I have a login script for my website, I get an Undefined index: submit error.
Previously I had a similar issue for registration, so I attempted to define submit with
if (!isset($_POST['submit']) || ($_POST['submit'] != 'Login')){
That seems to have fixed the undefined index, but now all my login error or successes are being overridden.. If I use 'myname' and 'mypassword' to login it should work but nothing happens.
<?php
session_start();
include "./global.php";
if(!isset($_SESSION['uid'])) $_SESSION['uid'] = NULL;
echo "<title>Login</title>";
if ($_SESSION['uid']) {
echo "You are already logged in, if you wish to log out please <a href=\"./logout.php\">click here</a>!/\n";
}else{
if (!isset($_POST['submit']) || ($_POST['submit'] != 'Login')){
#if (!$_POST['submit']){
echo '<table border="0" cellspacing="3" cellpadding="3">';
echo '<form method="Post" action="./login.php">';
echo '<tr><td>Username</td><td><input type="text" name="username"></td></tr>';
echo '<tr><td>Password</td><td><input type="password" name="password"></td></tr>';
echo '<tr><td colspan="2" align="right"><input type="submit" name="submit"></td></tr>';
echo '</form></table>';
}else{
$user = mss($_POST['username']);
$pass = $_POST['password'];
if($user && $pass){
$sql = "SELECT 'id' FROM 'users' WHERE 'username'='".$user."'LIMIT 0,1";
$res = mysql_query($sql) or die (mysql_error());
if (mysql_num_rows($res) > 0){
$sql2 = "SELECT 'id' FROM 'users' WHERE 'username'='".$user."' AND 'password'='".md5($pass)."'";
$res2 = mysql_query($sql2) or die (mysql_error());
if(mysql_num_rows($res2) > 0){
$row = mysql_fetch_assoc($res2);
$_SESSION['uid'] = $row['id'];
echo "You have successfully logged in as " . $user . "<br><br><a href=\"/.index.php\">Proceed to the Forum Index</a>\n";
}else{
echo "Your Username and Password do not match!\n";
}
}else{
echo "The username you provided does not exist!\n";
}
}else{
echo "You must enter a valid username and password!\n";
}
}
}
?>
