0

Please, my login form could not login to user homepage, it display (SELECT * FROM members WHERE email = 'wareez' AND password = 'lord')

and this is the login.php code

<?php

Please, my login form could not login to user homepage, it display (SELECT * FROM members WHERE email = 'wareez' AND password = 'lord')

and this is the login.php code

<?php
    //Start session
    session_start();

    //Array to store validation errors
    $errmsg_arr = array();

    //Validation error flag
    $errflag = false;

    //Connect to mysql server
    include('SQLConfig.php');
    //Function to sanitize values received from the form. Prevents SQL injection

    //Sanitize the POST values
    $a = $_POST['username'];
    $password = $_POST['password1'];

    //Input Validations
    /*if($login == '') {
        $errmsg_arr[] = 'Login ID missing';
        $errflag = true;
    }
    if($password == '') {
        $errmsg_arr[] = 'Password missing';
        $errflag = true;
    }

    //If there are input validations, redirect back to the login form
    if($errflag) {
        $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
        session_write_close();
        header("location: index.php");
        exit();
    }*/

    //Create query
    $qry="SELECT * FROM members WHERE email = '$a' AND password = '$password'";
    $result=mysql_query($qry);
    echo $qry;
    //Check whether the query was successful or not
    if($result) {
        if(mysql_num_rows($result) > 0) {
            //Login Successful
            session_regenerate_id();
            $member = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $member['id'];
            $_SESSION['SESS_FIRST_NAME'] = $member['fname'];
            header("location: lol.php");
            exit();
        }else {
            //Login failed
            header("location: index.php");
            exit();
        }
    }else {
        die("Query failed");
    }
?>



and also the registration form submit the data to the database but it did not display user homepage after successful registration and this is the regester.php code:

<?php
session_start();
include('SQLConfig.php');
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$address=$_POST['address'];
$city=$_POST['city'];
$contact=$_POST['contact'];
$emailadd=$_POST['emailadd'];
$password=$_POST['password'];
$gender=$_POST['gender'];
$bday=$_POST['bday'];

mysql_query("INSERT INTO members(fname, lname, address, city, contact, email, password, gender, bday, profilepic, coverphoto)VALUES('$fname', '$lname', '$address', '$city', '$contact', '$emailadd', '$password', '$gender', '$bday', 'profilepic/friends.png', 'coverphotos/cover.png')");
header("location: index.php");
mysql_close($con);
?>

please help me, i have try my best on these code. Please!!!


session_start();

//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = false;

//Connect to mysql server
include('SQLConfig.php');
//Function to sanitize values received from the form. Prevents SQL injection

//Sanitize the POST values
$a = $_POST['username'];
$password = $_POST['password1'];

//Input Validations
/*if($login == '') {
    $errmsg_arr[] = 'Login ID missing';
    $errflag = true;
}
if($password == '') {
    $errmsg_arr[] = 'Password missing';
    $errflag = true;
}

//If there are input validations, redirect back to the login form
if($errflag) {
    $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
    session_write_close();
    header("location: index.php");
    exit();
}*/

//Create query
$qry="SELECT * FROM members WHERE email = '$a' AND password = '$password'";
$result=mysql_query($qry);
echo $qry;
//Check whether the query was successful or not
if($result) {
    if(mysql_num_rows($result) > 0) {
        //Login Successful
        session_regenerate_id();
        $member = mysql_fetch_assoc($result);
        $_SESSION['SESS_MEMBER_ID'] = $member['id'];
        $_SESSION['SESS_FIRST_NAME'] = $member['fname'];
        header("location: lol.php");
        exit();
    }else {
        //Login failed
        header("location: index.php");
        exit();
    }
}else {
    die("Query failed");
}

?>

and also the registration form submit the data to the database but it did not display user homepage after successful registration and this is the regester.php code:

<?php
session_start();
include('SQLConfig.php');
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$address=$_POST['address'];
$city=$_POST['city'];
$contact=$_POST['contact'];
$emailadd=$_POST['emailadd'];
$password=$_POST['password'];
$gender=$_POST['gender'];
$bday=$_POST['bday'];

mysql_query("INSERT INTO members(fname, lname, address, city, contact, email, password, gender, bday, profilepic, coverphoto)VALUES('$fname', '$lname', '$address', '$city', '$contact', '$emailadd', '$password', '$gender', '$bday', 'profilepic/friends.png', 'coverphotos/cover.png')");
header("location: index.php");
mysql_close($con);
?>

please help me, i have try my best on these code. Please!!!

