Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5

Thread: php login help

  1. #1
    New Coder
    Join Date
    Apr 2013
    Posts
    11
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Unhappy php login help

    hy to every one!
    iam new in php programming, i have faced an hidden error in my php user login form...
    Code:
    <?php
    $user=$_POST["username"];
    $pass=$_POST["password"];
    $con=mysql_connect("localhost","root","");
    if(mysql_error())
    { 
      echo "Failed to connect to MySQL: " .mysql_error();
      
    }
    $sql="INSERT INTO users(Username,Password) VALUES ('$user','$pass')";
    mysql_select_db('login');
    if(!mysql_query($sql,$con))
        {
            die('Error:'.mysql_error());
        }
      if(empty($user)&&empty($pass))
        {
            
            echo "must fill both field";
            header('location:index.html');
        }
        if($user==null&$pass!=null)
        {
            header('location:index.html');
            echo "must fill both field";
        }
        if($user!=null&$pass==null)
        {
            header('location:index.html');
            echo "must fill both field";
        }
        else
        {
            echo "1 row is affected";
        }
        if(filter_has_var(INPUT_GET,"$user"))
        {
            echo "user already exists";
            header('location:index.html');
        }
        else
        {
            echo "sussessfully login";
        }
        
        mysql_close($con);
    ?>
    when i run the above code it save the data in data base either the user and password field is empty.
    i tried the is_Null, Empty(), and the isset(). but it does not work...
    plz some one solve it....
    Thank's in Advance...

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    Well, all of your validation is occurring after your query. That should all be before it:
    PHP Code:
    if (isset($_POST['username'], $_POST['password']))
    {
        
    $user trim($_POST['username']);
        
    $pass trim($_POST['password']);
        if (!empty(
    $user) && !empty($pass))
        {
            
    $sql="INSERT INTO users(Username,Password) VALUES ('$user','$pass')";
            if (
    mysql_query($sql))
            {
                
    printf('%d records inserted'mysql_affected_rows());
            }
            else
            {
                
    printf("An error has occurred (%d): %s"mysql_errno(), mysql_error());
            }
        }
        else
        {
            print(
    "Username and password cannot be empty.");
            
    header("Location: http://yoursite.com/index.html");
        }
    }
    else
    {
        print(
    "You must fill in the form");
        
    header("Location: http://yoursite.com/index.html");

    This code hasn't been secured either. You'll want to look into SQL Injection prevention or use prepared statements with PDO or MySQLi. Since the mysql library will disappear sooner than later, you may as well switch now and use a prepared statement for the bind.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • Users who have thanked Fou-Lu for this post:

    msz900 (04-15-2013)

  • #3
    New Coder
    Join Date
    Apr 2013
    Posts
    11
    Thanks
    4
    Thanked 0 Times in 0 Posts
    thank's for this useful post...
    by the way what about the id in my data base...
    mean's i make a user ID primary key and auto increment it..
    the problem is that when i remove the data from database it will not remove the id number index...
    and when i inserted a new record it will start the Id from where i last remove it...??
    what can i do..

  • #4
    Regular Coder
    Join Date
    Sep 2011
    Posts
    213
    Thanks
    15
    Thanked 5 Times in 5 Posts
    This is how the auto increment is supposed to work. Removing a row from the table won't open that ID back up to use again, even if it was the last one taken. The only ways to reset or change the value is to open the table operations tab and either empty the table (reset) or change the auto increment value to the next ID it should use on an insert.

  • Users who have thanked Dubz for this post:

    msz900 (04-17-2013)

  • #5
    Master Coder mlseim's Avatar
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,389
    Thanks
    8
    Thanked 1,077 Times in 1,068 Posts
    As Dubz says ... that is by design. And you'll want it that way, especially when hundreds rows are added, edited, and deleted. It avoids a lot of confusion.

  • Users who have thanked mlseim for this post:

    msz900 (04-17-2013)


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •