I am trying to get my user login on my mainpage (index3.php) to work. i have spent a long time tweaking and fiddling with this code that i used before on a smaller website, and that runs off the same data in the user table on the same mysql database that i am using for this login. The problem is strange, as the first login i created for this smaller website works fine, but i have had notable problems with this website. All i have is a username (email address), and password box, and of course a 'submit' button to login the user. I have set up cookies to be set if the user is logging in for the first time, and also a feature to check for the cookie if the user is trying to access the site again. In the database table (member) the names are similar (username, password) to the form names, so there shouldnt be a problem there.
When the data has been entered that i know is correct, and the submit button is clicked, the page just reloads. and doesnt navigate to the correct page.
Here is the php i am using:
<?php
/*STEP 1: Define the database host, database username and database password below for database connection
* please also define the database name that your tables are reside in
*
*/
define("DBHOST","localhost"); //include the name of the dbhost,use for database connection
define("DBNAME","*******"); //include the username for connecting to database
define("DBPASS","*******"); //include the password for connecting to database
define("DB","the-coff_maitland"); //database name that all tables are reside in
if(isset($_COOKIE["username"]) && $_COOKIE["username"] == "member"){
/*
*STEP 2: Replace yourURLhere.php with the page you want to forward the user
* if user has login but still want to access this page.
*/
header("Location:membersArea.php");
exit;
}
elseif(!isset($_POST["submit"])){
display();
exit;
}
else{
//checking if the user really input some character into the following field
if(!strlen($_POST["username"])){
$username = htmlspecialchars($_POST["username"]);
}
if(!strlen($_POST["password"])){
$password = htmlspecialchars($_POST["password"]);
}
$dblink = mysql_connect(DBHOST,DBNAME,DBPASS);
mysql_select_db(DB);
$query = "SELECT username, password FROM member WHERE username ='$username' AND password = '$password';";
$result = mysql_query($query);
$data = mysql_fetch_array($result);
//If the password is matched to the one in database, grant access by setting cookie
if($data[1] == $password){
setcookie("username", "member", time() + 1800);
setcookie("username", $data[0], time() + 1800);
mysql_close($dblink);
/*
*STEP 3: Replace yourURLhere.php with the page you want to first forward the user to
*/
header("Location:membersArea.php");
exit;
}
mysql_close($dblink);
}
//this function is to output the form
function display(){
?>
and here is the form code:
<table width="0%" border="0">
<form method="post">
<tr>
<td width="50"><p class="leftBar">Username</p></td>
<td><input type="text" name="username" size="16"></td>
</tr>
<tr>
<td width="50"><p class="leftBar">Password</p></td>
<td><input type="password" name="password" size="16"></td>
</tr>
</table>
<table width="92%" border="0">
<tr>
<td height="21"><a href="forgotPassword.php" class="leftBar">Forgotten Password?</a></td>
<td align="center"><input type="image" value="submit" src="images/submit.jpg"
border="0" alt="Click Here To Sign In" name="submit">
</td>
</tr>
</form>
</table>
<? } ?>
Please can you help me spot this stupid problem that is disrupting my login.
Thanks
