Login Pages

KeyIDentity

Alright, so when i fhit submit on my login page I'm getting a parse error on line 9 of my checklogin.php file... here it is. Any idea I just can't see what to change or add.

<?php
$host = "localhost";
$username = "root";
$password = "";
$db_name = "register";
$tbl_name = "users";

mysql_connect ($host, $username, $password) or die(can't connect);
mysql_select_db ($db_register) or die(can't find DB);

$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];

$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result = mysql_query($sql);

$count = mysql_num_row ($result);

if($count==1) {
	session_register("myusername");
	session_register("mypassword");
	header("location:login_success.php");
	}
	else {
		echo "Wrong username or password";
		}
	?>

sneakyimp

KeyIdentity, you need to start finding your own syntax errors. This is a fundamental skill and if you don't know how, you shouldn't be writing PHP.

KeyIDentity

So a parse error is a syntax error? I just started writting in PHP maybe a week ago... Now you have confused me a bit, my parse error is actually a syntax error?

KeyIDentity

I thought it says syntax error if that's what it is? I do know how to look for those, but I can't find any in that script... I am posting stuff in the newbie section because I AM COMPLETELY NEW AT PHP HTML ALL OF IT>.... I thought that's what this forum section was for?

sneakyimp

Yep. A parse error is a syntax error. And you neglected to tell us what line it's on or what it said.

I understand that you are new to PHP because all of your posts are the most basic questions -- all of them involving syntax errors. You're basically asking the same question over and over again only with different files and different code.

Maybe you should read this:
About PHP Strings: http://www.php.net/manual/en/language.types.string.php

KeyIDentity

ugh... the sad thing is I do have an understanding of what a syntax error is (missing a";" to end a statement? for example if you could define further i would appreciate that!) I have been jumping from tut to tut because I don't understand how I can follow the tutorial letter for letter line for line and they get no errors and I do... I literally makes no sense to me and makes it hard to find errors when you are referencing someone else's script and it's EXACTLY the same and theirs works FINE..... I am literally teaching myself through tuts and it's NOT EASY LOL I have read through weschools ect... But this stuff needs clarification and this site has been extremly helpful! I have a reg form done and working great... Trying to get the login form now... Have a look at this script im getting 3 errors:

Notice: Undefined index: user in C:\wamp\www\REGDB\login.php on line 13

Notice: Undefined index: password in C:\wamp\www\REGDB\login.php on line 14

Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\wamp\www\REGDB\login.php on line 22
Login Successful

<?php session_start(); ?>
<html>
<head />
<body>
<form action=login.php method=POST>
KeyIDentity: <input type=text name='user'>
Password: <input type=password name='password'>
<input type=submit value='Login'>
</form>

<?php

$user=$_POST['user'];
$password=$_POST['password'];


if(!isset($_POST['submit'])){
	$con=mysql_connect("localhost", "root", "");
	mysql_select_db("register");

	$get=mysql_query("SELECT * FROM users WHERE user='$user' and password='$password'");
	$result=mysql_result($get,0);

	mysql_close($con);

	if($result!=0) echo "Login Failed";
	else{
		echo "Login Successful";
		$_SESSION['user']=$user;
	};
};	

?>
</body>
</html>

I just can't figure out undefined index's meaning lol pathetic I KNOW! And expecting parameters to WHAT THE EFFF?! ugh... HELP! Explanation of why it says that how to fix it and what to look for would be REALLY helpful!

sneakyimp

None of those 3 items are parse errors.

"Undefined Index" in your case is a NOTICE. PHP has a few types of errors: ERROR, WARNING, NOTICE.

Most of the time a NOTICE doesn't mean a whole lot. It's a friendly recommendation which in this case says you are trying to access part of an array that has not yet been defined:

    $user=$_POST['user'];

If a user visits the page and hasn't clicked "submit" yet then $POST['user'] will not be defined. Nor will $POST['password']. You might want to put those two lines in the section of your code that runs which someone actually clicks the submit button.

Or you could check first to see if they are defined with [man]isset[/man].

Still another possibility is that you could tell PHP to shut the hell up about these NOTICEs. It's generally not a good idea to ignore notices -- and especially warnings. However, it probably wouldn't hurt in this case. You can use the [man]error_reporting[/man] command to change the error reporting level.

