That is my login code, and it isn't working correctly. If I enter false credentials it doesn't give me the error. Also, when you click login, the url turns into "url.com/login.php?do=login&username=username&password=pass word. +repPHP Code:<?php
$data = mysql_query("SELECT * FROM `users` WHERE `username` = '$username'");
if($grab_login === 1){
header("Location: index.php");
} else {
if($_GET['do'] == login){
$user = $_POST['username'];
$password = $_POST['password'];
if($user == $data['username'] || $password == $data['password']){
$_SESSION['username'] = $user;
$_SESSION['logged_in'] = 1;
header("Location: index.php");
} else {
echo "your login credentials were incorrect.";
}
}
}
?>
<form action="?do=login">
<input type="text" name="username" />
<input type="password" name="password" />
<input type="submit" value="login" />
Closed by Johno! (Forum Moderator): To prevent further pointless posting.
Results 1 to 10 of 43
Thread: Login Page
-
Login Page
Last edited by Johno; 18-11-2008 at 05:09 PM.
-
That login does not make any sense what so ever. We need to see it all, and if that is all of it... then wth.
ref "the url turns into "url.com/login.php?do=login&username=username&password=pass " - add method="POST" to your form tagLast edited by Source; 16-11-2008 at 08:43 PM.
-
Why wth? I don't see anything wrong with it? There's a config.php include at the top of the page (not included in that code). If you want I can show config.php?
-
PHP Code:
<?php
//where is it getting $username from?
$data = mysql_query("SELECT * FROM `users` WHERE `username` = '$username'");
//where is it getting $grab_login
if($grab_login === 1){
header("Location: index.php");
} else {
if($_GET['do'] == login){
$user = $_POST['username'];
$password = $_POST['password'];
//$data['username'] doesnt correspond to anything? same with pass
if($user == $data['username'] || $password == $data['password']){
$_SESSION['username'] = $user;
$_SESSION['logged_in'] = 1;
header("Location: index.php");
} else {
echo "your login credentials were incorrect.";
}
}
}
?>
answer those questions in comments.
-
All of those variables are defined in config.php.
-
Lol, epic fail.
For my own curiosity, what difference does three ==='s mean?
-
all of them? so why have the query at the top and no fetch_array to go with it? At the moment its check the credentials with a resource return (or w/e
).
And L?ke I believe 3 = (===) means the value and data type must be the same (integer, boolean etc..).
-
All of them but $data. Why do I need to use fetch_array?
-
because your using that information to see if the username and password are correct?
This script is seriously confusing, and if its not then fair enough im an idiot.
-
All I want to do is check if the information the user entered is correct (matches the ones in the database).PHP Code:
<?php
$data = mysql_query("SELECT * FROM `users` WHERE `username` = '$username'");
// if logged in goto homepage, if not continue
if($grab_login === 1){
header("Location: index.php");
} else {
if($_GET['do'] == login){
$user = $_POST['username'];
$password = $_POST['password'];
// checks if the username and password the user entered matches the ones in the database
if($user == $data['username'] || $password == $data['password']){
$_SESSION['username'] = $user;
$_SESSION['logged_in'] = 1;
header("Location: index.php");
} else {
echo "your login credentials were incorrect.";
}
}
}
?>
<form action="?do=login">
<input type="text" name="username" />
<input type="password" name="password" />
<input type="submit" value="login" />
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts