rows in database redirect to login page
	else
	{
		$stringmsg = "<p>The password is not right><p>";
		header("Location: login.php");
		exit;
	}
?>


Form I am trying to put the login requirement on
<?php
//verify cookie settings
if($_COOKIE[auth] == "ok")
{
	$stringwelcome= "<p>Welcome, ". $_POST['userid'] . </p>";	
}
else
{
	header("Location: /login.php");
	exit;
}
?>
<html>
<head>
<!--Sean, June 15, 2009-->
<title>Student Survey Administrative Page</title>
</head>
<body bgColor = #412700>
<form method = "POST" action="StudentSurveyAdministrative.php">
<!--center all contents-->
<center>
<!--Make table and assign background color-->
<table bgColor = #2d73b9>
<td align="center">
<!--Title and subTitle-->
<h1>Student Survey Results:</h1>
<h2> Anyway you want them!</h2>
<p><?echo $stringwelcome; ?></>
</td></tr>
<!--end table and break-->
</table>
<br>
<!-- new table with new color assigned-->
<table bgColor = #2d73b9 width="400">
<tr><td align="center">
<table bgColor=#BFE2F9 width="350">
<!--build radio button for "Major" options-->
<P><strong>Results by Major:</strong></br>
<input type="radio" name ="major" value="B"/>Business
<input type="radio" name ="major" value="IT"/>IT
<input type="radio" name ="major" value="GS"/>General Studies<br/><br/>
<tr>
<!--build button for submission to sort by Major-->
<p id="buttons"><input type="submit" name = "sMajor" value="Major"></p>
</tr>
<br>
<!--End table and break-->
</table>
</br>
<!--build new table and assign color-->
<table bgColor=#BFE2F9 width="350">
<!--radio button for "gender" options-->
<P><strong>Results by Gender:</strong></br>
<input type = "radio" name="gender" value="M"/>Male
<input type = "radio" name ="gender" value ="F"/>Female<br/><br/>
<tr>
<!--build submission button for sort by Gnder-->
<p id="buttons"><input type="submit" name = "sGender" value="Gender"/></p>
</tr>
<!--end table and break-->
</table>
</br>
<!--build table and assign color-->
<table bgColor=#2d73b9 width="350">
<!--build radio buttons for "Activity" options-->
<p><strong>Display Results by Activity:</strong></br>
<input type="radio" name="activity" value="S"/>Sports
<input type="radio" name="activity" value="SG"/>Student Government
<input type="radio" name="activity" value="C"/>Clubs<br/><br/>
<tr>
<!--build submission button to sort by Activity-->
<p id="buttons"><input type="submit" name = "sActivity" value="Activity"/></p>
</tr>
<!--end table, center, body and html-->
</table>
</table>
</center>
</body>
</html>



Thanks

This post has been edited by mylifeishz: 18 June 2009 - 05:31 PM


Is This A Good Question/Topic? 0
  • +

Replies To: PHP SQL database login form

#2 TTechGuy  Icon User is offline

  • D.I.C Head

Reputation: 3
  • View blog
  • Posts: 63
  • Joined: 24-April 09

Re: PHP SQL database login form

Posted 18 June 2009 - 04:05 PM

Should this:
if((!$_GET['userid'])|| (!$_GET[userpassword]))



be this

if((!$_GET["userid"])|| (!$_GET["userpassword"]))



The error has to be in this IF statement since it automatically redirects to the login page again.

Also, you might want to use POST instead of GET since you are passing a username and password as using GET will show them in the URL of the browser and therefore be available in the history.
Was This Post Helpful? 0
  • +
  • -

#3 mylifeishz  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 34
  • Joined: 20-May 08

Re: PHP SQL database login form

Posted 18 June 2009 - 05:24 PM

Okay I did what you said with both the quotations and the Method = POST instead of GET, but it still didn't work. I edited my original post so that this thread wouldn't get really big. So you can see the revisions in the original post. Any other suggestions?

Also thanks for helping me out. I really appreciate it.
Was This Post Helpful? 0
  • +
  • -

#4 FrozenSnake  Icon User is offline

  • En man från Sverige!

Reputation: 122
  • View blog
  • Posts: 995
  • Joined: 30-July 08

Re: PHP SQL database login form

Posted 18 June 2009 - 05:30 PM

Use the syntax highlighting!
check this row for example
$stringwelcome= "<p>Welcome, ". $_GET['userid'] . </p>";


You need four(4) " like this
$stringwelcome= "<p>Welcome, ". $_GET['userid'] ."</p>";


and I belive all the [] needs [''] so (when they are outside "")!
if($_COOKIE[auth] == "ok")
might need to be
if($_COOKIE['auth'] == "ok")


ex. this probably wont not work as you wish
echo "$_COOKIE['auth']";
that will probably end up with a error!

This post has been edited by FrozenSnake: 18 June 2009 - 05:32 PM

Was This Post Helpful? 0
  • +
  • -

#5 mylifeishz  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 34
  • Joined: 20-May 08

Re: PHP SQL database login form

Posted 18 June 2009 - 05:43 PM

Okay I did both of those and still doesn't work. I went through all of my []'s and made sure I put in ''. I didn't understand what you meant about the highlighting. I am sorry I am an extreme newbie. Thanks for your help and please let me know about the highlighting.
Was This Post Helpful? 0
  • +
  • -

#6 FrozenSnake  Icon User is offline

  • En man från Sverige!

Reputation: 122
  • View blog
  • Posts: 995
  • Joined: 30-July 08

Re: PHP SQL database login form

Posted 18 June 2009 - 05:53 PM

If you check the code here on the website you will notice that it will have different colors depending on different stuff. ex if is blue.

If you use notepad this will not work. But if you use a editor like editplus, php and many other languages will be syntax highlighted. This mean syntaxses have colors to make it easier to read the code.

change this line in the loginscript.
$sql = "SELECT * FROM $table_name WHERE userid = '$_POST[userid]'
		//verify password function matched user password
		AND userpassword = PASSWORD('$_POST[userpassword]')";
to
$sql = "SELECT * FROM $table_name WHERE userid = '$_POST[userid]' AND userpassword = PASSWORD('$_POST[userpassword]')";

You cannot use comments inside a querystring (I think). I would try and remove the PASSWORD('') also dunno what that is. So I cannot say for sure.

This post has been edited by FrozenSnake: 18 June 2009 - 05:56 PM

Was This Post Helpful? 0
  • +
  • -

#7 mylifeishz  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 34
  • Joined: 20-May 08

Re: PHP SQL database login form

Posted 18 June 2009 - 05:56 PM

Okay I see what you are saying. I am not allowed to use an editor in this class. Weird huh. What I will do is put it in dreamweaver and see if I can see what you are talking about. Thanks. In any case if you see anything else that you can think of that is wrong with my code please let me know.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1