0

hi...
this is my index page...

include("config.php");
session_start();

if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from form 

$myusername=addslashes($_POST['username']); 
$mypassword=addslashes($_POST['password']); 

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);

$sql="SELECT id FROM admin WHERE username='$myusername' and passcode='$mypassword'";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
$active=$row['active'];

$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
session_register("myusername");
session_register("mypassword"); 

$_SESSION['login_user']=$myusername;

header("location: welcome.php");
}
else 
{
$error="Your Login Name or Password is invalid";
}
}
?>

im getting the error as
undefined index username and password at the lines 10 and 11

please help me to solve this error

Edited by Reverend Jim: closed

5
Contributors
9
Replies
27
Views
6 Years
Discussion Span
Last Post by 3.15127E+11
0

first off, you cannot put session_start() at the top of a login page, because there is no session yet. I would just take out $_SERVER["REQUEST_METHOD"] == "POST") unless you know that the variables are being posted. Try this because i have a feeling you got this from another website.. Also, you dont need to make a session variable on the login screen because you are already going to register the username. If you want to register more variables, then add them to the to session_register.

session_register("myusername");
session_register("mypassword"); 
// Dont Need
$_SESSION['login_user']=$myusername;
<?php
$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
session_register("active");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

Edited by fobos: n/a

2

You CAN and perhaps should put session_start() at the head of the page.

Do not use session_register:

"This function has been DEPRECATED as of PHP 5.3.0. Relying on this feature is highly discouraged."

from the php manual.

session_start();
include("config.php");
if(isset($_POST['username']) && isset($_POST['password']) && !empty($_POST['username']) && !empty($_POST['password'])){
  $myusername=mysql_real_escape_string($_POST['username']); 
  $mypassword=mysql_real_escape_string($_POST['password']); 

  $sql="SELECT id FROM admin WHERE username='$myusername' and passcode='$mypassword'";
  $result=mysql_query($sql);
  if(mysql_num_rows($result)){
    $_SESSION['login_user']=$myusername;
    //what's the purpose of active?? does it do anything?
    header("location: welcome.php");
  }else{
    $error="Your Login Name or Password is invalid";
  }
}

Edited by diafol: n/a

Votes + Comments
I was just about to say the same
0

first off, you cannot put session_start() at the top of a login page, because there is no session yet. I would just take out $_SERVER["REQUEST_METHOD"] == "POST") unless you know that the variables are being posted. Try this because i have a feeling you got this from another website.. Also, you dont need to make a session variable on the login screen because you are already going to register the username. If you want to register more variables, then add them to the to session_register.

session_register("myusername");
session_register("mypassword"); 
// Dont Need
$_SESSION['login_user']=$myusername;
<?php
$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
session_register("active");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

sorry guys i tried both the codings still im not getting the answer

can u give suggest me some other login page with codings

0

Are you able to echo username and password after the if($_SERVER["REQUEST_METHOD"] == "POST")?

0

ARe you sure that the form field names are username and password. The names are username and passcode in th DB. Just wondering.

0

ARe you sure that the form field names are username and password. The names are username and passcode in th DB. Just wondering.

hi guys.............

i got the output.............

variable names were wrong...

thx......for helping me

-2

this is my html code
<html> <head> <h1 align=center>LOGIN PAGE</h1> </head> <body align=center> <div align=center> <form method="post" action="welcome.php" > <label>USERNAME</label> <input type="text" value=""></input> <br><br> <label>PASSWORD</label> <input type="password" value=""></input><br><br> <input type="submit" value="submit"></input><br><br> </form> </div> </body> </html>

and this is my php code

<html> <body>
WELCOME

<?php
$a = $_POST['name'];
echo var_dump($a);
?>

YOUR LOGIN IS SUCCESSFUL
</body> </html>

but when i click submit i keep getting this error
WELCOME
Notice: Undefined index: name in /opt/lampp/htdocs/phpvalidations/welcome.php on line 5
YOUR LOGIN IS SUCCESSFUL

Votes + Comments
Dont hijack a 6 year old thread. Start your own.