The warning you get mysql_result is because your query didn't work. You need to be checking your mysql_X actions to see if they work.

for instance instead of this:

      $con=mysql_connect("localhost", "root", "");

You should check to see if it works before you try to do any other stuff with the db:

      $con=mysql_connect("localhost", "root", ""); 
      if (!$con) die('$con is false.  The database connect failed');

Read the documentation on [man]mysql_connect[/man] for more information and example code. The PHP documentation is really good and really informative. Get to know the code you are using. The tutorials will only take you so far.

KeyIDentity

Still working on my login page have a couple notices which I will don't know how to get rid of but I'm not concerned. if u feel u can help, here they are:

Notice: Undefined variable: SESSION in C:\wamp\www\REGDB\login.php on line 7

Notice: Undefined variable: POST in C:\wamp\www\REGDB\login.php on line 11

My concern is, I am not getting any of my error checking echo's displaying when i dont put in a password for example, or put in an incorrect username... or tell me i have been logged in when i use the correct info...Please have a look and let me know if you can tell why that is...

<?php
session_start();
include "./global.php";

echo "<title>KeyIDentity - Login Page</title>\n";

if($SESSION['uid']) {
	echo "You are already logged in, if you would like to logout, please(a href=\"./logout.php\">CLICK HERE</a>!\n";
}else{	

if(!$POST['submit']) {
	echo "<table border=\"0\" align=\"center\" cellspacing=\"3\" cellpadding=\"3\">\n";
	echo "<form method=\"post\" action=\"./login.php\">\n";
	echo "<tr><td><font color=\"black\" face=\"brownbaglunch\" size=\"5\">KeyIDentity:</font></td><td><input type=\"text\" name=\"username\"></td></tr>\n";
	echo "<tr><td><font color=\"black\" face=\"brownbaglunch\" size=\"5\">Password:</font></td><td><input type=\"password\" name=\"password\"></td></tr>\n";
	echo "<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"Register\"></td></tr>\n";
	echo "</form></table>\n";
}else{
	$user = mss($_POST['username']);
	$pass = $_POST['password'];

		if($user && $pass){
			$sql = "SELECT id FROM `users` WHERE `username`='".$user."'";
			$res = mysql_query($sql) or die(mysql_error());
			if(mysql_num_rows($res) > 0){
				$sql2 = "SELECT id FROM `users` WHERE `username`='".$user."' AND `password`='".md5($pass)."'";
				$res2 = mysql_query($sql2) or die(mysql_error());
				if(mysql_num_rows($res2) > 0){
					$row = mysql_fetch_assoc($res2);
					$_SESSION['uid'] = $row['id'];

					echo "You have successfully logged in as " . $user;
				}else{
					echo "Username and password combination are incorrect!\n";
				}	
			}else{ 
				echo "The username you entered does not exist!\n";
			}
		}else{ 
			echo "You must supply both the username and password field'\n";
		}
}

}

?>

bradgrafelman

$SESSION and $POST don't exist in the above code; perhaps you meant $SESSION and $POST instead?

KeyIDentity

BRAD I think you have replied to lots of my ISHT!!!! HONESTLY< SO GRATEFUL THANK YOU KINDLY....

So now I have it all working without any errors or notices ( I decided to throw (isset) in front of them and it took away my undefined blah bla blah, I don't know what the $(^# isset actually is or does but I do know it seems to eliminate undefined indexs.

So I have clearly moved onto the logout part and I have it working "kinda" it will tell me im logged out and everything but I can't seem to get back to the original login page now, it keps saying you are already logged in, eventhough i have continually logged out lol... can you please have a look at the code and tell me how I can get log out and have the original login screen appear!!!!!!!!!!!

<?php
session_start();
session_destroy();
include "./global.php";

if(!isset($_SESSION['uid'])){

echo "You have been logged out!\n";
}else{
	echo "You must be loged in to logout!\n";
}

?>

Did you need to see global.php? to help me?

Krik

When they log out you will also need remove all data from the $_SESSION super global as that is what your php is looking at to determine if they are logged in.

$_SESSION = array();

KeyIDentity

$_SESSION = array();

If you could tell me how you would write into script I would appreciate that, I don't exactly understand what to do eventhough I understand what you mean... I thought that is what session_destroy(); does?!