login script returns blank page

Question

komanche 0 Newbie Poster

12 Years Ago

I have written a login page but each time I login it returns a blank page even with a wrong password please help:
the login page is as follows:

</head>

<body>
	<div id="wrapper">
    	<form action="methods/login.php" method="post">
		<ul>
        	<li><label>Username:</label><input type="text" name="username" size="10" value="<?php echo htmlentities("$username"); ?>" /></li>
            <li><label>Password:</label><input type="password" name="password" size="10" value="<?php echo htmlentities("$password"); ?>" /></li>
            <li><input type="submit" name="login" value="Log In" /></li>
            <li><input type="submit" name="join" value="Join" />
        </ul>
        </form>
      </div>
</body>
</html>

and the php login script is

<?php
	/**
	** handles the login feature of the sote 
	** check username and password with variables in the database
	*/
		require_once("../includes/ikobe.php");
		
		if (isset($_POST['username']) &&isset($_POST['password']))
		{
			$username = $_POST['username'];
			$password = $_POST['password'];
			
			$pass = sha1($password);
				
				if (!empty($username) &&!empty($password))
				{
					$query = "SELECT 'id' FROM 'users' WHERE username= '$username' AND password='$pass'";
					
					if ($query_run = mysql_query($query))
					{
						$query_num_row = mysql_num_rows($query_run);
						
							if ($query_num_row==0)
							{
								echo 'Invalid username / password combination';
							}
							else if ($query_num_row==1)
							{
								echo 'ok.';
							}
						
					}
				}
				else
				{
					echo 'You must supply a username and password.';
				}
		}
		
		

?>

any help will be greatly appreciated

php

9 Contributors
17 Replies
785 Views
1 Week Discussion Span
Latest Post 12 Years Ago Latest Post by karthik_ppts

All 17 Replies

MooGeek 16 Posting Whiz

12 Years Ago

Instead of

if ($query_num_row==0)
							{
								echo 'Invalid username / password combination';
							}
							else if ($query_num_row==1)
							{
								echo 'ok.';
							}

TRY

if($query_num_row == 0)
{
 echo "Invalid username/ password combination";                                    
die();
}

echo "ok.";

diafol

12 Years Ago

You haven't got any error msg for when post vars not set. ANyway - are the connection details included somewhere?

MooGeek 16 Posting Whiz

12 Years Ago

You haven't got any error msg for when post vars not set. ANyway - are the connection details included somewhere?

I think the error is that he only settled with only 0 or 1 of returned value of the database.

fenixZ 0 Light Poster

12 Years Ago

You can try:

$username = $_POST['username'];
$password = $_POST['password'];
var_dump($username,$password ); // If tha it is ok continue dumping...
//...
var_dump(mysql_query($query)); // see what it returns on correct incorrect and empty
var_dump( mysql_num_rows($query_run));
if ($query_run = mysql_query($query))
//....

You should try more debugging first before you post question.

Edited 12 Years Ago by fenixZ because: n/a

pritaeas 2,194 ¯\_(ツ)_/¯

12 Years Ago

Your query is using the wrong quotes.

$query = "SELECT `id` FROM `users` WHERE username= '$username' AND password= '$pass'";

Edited 12 Years Ago by pritaeas because: n/a

karthik_ppts commented: yes... correct solution. +6

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

extemer -17 Junior Poster Banned · Answer 1 · 2011-09-11T23:29:25+00:00

i have rewrite your code and made it little simple for by using JQ.I have use while loop in the php code for getting the username and password from the DB.

<?php
  //  require_once("../includes/ikobe.php");
     
    if (isset($_POST['username']) &&isset($_POST['password']))
    {
		$con = mysql_connect("localhost","root","");
        $db_selected = mysql_select_db("check", $con);
     
	 $username = $_POST['username'];
     $password = $_POST['password'];
     
  //  $pass = sha1($password);
     
    if (!empty($username) &&!empty($password))
    {
    $query = "SELECT `id`,`username`, `password` FROM `testing` WHERE `username` = '$username' AND `password` ='$password'";
     $result=mysql_query($query);
	 
	 while($check = mysql_fetch_array($result))
	 {
    $USER = $check['username'];
	 $PASS = $check['password'];
	 }
	 
	 if($_POST['username']==$USER && $_POST['password']==$PASS)
	 {
header("location: test.php");// rewrite the page into header where you want to redirect after  
// login  into 
	 }}
	 }
    ?>
    
<html>
<head>

<script src="js/jquery.js"></script>

<script>
$(document).ready(function(){
						   
	    $("#submit").click(function(){
		
		var check1 = $("#username").val();
		var check2 = $("#password").val();
		var username1 ="username";  // username is same as username name from DB
		var password2 ="password"; // password is same as username name from DB
		
		if(check1 != username1)
		{
		alert("Username not valid");
		}
	
	    if(check2 != password2 )
		{
	    alert("password not valid");
	    }
	});					   
});

</script>

    </head> 
    <body>
    
    <div id="wrapper">
    <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
    <ul>
    <li><label>Username:</label><input type="text" name="username" id="username" size="10" value="<?php echo htmlentities("$username"); ?>" /></li>
    <li><label>Password:</label><input type="password" name="password"  id="password" size="10" value="<?php echo htmlentities("$password"); ?>" /></li>
    <li><input type="submit" name="login" id="submit" value="Log In" /></li>
    <li><input type="submit" name="join" value="Join" /></li>
    </ul>
    </form>
    </div>
    
    </body>
    </html>

if you have any Question can ask me

komanche 0 Newbie Poster · Answer 2 · 2011-09-12T17:55:23+00:00

I have changed afew parts and added the var_dump feature. It displays the input characters but even with a wrong password still returns a blank pagebut displays the values entered via the var_dump. If no values are entered the if returns enter username or password.
cant work why it displays the blank page?

-<?php
	/**
	** handles the login feature of the sote 
	** check username and password with variables in the database
	*/
		
		require_once("../includes/ikobe.php");
		
		if (isset($_POST['username']) &&isset($_POST['password']))
		{
			$username = $_POST['username'];
			$password = $_POST['password'];
			var_dump($username,$password);
		
			$pass = sha1($password);
				
				 
				
				if (!empty($username) &&!empty($password))
				{
					$query = "SELECT 'id' FROM 'users' WHERE username= '$username' AND password= '$pass'";
														
					if ($query_run = mysql_query($query))
					{
						$query_num_row = mysql_num_rows($query_run);
						
							if ($query_num_row==0)
							{
								echo 'Invalid username / password combination';
								die();
							}
							else if ($query_num_row==1)
							{
								echo 'ok.';
							}
						
					}
				}
				else
				{
					echo 'You must supply a username and password.';
				}
		}
		
		
 
?>

if I enter the connection script it still displays a blank page?

jogesh_p 6 Junior Poster in Training · Answer 3 · 2011-09-12T18:29:01+00:00

where is the login forms html part??

try with the code

# the name of the submit button??
if(isset($_REQUEST['submit_button_name'])){
  // Rest Code here..
  $username = $_POST['username'];
			$password = $_POST['password'];
			var_dump($username,$password);
		
			$pass = sha1($password);
				
				 
				
				if (!empty($username) &&!empty($password))
				{
					$query = "SELECT 'id' FROM 'users' WHERE username= '$username' AND password= '$pass'";
														
					if ($query_run = mysql_query($query))
					{
						$query_num_row = mysql_num_rows($query_run);
						
							if ($query_num_row==0)
							{
								echo 'Invalid username / password combination';
								die();
							}
							else if ($query_num_row==1)
							{
								echo 'ok.';
							}
						
					}
				}
				else
				{
					echo 'You must supply a username and password.';
				}
}

jogesh_p 6 Junior Poster in Training · Answer 4 · 2011-09-12T18:32:35+00:00

Sorry for the last one try this

# the name of the submit button??
if(isset($_REQUEST['submit_button_name'])){
  // Rest Code here..
  $username = $_POST['username'];
			$password = $_POST['password'];
			var_dump($username,$password);
		
			$pass = sha1($password);
				
				 
				
				if (!empty($username) &&!empty($password))
				{
					$query = "SELECT id FROM users WHERE username= '$username' AND password= '$pass'";
														
					if ($query_run = mysql_query($query))
					{
						$query_num_row = mysql_num_rows($query_run);
						
							if ($query_num_row==0)
							{
								echo 'Invalid username / password combination';
								die();
							}
							else if ($query_num_row==1)
							{
								echo 'ok.';
							}
						
					}
				}
				else
				{
					echo 'You must supply a username and password.';
				}
}

pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 5 · 2011-09-12T18:36:24+00:00

Sorry for the last one try this

You can change your own posts within 30 minutes, by using the [Edit] button on the left.

jogesh_p 6 Junior Poster in Training · Answer 6 · 2011-09-12T18:51:04+00:00

You can change your own posts within 30 minutes, by using the [Edit] button on the left.

@pritaeas I am sorry but i didn't knew this feature to edit the own post with in 30 minutes. Thank you to tell me Sir...

MooGeek 16 Posting Whiz · Answer 7 · 2011-09-13T08:41:59+00:00

I have changed afew parts and added the var_dump feature. It displays the input characters but even with a wrong password still returns a blank pagebut displays the values entered via the var_dump. If no values are entered the if returns enter username or password.
cant work why it displays the blank page?

