Here Is My Index.php

<form action="login.php" method="post">
Username: <input type="text" name="usname"/></br>
Password: <input type="text" name="pwname"/></br>
<input type="submit" />
</form>

And Here is my login.php

<?php
$con = mysql_connect("localhost","root","");
mysql_select_db("logindb", $con);
    $user = $_POST['user'];
    $pw = $_POST['password'];

    $sql = "select username,password,email from users where username='" . $user. "' and password='" . $pw . "' limit 1";
    $result = mysql_query($sql) or die($sql."<br/><br/>".mysql_error());

    if (mysql_num_rows($result))
    {
    setcookie("user", $user , time()+3600);
    echo ("You Have Successfully Logged In</br>");
    }

    else
    {
        echo ("You Have Failed To Logged In</br>");
    }
?>
<a href="/index.php">CLick here To go back Home</a> 

And It Always Say Failed

Hi,
Change in your form with this:

Username: <input type="text" name="user"/></br>
Password: <input type="text" name="password"/></br>

"name" value and $_POST['value'] must be the same value.

thanks but now when i try to save cokkie it says
Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\login.php:5) in C:\xampp\htdocs\login.php on line 33

Try

    $user = $_POST['usname'];
    $pw = $_POST['psname'];

     if (mysql_num_rows($result) >=1)
     {
         setcookie("user", $user , time()+3600);
         echo ("You Have Successfully Logged In</br>");
     }

If this doesn't work, then unset the cookie and do it again. And,let us know how you go!

do you know how to hide some html items with php??

How do you exactly mean? If you're talking about what I am thinking, then you use client-side languages(javascript, jquery)

Member Avatar
diafol

Change the password type attribute:

<form action="login.php" method="post">
    <label for = "user">Username: </label><input type="text" name="user" id="user" />
    <label for = "password">Password: </label><input type="password" name="password" id="password" /></br>
<input type="submit" name="sublog" value="Login" />
</form>

Your php:

<?php
$con = mysql_connect("localhost","root","");
mysql_select_db("logindb", $con);
    $user = mysql_real_escape_string($_POST['user']);
    $pw = mysql_real_escape_string($_POST['password']);

    $sql = "SELECT username, password, email FROM users WHERE username='$user' LIMIT 1";
    $result = mysql_query($sql) or die($sql."<br/><br/>".mysql_error());
    if (mysql_num_rows($result)){
         $data = mysql_fetch_assoc($result);
         //IDEALLY you'd hash your pw with a salt - this is not very secure
         if($pw == $data['password']){
             setcookie("user", $user , time()+3600);
             echo "You Have Successfully Logged In<br />";
         }
    }else{
        echo "You Have Failed To Logged In<br />";
    }
?>
<a href="/index.php">CLick here To go back Home</a> 

I don't think he is looking that much security at this stage. But, it is a good intro to SQL injection!

Thanks all but
there is a problem now i want to add html code to php if-else statements (to show or hide something)
i mean like that but when i use echo like

<?php
echo "<form action="login.php" method="post">
    <label for = "user">Username: </label><input type="text" name="user" id="user" />
    <label for = "password">Password: </label><input type="password" name="password" id="password" /></br>
<input type="submit" name="sublog" value="Login" />
</form>";
include 'menu.php';
?>

it says this error
Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in C:\xampp\htdocs\index.php on line 2

up solved but have a new error :S
Here is Code

<?php
$cookie = $_COOKIE["userforcong"];
if (isset($_COOKIE["user"]))
            {
            echo '</br>Congratulations You have registered And logged in with your account ( <?php echo "$cookie"; ?> ).</br>';
                echo '<form action="" method="post">
                        <input type="submit" name="logout" value="Logout" />
                        </form>';


            }
            else
            {
                echo 'Please Login And Come back again';
            }




    function logout()
    {

        if (isset($_COOKIE["user"]))
            {
                setcookie("user", "", time()-3600);
                echo '</br>Logout Successfully</br>';
            }

    }

if (isset($_POST['logout']))

{
     logout();
}

?>

<html>
</html>

But i Get this error
Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\cong.php:5) in C:\xampp\htdocs\cong.php on line 25

Member Avatar
diafol

Try:

echo "<br />Congratulations You have registered And logged in with your account ($cookie)<br />";

Also, you should check for the existence of a superglobal ($_COOKIE) before ascribing it to another var:

$cookie = $_COOKIE["userforcong"];

This will end in tears if $_COOKIE["userforcong"] does not exist.

i made COOKIE userforcong
im sure it exist

Member Avatar
diafol

Ah! I was looking at line 5 in the error message - you're problem is at line 25:

function logout()
    {
        if (isset($_COOKIE["user"]))
            {
                setcookie("user", "", time()-3600);
                echo '</br>Logout Successfully</br>';
            }
    }

You can't set a cookie once you've echoed stuff to the screen or have got any html/whitespace in the page (http://php.net/manual/en/function.setcookie.php). I'm assuming that your page is included inside another file? This file seems to have output before the include statement. I may be mistaken.

when i tried to type in 
`           echo ('hey.'.$cookie.'');`
            it gave me a good response idk why it doesnt wanna work
            P.s It Works With the successfull statement (after edit)

its not that problem i have echoed another cookie it didnt touch user cookie

i made it i just made the button to redirect to a page that only have this code and it worked

<?php
    function logout()
    {

        if (isset($_COOKIE["user"]))
            {
                setcookie("user", "", time()-3600);
                echo '</br>Logout Successfully</br>';
            }

    }
    logout();
?>
Member Avatar
diafol

Great. Solved?