3
Contributors
5
Replies
16
Views
4 Years
Discussion Span
Last Post by Rainner
0

Get you output some errors please and tell us exactly what isn't working clearly.

Do you have a table called members? Do you have a column called email? Do you have a collumn called password? Are you sure you're meant to be checking the email column as the value 'wareez' isn't an email but a username.

Something I personally stick to.. instead of this:

(fname, lname, address, city, contact, email, password, gender, bday, profilepic, coverphoto)

this:

(`fname`, `lname`, `address`, `city`, `contact`, `email`, `password`, `gender`, `bday`,  `profilepic`, `coverphoto`)

You should focus on outputting error messages.

0

Thanks sir,

i have all these collumns in my database, but the error am facing was a suprise to me, instead to direct the user to home.php it will now return an error and also the registration form.

but the concern i have is that, the form submit the data to the database, but when login it will return error or is it from my home.php?

here is the code hot home.php

<?php
    require_once('auth.php');
?>
<?php
function time_stamp($session_time) 
{ 

$time_difference = time() - $session_time ; 
$seconds = $time_difference ; 
$minutes = round($time_difference / 60 );
$hours = round($time_difference / 3600 ); 
$days = round($time_difference / 86400 ); 
$weeks = round($time_difference / 604800 ); 
$months = round($time_difference / 2419200 ); 
$years = round($time_difference / 29030400 ); 

if($seconds <= 60)
{
echo"$seconds seconds ago"; 
}
else if($minutes <=60)
{
   if($minutes==1)
   {
     echo"one minute ago"; 
    }
   else
   {
   echo"$minutes minutes ago"; 
   }
}
else if($hours <=24)
{
   if($hours==1)
   {
   echo"one hour ago";
   }
  else
  {
  echo"$hours hours ago";
  }
}
else if($days <=7)
{
  if($days==1)
   {
   echo"one day ago";
   }
  else
  {
  echo"$days days ago";
  }



}
else if($weeks <=4)
{
  if($weeks==1)
   {
   echo"one week ago";
   }
  else
  {
  echo"$weeks weeks ago";
  }
 }
else if($months <=12)
{
   if($months==1)
   {
   echo"one month ago";
   }
  else
  {
  echo"$months months ago";
  }


}

else
{
if($years==1)
   {
   echo"one year ago";
   }
  else
  {
  echo"$years years ago";
  }


}



} 



?>
<html>
<link rel="icon" href="images/App-share-manager-icon.png" type="image" />
<link rel="shortcut icon" href="images/App-share-manager-icon.png" type="image" />
<title>i share</title>







<head>
<script language="JavaScript" type="text/javascript" src="suggest.js"></script>

<link rel="stylesheet" href="menu.css" type="text/css" media="screen" />
<link rel="stylesheet" href="css/main.css" type="text/css" media="screen" />

<link href="src/facebox.css" media="screen" rel="stylesheet" type="text/css" />

  <script src="lib/jquery.js" type="text/javascript"></script>
  <script src="src/facebox.js" type="text/javascript"></script>
  <script type="text/javascript">
    jQuery(document).ready(function($) {
      $('a[rel*=facebox]').facebox({
        loadingImage : 'src/loading.gif',
        closeImage   : 'src/closelabel.png'
      })
    })
  </script>

</head>
<body>
<div id="containertop" >
  <div id='profile' style='margin:10px;height:50px;'>




<ul id="menu">
<a rel="facebox" href="request.php"><img src="images/friends.png" border="0"></a>
<?php
    include('SQLConfig.php');