-<?php
	/**
	** handles the login feature of the sote 
	** check username and password with variables in the database
	*/
		
		require_once("../includes/ikobe.php");
		
		if (isset($_POST['username']) &&isset($_POST['password']))
		{
			$username = $_POST['username'];
			$password = $_POST['password'];
			var_dump($username,$password);
		
			$pass = sha1($password);
				
				 
				
				if (!empty($username) &&!empty($password))
				{
					$query = "SELECT 'id' FROM 'users' WHERE username= '$username' AND password= '$pass'";
														
					if ($query_run = mysql_query($query))
					{
						$query_num_row = mysql_num_rows($query_run);
						
							if ($query_num_row==0)
							{
								echo 'Invalid username / password combination';
								die();
							}
							else if ($query_num_row==1)
							{
								echo 'ok.';
							}
						
					}
				}
				else
				{
					echo 'You must supply a username and password.';
				}
		}
		
		
 
?>

if I enter the connection script it still displays a blank page?

I told you that this is the problem.

if ($query_num_row==0)
							{
								echo 'Invalid username / password combination';
								die();
							}
							else if ($query_num_row==1)
							{
								echo 'ok.';
							}

You were using Else if. That means there is another value that doesn't satisfy the condition of 1 and 0

karthik_ppts 81 Posting Pro · Answer 8 · 2011-09-13T10:41:51+00:00

As pritaeas suggest, Your quotes in the query are the problem. so replace ' with ` in the field name and table name like this.

$query = "SELECT `id` FROM `users` WHERE username= '$username' AND password= '$pass'";

komanche 0 Newbie Poster · Answer 9 · 2011-09-15T18:32:48+00:00

Thanks Priteas I did not know of the different ` and ' commas. But am still getting the same result have tried not using the commas but the page returns a blank page.
any ideas because the logic seems right.
thanks for the input.

ddymacek 15 Posting Whiz · Answer 10 · 2011-09-16T03:59:23+00:00

this line of code is totally incorrect and fails every time, but there is no else statement alerting you to this fact. it must be changed.

if ($query_run = mysql_query($sql)) {

I've added in some db connection code but you should be able to follow along, there are some echos as well just so you can see what is happening.
this is tested sha1 as password users table with id,username,password fields

define('DB_HOST','localhost');
define('DB_USER','root');
define('DB_PASS','');
define('DB_BASE','test');	
if (isset($_POST['login'])) {
	if (isset($_POST['username']) &&isset($_POST['password'])) {
		$username = $_POST['username'];
		$password = $_POST['password'];
	 
		$pass = sha1($password);
		echo "process username = " . $username . "<br />";
		echo "process pass = " . $password . "<br />";
		echo "process sha = " . $pass . "<br />";
		if (!empty($username) &&!empty($password)) {
			
			$dblink = null;
			try	{
				$dblink = mysql_connect(DB_HOST,DB_USER,DB_PASS);
				mysql_select_db(DB_BASE,$dblink);
			} catch(Exception $ex) {
				echo "Could not connect to " . DB_HOST . ":" . DB_BASE . "\n";
				echo "Error: " . $ex->message;
				exit;
			}			// changed query from id to *... you can change back to id if that is all you want.
			$sql = "SELECT * FROM `users` WHERE username= '$username' AND password='$pass'";
			$retid = mysql_query($sql,$dblink) or die(mysql_error());
			if (!$retid) { 
				echo( mysql_error()); 
			} else {
				echo "retid = ok!!!!!<br>";
			}
			if ($row = mysql_fetch_array($retid)) {	
				$thisid = $row['id'];
				$thisuser = $row['username'];
				$thispass = $row['password'];
				echo "found id = " . $thisid . "<BR>";
				echo "found thisuser = " . $thisuser . "<br>";
				echo "found pass = " . $thispass . "<BR>";
			}
		
			if(is_resource($dblink)) {		
				mysql_close($dblink);
			}			
			//if ($query_run = mysql_query($sql)) {
			if ($retid) { 
				$query_num_row = mysql_num_rows($retid);
				echo "query num row = " . $query_num_row . "<BR>";
				if ($query_num_row==0) {
					echo 'Invalid username / password combination';
				} else if ($query_num_row==1) {
					echo 'ok.';
				} 
			} else { 
				echo "QUERY RUN WAS FALSE, unexpected result!!!";
				//  this was returning every time on the query_run = mysql... line above, which would never pass that line
			}
		} else {
			echo 'You must supply a username and password.';
		}
	}
}

komanche 0 Newbie Poster · Answer 11 · 2011-09-17T19:14:28+00:00

Thanks alot to you all I can now continue to develop the next step add user levels for various categories. The code is running without any logic errors and login in properly. Greatly appreciate the help.

karthik_ppts 81 Posting Pro · Answer 12 · 2011-09-17T19:47:51+00:00

Mark this thread as solved if your problem solved.

login script returns blank page

Recommended Answers Collapse Answers

All 17 Replies

Recommended Answers