Hello,
I have this file which verifies the URN and PASSWORD of the user in the database...if it exist -> conf.php if it does not -> rej.php
In conf.php i want to display a message for example
Welcome, Nick ....
this name should match with the URN (primary key) of the database verified in the first file....But it seems that it can't store the URN number that user inputs in first place.
If i put a number that exists on database instead of '$urn' in the select statement (second file) then it works....
Anybody who might now
<------------ FIRST FILE --------------->
<?php
ob_start();
require ('main.php');
$page = new homePage();
$page -> content = '<p class = "content"> Student Log In </p> <br><br><br><br> ';
$page -> Display();
$mysql = new mysqli('localhost', 'root', '323232');
$urn = $POST['urn'];
$pass = $POST['pass'];
if(!isset($POST['urn'])&&!isset($POST['pass']))
{
$error_msg.="Please enter your<br>";
?>
<form class = "myform" action="" method="POST">
<div style = "position:relative; top:0%; left:35">
<font size = "4"><b> Please Log In by inserting your URN number and last name </b></font><br><br>
<table border="1" cellpadding="7" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="600" id="AutoNumber1">
<tr>
<td align = "right" width = "16%"> URN: </td>
<td width = "84%"><input class = "input" type = "text" name = "urn" value = "<?echo $_POST['urn'];?>" maxlength = "7">
<font color ="red"> * </font><i><font size = "2"> URN must be exactly 7 characters long </i></font></td>
</tr>
<tr>
<td align = "right" width = "16%"> password: </td>
<td width = "84%"><input class = "input" type = "password" name = "pass" value = "<?echo $_POST['pass'];?>" maxlength = "100">
<font color ="red"> * </font><i><font size = "2"> insert your last name as it appears on your student id</i></font></td>
</tr>
<tr>
<td colspan = "2" align = "middle"><input class = "button" type="submit" name="subButton" value=" > Log In < "></td>
</tr>
</table>
</div>
</form>
<?php
}
else
{
// connect to mysql
$mysql = new mysqli('localhost', 'root', '323232');
if(!$mysql)
{
echo 'Cannot connect to database.';
exit;
}
// select the appropriate database
$selected = mysqli_select_db( $mysql, 'project' );
if(!$selected)
{
echo 'Cannot select database.';
exit;
}
// query the database to see if there is a record which matches
$query = "select count(*) from student where
stud_id = '$urn' and
stud_lname = '$pass'";
$result = mysqli_query( $mysql, $query );
if(!$result)
{
echo 'Cannot run query.';
exit;
}
$row = mysqli_fetch_row( $result );
$count = $row[0];
if ( $count > 0 )
{
header('location: ' . 'conf.php');
exit();
}
else
{
header('location: ' . 'rej.php');
exit();
}
}
$page -> Display2();
ob_end_flush();
?>
<----- SECOND FILE ----- >
<?php
require ('main.php');
$page = new homePage();
$page -> content = '<p class = "content"> Your registration was successful </p>';
$page -> Display();
$urn = $_POST['urn'];
$mysql = new mysqli('localhost', 'root', '323232');
if(!$mysql)
{
echo 'Cannot connect to database.';
exit;
}
// select the appropriate database
$selected = mysqli_select_db( $mysql, 'project' );
if(!$selected)
{
echo 'Cannot select database.';
exit;
}
if (!get_magic_quotes_gpc())
{
$urn = addslashes($urn);
}
// query the database to see if there is a record which matches
$query = "select stud_fname, stud_lname from student where
stud_id = '$urn'";
$result = $mysql->query($query);
$num_results = $result->num_rows;
for ($i=0; $i <$num_results; $i++)
{
$row = $result->fetch_assoc();
echo stripslashes($row['stud_fname']);
echo '<br>';
echo stripslashes($row['stud_lname']);
}
//$result->free();
$mysql->close();
$page -> Display2();
?>
