my login.php did not select from mysql

  You are currently not logged in. You can view the forums, but cannot post messages. Log In | Register

17-Feb-17 08:55
Hi am new to php and am facing some difficulty concerning the login.php. My register.php is inserting to the database but when i try to select it so i can login it keeps showing me the errmsg. These are the codes.


<?php
ob_start();
session_start();
require_once 'dbconnect.php';

// it will never let you open index(login) page if session is set
if ( isset($_SESSION['user'])!="" ) {
header("Location: home.php");
exit;
}

$error = false;

if( isset($_POST['btn-login']) ) {

// prevent sql injections/ clear user invalid inputs
$userlogin = trim($_POST['userlogin']);
$userlogin = strip_tags($userlogin);
$userlogin = htmlspecialchars($userlogin);

$pass = trim($_POST['pass']);
$pass = strip_tags($pass);
$pass = htmlspecialchars($pass);
// prevent sql injections / clear user invalid inputs

if(empty($userlogin)){
$error = true;
$userloginError = "Please enter your loginid.";
}

if(empty($pass)){
$error = true;
$passError = "Please enter your password.";
}

// if there's no error, continue to login
if (!$error) {

$usepassword = hash('sha256', $pass); // password hashing using SHA256

$res=mysql_query("SELECT `id`, `loginid`, `firstname`, `middlename`, `lastname`, `phone`, `email`, `password`, `cpassword`, `answer` FROM icpl WHERE userlogin='$userlogin' AND usepassword='$usepassword'");
$row=mysql_fetch_array($res);
$count = mysql_num_rows($res); // if uname/pass correct it returns must be 1 row




if( $count == 1 && $row['password']==$usepassword && $row['loginid']==$userlogin ) {
$_SESSION['user'] =true;
$_SESSION['user'] = $row['loginid'];





header("Location: home.php");
}


else {
$errMSG = "Incorrect Credentials, Try again...";

}

}

}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Coding Cage - Login & Registration System</title>
<link rel="stylesheet" href="login-registration-php-new/assets/css/bootstrap.min.css" type="text/css" />
<link rel="stylesheet" href="style.css" type="text/css" />
<style type="text/css">
#apDiv1 {
position: absolute;
width: 200px;
height: 115px;
z-index: 1;
left: 236px;
top: 139px;
}
#apDiv2 {
position: absolute;
width: 200px;
height: 115px;
z-index: 1;
left: 501px;
top: -17px;
}
.container #login-form form .col-md-12 .form-group #apDiv2 .form-group h2 {
color: #F00;
}
</style>
</head>
<body>


<div class="container">

<div id="login-form">
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>" autocomplete="off">

<div class="col-md-12">

<div class="form-group">
<div id="apDiv2">
<div class="form-group">
<h2 class="">Sign In.</h2>
</div>
<div class="form-group">
<div class="form-group"><span class="text-danger"><?php echo $passError; ?></span></div>
<span class="text-danger"><?php echo $userloginError; ?></span>
<hr />
<?php
if ( isset($errMSG) ) {

?>
</div>
<div class="form-group">
<div class="alert alert-danger"> <span class="glyphicon glyphicon-info-sign"></span> <?php echo $errMSG; ?></div>
</div>
<?php
}
?>
<div class="form-group">
<div class="input-group"> <span class="input-group-addon"><span class="glyphicon glyphicon-user"></span></span>
<input type="text" name="userlogin" class="form-control" placeholder="Your LoginId" value="<?php
echo $userlogin; ?>" maxlength="40" />
</div>
</div>
<div class="form-group">
<div class="input-group"> <span class="input-group-addon"><span class="glyphicon glyphicon-lock"></span></span>
<input type="password" name="pass" class="form-control" placeholder="Your Password" maxlength="15" />
</div>
</div>
<div class="form-group">
<hr />
</div>
<div class="form-group">
<button type="submit" class="btn btn-block btn-primary" name="btn-login">Sign In</button>
</div>
<div class="form-group">
<hr />
</div>
<div class="form-group"> <a href="../../register.php">Sign Up Here...</a></div>
</div>
<h2 class="">&nbsp;</h2>
</div>
</div>

</form>
</div>

</div>

</body>
</html>
<?php ob_end_flush(); ?>
17-Feb-17 17:31
Print the SQL Query to the stream so you can debug any errors in your string concatenation

--
Chris.
So long, and thanks for all the fish.
http://webmaster-talk.eu/

 
New posts
Old posts

Follow Elated