redirecting back to login page with an error

Question

shawtyred74 0 Light Poster

13 Years Ago

Can someone please help me....I am new to php and I am having trouble with redirecting back to my loginpage with an error message showinf at the top of the loginpage when the wrong user name and password is entered that will say that the user is invalid...here is my login code:

<?php session_start(); ?>
<html>
<head>
<title>Login Page</title>
</head>
<body>

<h1>Login Here</h1>
<form name="input" action="mainform.php" method="post">
  <p>

  <br>
    Username: <input type="text" name="username" size="15"><br>
    Password: <input type="password" name="password" size="15"><br>


   <input type='submit' name='submit' value='Submit'>

</form>

</body>
</html>


and here is my mainform.php: 

<?php 
session_start(); 

if (isset($_POST['submit'])) {

    //$username = (isset($_POST['username'])) ? $_POST['username'] : '';
    //$password = (isset($_POST['password'])) ? $_POST['password'] : '';


$username = $_POST['username'];
$passwd = $_POST['password'];
$server = 'localhost';
$user = 'root';
$datapassword = '';
$database = 'km';
$table_name = 'users';

if($username && $passwd) {

$connect = mysql_connect($server, $user, $datapassword) or die ("Could Not Connect!");
mysql_select_db($database, $connect) or die ("Could Not Connect!");
$SQLcmd = "SELECT * FROM $table_name WHERE username='$username' AND password='$passwd'"; 
$query = mysql_query($SQLcmd);
$numrows = mysql_num_rows($query);

if ($numrows != 0){

            while ($row = mysql_fetch_array($query)) {

                $dbusername = $row['username'];
                $dbpassword = $row['password'];
                }


            //Check to see if they are match!
                if ($username == $dbusername && ($passwd) == $dbpassword) {                   
                    $_SESSION['username'] = $username;                  
                    header('Location: program1input.php');

                }
                elseif ($username == $dbusername && ($passwd) != $dbpassword)    
                    $_SESSION['unerror']= "Invalid Password, Please Try Again!!";
                    header('Location: program3inputnew.php');

        }    
        elseif ($username != $dbusername && ($passwd) != $dbpassword)
          $_SESSION['unerror']= "That user does not exist!!!";
          header("Location.program3inputnew.php");        

    }
    else
      echo "Please enter a username and password!";
}
?>

php

Edited 11 Years Ago by Nick Evan because: Fixed formatting

2 Contributors
3 Replies
234 Views
1 Day Discussion Span
Latest Post 13 Years Ago Latest Post by yoge911

All 3 Replies

yoge911 1 Newbie Poster

13 Years Ago

hey ,
i suppose that your mainform.php code had some syntax errors with if statements.
now i have removed those errors.
but , i dont know why are u validating everytime username and password. once a sql check is undergone...its not that necessary.
however now in the below code if the query is successfull than it redirects to the respective page .

<?php 
session_start(); 

if (isset($_POST['submit'])) 
	{

//$username = (isset($_POST['username'])) ? $_POST['username'] : '';
//$password = (isset($_POST['password'])) ? $_POST['password'] : '';


$username = $_POST['username'];
$passwd = $_POST['password'];
$server = 'localhost';
$user = 'root';
$datapassword = '';
$database = 'km';
$table_name = 'users';

		if($username && $passwd) 
		{

$connect = mysql_connect($server, $user, $datapassword) or die ("Could Not Connect!");
mysql_select_db($database, $connect) or die ("Could Not Connect!");
$SQLcmd = "SELECT * FROM $table_name WHERE username='$username' AND password='$passwd'"; 
$query = mysql_query($SQLcmd);
$numrows = mysql_num_rows($query);

			if ($numrows != 0)
					{

		while ($row = mysql_fetch_array($query)) 
		{
		$dbusername = $row['username'];
		$dbpassword = $row['password'];
		}


//Check to see if they are match!
if ($username == $dbusername && ($passwd) == $dbpassword) 
	{ 
	$_SESSION['username'] = $username;	
	header('Location: program1input.php');

	}
		elseif ($username == $dbusername && ($passwd) != $dbpassword) 
			{
				$_SESSION['unerror']= "Invalid Password, Please Try Again!!";
				header('Location: program3inputnew.php');

			} 
											
				else{ 
			$_SESSION['unerror']= "That user does not exist!!!";
			header("Location.program3inputnew.php"); 
				 	 }
											 
		}
						
		}else
				{
					echo "Please enter a username and password!";
				}
						
	}

?>

bye

Edited 13 Years Ago by yoge911 because: incorrect indentations

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

shawtyred74 0 Light Poster · Answer 1 · 2011-02-23T20:52:49+00:00

shawtyred74 0 Light Poster

13 Years Ago

Thank you so much for your help...

yoge911 1 Newbie Poster · Answer 2 · 2011-02-23T22:49:02+00:00

yoge911 1 Newbie Poster

13 Years Ago

hello,
sorry i observed it as marked after i posted this.
Thankyou

Edited 13 Years Ago by yoge911 because: wrong reply

redirecting back to login page with an error

Recommended Answers Collapse Answers

All 3 Replies

Recommended Answers