$result = mysql_query("SELECT * FROM friends WHERE requested='".$_SESSION['SESS_MEMBER_ID'] ."' and status='pending' ORDER BY requested ASC");

    $numberOfRows = MYSQL_NUMROWS($result); 

    echo '<font size="2" color="red"><b>' . $numberOfRows . '</b></font>'; 
    ?>  


    <a rel="facebox" href="messages.php"><img src="images/e_mail.png" border="0"></a>
    <?php
    include('SQLConfig.php');

$result = mysql_query("SELECT * FROM messages WHERE pakadtoan='".$_SESSION['SESS_MEMBER_ID'] ."' and status='unread' ORDER BY pakadtoan ASC");

    $numberOfRows = MYSQL_NUMROWS($result); 

    echo '<font size="2" color="red"><b>' . $numberOfRows . '</b></font>'; 
    ?>

<input type="text" id="amots" name="amots" onKeyUp="bleble();" autocomplete="off" style="margin-top: 10px; margin-left: 109px; width:272px;"/>
    <div id="layers" style="margin-right:109px; float:left; width:260px;"></div>
  <li class="menu_right" style="margin-right: 15px; float:right"><a href="#" class="drop">Accounts</a><!-- Begin 3 columns Item -->



      <div class="dropdown_3columns align_right"><!-- Begin 3 columns container -->







          <div class="col_3">

              <?php
               include('SQLConfig.php');            
                    $commentid=$_SESSION['SESS_MEMBER_ID'];

                                $result3 = mysql_query("SELECT * FROM members where id='$commentid'");


                                while($row3 = mysql_fetch_array($result3))
                                  { 


                    echo '<img src="'.$row3['profilepic'].'" height="124" width="124">'.'</a>';
                    $wwww=$row3['fname'].' '.$row3['lname'];

                                  }
                ?>




              <p align="center"><?php echo $wwww; ?></p>
              <p align="center"><a href="index.php">logout</a></p>
          </div>
      </div><!-- End 3 columns container -->
    </li>
    <!-- End 3 columns Item -->
</ul>
  </div>
  <div id='profile1' style='margin: -12px 10px 10px; height: 250px; border: 1px solid rgb(180, 187, 205); background-color: rgb(255, 255, 255);'>

              <div id="Layer1">


              <?php
               include('SQLConfig.php');            
                    $commentid=$_SESSION['SESS_MEMBER_ID'];

                                $result3 = mysql_query("SELECT * FROM members where id='$commentid'");


                                while($row3 = mysql_fetch_array($result3))
                                  { 


                    echo '<a href=editpic.php?id='.$row3["id"] .' title="Click to Edit Profile Picture">'.'<img src="'.$row3['profilepic'].'" height="124" width="124" style="border-width: 0px;">'.'</a>';

                                  }
                ?>






              </div>

              <?php
               include('SQLConfig.php');            
                    $commentid=$_SESSION['SESS_MEMBER_ID'];

                                $result3 = mysql_query("SELECT * FROM members where id='$commentid'");


                                while($row3 = mysql_fetch_array($result3))
                                  { 


                    echo '<a href=editcover.php?id='.$row3["id"] .' title="Click to Edit Profile Picture">'.'<img src="'.$row3['coverphoto'].'" height="250px" width="838px" style="border-width: 0px;">'.'</a>';

                                  }
                ?></div>
<div id='profile2' class="timelineheader">

             <div id="Layer3"> 
              <?php
               include('SQLConfig.php');            
                    $commentid=$_SESSION['SESS_MEMBER_ID'];

                                $result3 = mysql_query("SELECT * FROM members where id='$commentid'");


                                while($row3 = mysql_fetch_array($result3))
                                  { 


                    echo '<b>'.$row3['fname'].' '.$row3['lname'].'</b>';

                                  }
                ?>
             </div>
  </div>
<div id='profile2' class="timenav">  
    <div id="about">
        <div class="a">
          <div style="margin-left: 21px; margin-top: 7px;">
            <?php
               include('SQLConfig.php');            
                    $commentid=$_SESSION['SESS_MEMBER_ID'];

