[RESOLVED] PHP login

mjgdunne

Hi, im pretty new to php, i have written some code for a login system, except i only coded it with one level of users, i need two levels. I have tried in vain to do this but nothing seems to work. Here is the code i have so far.
I need the query to be able to check which level user they are, i have a level field in the database, and levels are 1 and 2.
Thanks.

<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="root"; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "root", "root")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from signup form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$mylevel=$_POST['mylevel'];

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);


// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row


if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
session_register("mylevel");
header("location:login_success.php");
}

else {
header("location:login_failure.php");
// echo "Wrong Username or Password";
}
?>

halojoy

Hello friend.
halojoy here

I can see several issues with your nice little script 🙂

I do not know how you have missed [man]session_start/man
we tell this like 13 times a day ....
Likewise, we always tell people to not use old function session_register()
it is not recommended no more!
Always turn on errors, when working with your code:
ini_set(display_errors = 1 )
and set: error_reporting( E_ALL )

... mostly same as: error_reporting( 2047 );

4. ALWAYS ! use this to test your DB QUERY

$result = mysql_query($sql);
if($result === false){
    exit('db error: ' . mysql_error());
}

Study my changes,
try it and
post back any ERRORS or NOTICE you may get

<?php

session_start();

ini_set( 'display_errors', '1' );
error_reporting ( 2047 );



$host          = "localhost";  // Host name
$username = "root";        // Mysql username
$password = "root";         // Mysql password
$db_name  = "test";         // Database name
$tbl_name  = "members";  // Table name

// Connect to server and select databse.
mysql_connect("$host", "root", "root")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from signup form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$mylevel=$_POST['mylevel'];

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result = mysql_query($sql);
if($result === false){
    exit('db error: ' . mysql_error());
}


// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// assign $_SESSION variables: $myusername, $mypassword and redirect to file "login_success.php"

$userdata = mysql_fetch_row($result); //get the user row
$_SESSION["mylevel"]    = $userdata["user_level"];//column 'user_level' in userrow
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;


$debug = true; // Turn on DEBUGGING
if($debug){    
    //for debug only
    echo 'myusername: ' . $_SESSION["myusername"] . "<br />\n";
    echo 'mypassword: ' . $_SESSION["mypassword"] . "<br />\n";
    echo 'my level : '  . $_SESSION["mylevel"] . "<br />\n";
    exit();
}

header("location:login_success.php");

}

else {
    header("location:login_failure.php");
    // echo "Wrong Username or Password";
}

exit(); //We make SURE this PHP Script ENDS

?>

mjgdunne

Hi i am getting an error,

Fatal error: Call to undefined function seession_start() in C:\xampp\htdocs\checklogin.php on line 3

If i take out the session code it does work, although it is not picking up the level, in the database it is just called level and 1 denotes a level for customers and 2 denotes a level for employees.

NogDog

Assuming that error message is accurate, you have an extra "e" in "session_start".

mjgdunne

ok fixed that and sorted out a few others, but this is all i am getting:
myusername: mjgdunne
mypassword: rainbow
mylevel : Array

How can i get the level instead of the array.

halojoy

mjgdunne wrote:
ok fixed that and sorted out a few others, but this is all i am getting:
myusername: mjgdunne
mypassword: rainbow
mylevel : Array

How can i get the level instead of the array.

    $userdata = mysql_fetch_row($result); //get the user row
    $_SESSION["mylevel"]    = $userdata["user_level"];//column 'user_level' in userrow

of course you would have to replace 'user_level'
with the fieldname where you have level ( value 0,1,2 )

you probably have no table field called: 'user_level'

mjgdunne

Hi I change those line and im getting:

Notice: Undefined index: mylevel in C:\xampp\htdocs\checklogin.php on line 22

Notice: Undefined index: level in C:\xampp\htdocs\checklogin.php on line 40
myusername: mjgdunne
mypassword: rainbow
mylevel :

I changed those lines of code to:

$userdata = mysql_fetch_row($result); //get the user row
$SESSION["mylevel"] = $userdata["level"];
$SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;

NogDog

Use mysql_fetch_assoc() instead of mysql_fetch_row(). (The "row" version returns a numerically indexed array, so you want the "assoc" version in order to use the associative array indexes.)

mjgdunne

Thanks for that i got it to work using

$valuesLogin = mysql_fetch_array($result);