                                $result3 = mysql_query("SELECT * FROM members where id='$commentid'");


                                while($row3 = mysql_fetch_array($result3))
                                  { 


                    echo '<div style="height: 15px;"><b>Address: '.$row3['address'].' '.$row3['city'].'</div>';
                    echo '<div style="height: 15px;">Contact: '.$row3['contact'].'/'.$row3['email'].'</div>';
                    echo '<div style="height: 15px;">Gender: '.$row3['gender'].'</div>';  
                    echo '<div style="height: 15px;">Birthday: '.$row3['bday'].'</b></div>';         
                                  }
                ?>
          </div>
        </div>
        <div align="right">about
        </div>
    </div>   
    <div id="friends" style="margin-left: 341px; margin-top: -93px;">
        <div class="b"><span class="listfriends">

        </span> </div>
        <div align="right">
          <div id="Layer2">
            <?php
                        include('SQLConfig.php');
                        $result = mysql_query("SELECT * FROM friends WHERE requested='".$_SESSION['SESS_MEMBER_ID'] ."' and status='accepted' ORDER BY requested ASC");
                        $numberOfRows = MYSQL_NUMROWS($result); 
                        echo '<font size="5" color="white"><b>' . $numberOfRows . '</b></font>'; 
        ?>
            <a rel="facebox" href="listfriends.php?id=<?php echo $_SESSION['SESS_MEMBER_ID']; ?>" style="text-decoration:none; color:#FFFFFF;">friends</a> </div>
        friends
        </div>
    </div>
    <div id="friends" style="margin-left: 467px; margin-top: -93px;">
        <div class="b">
        </div>
        <div align="right">
        <div id="Layer2">
            <?php
                        include('SQLConfig.php');
                        $result = mysql_query("SELECT * FROM photos WHERE uploadedby='".$_SESSION['SESS_MEMBER_ID'] ."' ORDER BY id ASC");
                        $numberOfRows = MYSQL_NUMROWS($result); 
                        echo '<font size="5" color="white"><b>' . $numberOfRows . '</b></font>'; 
                        ?>
            <a rel="facebox" href="photos.php?id=<?php echo $_SESSION['SESS_MEMBER_ID']; ?>" style="text-decoration:none; color:#FFFFFF;">photos</a> </div>
        photos
        </div>
    </div>    
    <div id="friends" style="margin-left: 593px; margin-top: -93px;">
        <div class="b">
        </div>
        <div align="right">lorem</div>
    </div>
    <div id="friends" style="margin-left: 721px; margin-top: -93px;">
        <div class="b">
        </div>
        <div align="right">lorem
        </div>
    </div>
</div>

</div>
<div id="container">

       <div class="timeline_container">
            <div class="timeline">
                <div class="plus"></div>
            </div>
  </div>
<div class="item" style="height: 147px">


    <div class="tabs">

       <div class="tab">
           <input type="radio" id="tab-4" name="tab-group-2" checked>
           <label for="tab-4">Post</label>

           <div class="content">
               <form action="savecomment.php" method="post">
                <input name="from" type="hidden" value="<?php echo $_SESSION['SESS_MEMBER_ID']; ?>">
                <input name="to" type="hidden" value="<?php echo $_SESSION['SESS_MEMBER_ID']; ?>">
                <input name="pakadtoan" type="hidden" value="<?php echo $_SESSION['SESS_MEMBER_ID']; ?>">
                <textarea name="content" style="margin-left: 10px; width:95%"></textarea><br>
                <input name="" type="submit" value="POST" class='update_button' style="margin-left: 10px;">
               </form>
           </div> 
       </div>

       <div class="tab">
           <input type="radio" id="tab-5" name="tab-group-2">
           <label for="tab-5">Photo</label>

           <div class="content">
               <form action="postphoto.php" method="post" enctype="multipart/form-data">
                <input name="from" type="hidden" value="<?php echo $_SESSION['SESS_MEMBER_ID']; ?>">
                <input name="to" type="hidden" value="<?php echo $_SESSION['SESS_MEMBER_ID']; ?>">
                Select Image
                <br>
                <input type="file" name="image"><br>
                <input type="submit" value="Upload">
                </form>
           </div> 
       </div>


    </div>






  </div>


  <div class="item" style="padding-top: 3px;">
         <div class="topheader">
         <img src="images/download.jpg">
         <div class="timelineReportCol">Friends</div>
         </div>

  <div class="listfriends">
  <?php
               include('SQLConfig.php');            


                                $result = mysql_query("SELECT * FROM friends WHERE requested='".$_SESSION['SESS_MEMBER_ID'] ."' and status='accepted' ORDER BY requested ASC");


                                while($row3 = mysql_fetch_array($result))
                                  {
                                  $qwe=$row3['addedby'];
                                  $result1 = mysql_query("SELECT * FROM members WHERE id='$qwe'");


                                while($row1 = mysql_fetch_array($result1))
                                  { 


                                            echo '<a style="text-decoration:none" href=profile.php?id='.$row1["id"] .'>'.'<img src="'.$row1['profilepic'].'" title="'.$row1['fname'].' '.$row1['lname'].'" style="padding-left: 10px; padding-bottom: 10px; max-width: 50px"></a>';


                                  }
                                  }
                ?>
    </div>
  </div>
<?php
               include('SQLConfig.php');

$commentid=$_SESSION['SESS_MEMBER_ID'];                             
                                $result3 = mysql_query("SELECT * FROM comment where pakadtoan='$commentid' or name='$commentid' ORDER BY id DESC");


                                while($row3 = mysql_fetch_array($result3))
                                  {  

echo '<div class="item ">';
 echo '<a href=deletecomment.php?id='.$row3["id"].' class="delete">X</a>';


 echo '<div id="Layer4">';
    $qwerty=$row3['name'];  
    $time=$row3['created']; 
    $ppppp=$row3['postcat'];  
$result4 = mysql_query("SELECT * FROM members where id='$qwerty'");


                                while($row4 = mysql_fetch_array($result4))
                                  { 


                    echo '<img src="'.$row4['profilepic'].'" style="max-width: 50px">';
                    $qwqwqw=$row4['fname'].' '.$row4['lname'];

                                  }   







        echo '</div>';

        echo '<div style="width: 289px; margin-top: -6px; margin-left: 53px; padding-bottom: 0px;"><a style="text-decoration:none" href=profile.php?id='.$row3["commentid"] .'>'.$qwqwqw.'</a></div>';
        echo '<div class="sttime" style="float: right; margin-top: -4px; padding-bottom: 0px; padding-top: 0px; width: 310px;">';
        $time = time_stamp($time);
        echo '</div>';

        if($ppppp=='photos')
        {
        echo '<div style="width: 387px; margin-left: 8px; padding: 4px; margin-top: 20px; border-width: 1px 0px 0px 0px; border-style: solid; border-color: #e6e6e6;">';
        echo '<img src="'.$row3['content'].'" style="max-width: 387px">';
        echo '</div>';
        }
        if($ppppp!='photos')
        {
        echo '<div style="width: 387px; margin-left: 8px; padding: 4px; margin-top: 20px; border-width: 1px 0px 0px 0px; border-style: solid; border-color: #e6e6e6;">'.$row3['content'].'</div>';
        }




        echo '<div style="width: 385px; margin-left: 8px; padding: 4px; margin-top: 0px; background-color: rgb(237, 239, 244); margin-bottom: 2px; font-family: '.'Lucida Grande'.', Tahoma, Verdana, Arial, sans-serif; font-size: 11px; color: #3B5998;">';
        $rrr=$row3['id'];
$result = mysql_query("SELECT * FROM subcomment where subcommentid='$rrr'");

    $numberOfRows = MYSQL_NUMROWS($result); 

    echo $numberOfRows.'     '; 

        echo 'comment'.'</div>';


        $result4 = mysql_query("SELECT * FROM subcomment where subcommentid='$rrr'");
            while($row4 = mysql_fetch_array($result4))
             {                  
            echo '<div style="width: 385px; margin-left: 8px; padding: 4px; margin-top: 0px; background-color: rgb(237, 239, 244); margin-bottom: 2px;">';
            $fff=$row4['subcommentname'];
            $result5 = mysql_query("SELECT * FROM members where id='$fff'"); 
            while($row5 = mysql_fetch_array($result5))
            {
            echo '<img src="'.$row5['profilepic'].'" style="max-width: 50px; float:left;">';
            //echo '<div style="float: right; padding-top: 1px; padding-bottom: 1px; padding-right: 1px; width: 328px;">';
            echo '<label>';
            echo '<b><a style="text-decoration:none" href=profile.php?id='.$row3["commentid"] .'>'.$row5['fname'].' '.$row5['lname'].'</a></b>'.'   '.$row4['content'];
            echo '</label>';
            //echo '</div>';
            }
            echo '</div>';                   
            }                   


        echo '<div style="width: 385px; margin-left: 8px; padding: 4px; margin-top: 0px; background-color: rgb(237, 239, 244);">';
        echo '<form action="subcomment.php" method="post" style="margin-bottom: 2px;">';


        echo '<input name="commentid" type="hidden" value="'.$row3['id'].'">';
        echo '<input name="subcommentname" type="hidden" value="'.$_SESSION['SESS_MEMBER_ID'].'">';
        echo '&nbsp;&nbsp;<input name="subcommentcontent" type="text" style="width: 370px; margin-left: 0px;">';
        echo '</form>';  
        echo '</div>';
        echo '<div style="padding-top: 0px;"></div>';
echo '</div>';

}

              ?>



</div>
<script src="emeron.js"></script>
<script src="jquery.masonry.min.js"></script>

<script>
$(function(){


function Arrow_Points()
{ 
var s = $('#container').find('.item');
$.each(s,function(i,obj){
var posLeft = $(obj).css("left");
$(obj).addClass('borderclass');
if(posLeft == "0px")
{
html = "<span class='rightCorner'></span>";
$(obj).prepend(html);           
}
else
{
html = "<span class='leftCorner'></span>";
$(obj).prepend(html);
}
});
}

$('.timeline_container').mousemove(function(e)
{
var topdiv=$("#containertop").height();
var pag= e.pageY - topdiv-26;
$('.plus').css({"top":pag +"px", "background":"url('images/plus.png')","margin-left":"1px"});}).
mouseout(function()
{
$('.plus').css({"background":"url('')"});
});



$("#update_button").live('click',function()
{
var x=$("#update").val();
$("#container").prepend('<div class="item"><a href="#" class="deletebox">X</a><div>'+x+'</div></div>');

//Reload masonry
$('#container').masonry( 'reload' );

$('.rightCorner').hide();
$('.leftCorner').hide();
Arrow_Points();

$("#update").val('');
$("#popup").hide();
return false;
});

// Divs
$('#container').masonry({itemSelector : '.item',});
Arrow_Points();

//Mouseup textarea false
$("#popup").mouseup(function() 
{
return false
});

$(".timeline_container").click(function(e)
{
var topdiv=$("#containertop").height();
$("#popup").css({'top':(e.pageY-topdiv-33)+'px'});
$("#popup").fadeIn();
$("#update").focus();


});  


$(".deletebox").live('click',function()
{
if(confirm("Are your sure?"))
{
$(this).parent().fadeOut('slow');  
//Remove item
$('#container').masonry( 'remove', $(this).parent() );
//Reload masonry
$('#container').masonry( 'reload' );
$('.rightCorner').hide();
$('.leftCorner').hide();
Arrow_Points();
}
return false;
});



//Textarea without editing.
$(document).mouseup(function()
{
$('#popup').hide();

});


});
</script>

</body>
</html>
0

That's a lot of unstructured code that I don't have the time to go through. You really need to check your php error log to se if anythings being recorded. Make sure error reporting is on.

0

please send your email to me for me to send you the script in notepad format. please help me out. my email is gurusolutionworld@gmail.com. Regards...

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.