1

I've been trying, to make a login page where I simply, login and log out. I Always seem to get errors. This time, i used a script and I'm getting a error on line's 15 and line's 16, and it keeps saying "Notice: Undefined index: $myusername in C:\xampp\htdocs\phpstuff\main_login.php on line 15

Notice: Undefined index: $mypassword in C:\xampp\htdocs\phpstuff\main_login.php on line 16 Wrong Username or Password" When i haven't even put my password or username in. I'm new to this, so if you could help me out that would be great. Here's all my code.

main_login.php:

<?php

ob_start();
$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password=""; // Mysql password 
$db_name="lordhelpme"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

 // Define $myusername and $mypassword 
 $myusername=$_POST['myusername']; 
 $mypassword=$_POST['mypassword']; 
 // To protect MySQL injection (more detail about MySQL injection)
 $myusername = stripslashes($myusername);
 $mypassword = stripslashes($mypassword);
 $myusername = mysql_real_escape_string($myusername);
 $mypassword = mysql_real_escape_string($mypassword);
 $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
 $result=mysql_query($sql);

 // Mysql_num_row is counting table row
  $count=mysql_num_rows($result);

  // If result matched $myusername and $mypassword, table row must be 1 row
 if($count==1){

  // Register $myusername, $mypassword and redirect to file "login_success.php"
  session_register("myusername");
  session_register("mypassword"); 
  header("location:login_success.php");
  }
  else {
  echo "Wrong Username or Password";
  }
  ob_end_flush();
  ?>

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>

<body>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1"     bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr> 
</table>
</td>
</form>
</tr>
</table>
</body>
</html>
Marc Delisle
  • 8,760
  • 3
  • 27
  • 29
user3151950
  • 11
  • 1
  • 4

4 Answers4

1

Remove the $ symbol:

$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];

http://www.php.net/manual/en/reserved.variables.post.php

Also, you don't need quotes here:

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

You are using variables, not literals.

MillaresRoo
  • 3,717
  • 1
  • 31
  • 36
  • Notice: Undefined index: myusername in C:\xampp\htdocs\phpstuff\main_login.php on line 15 Notice: Undefined index: mypassword in C:\xampp\htdocs\phpstuff\main_login.php on line 16 Wrong Username or Password – user3151950 Jan 01 '14 at 21:26
  • Wait a minute. Your form action is `action="checklogin.php"` and your code is from main_login.php? – MillaresRoo Jan 01 '14 at 21:31
  • I added, "if(isset($_POST['myusername'])){" and it works, but i typed in random letters and it logs me in kind of, but when i hit submit it gives me this error.. Object not found! The requested URL was not found on this server. The link on the referring page seems to be wrong or outdated. Please inform the author of that page about the error. If you think this is a server error, please contact the webmaster. Error 404 localhost Apache/2.4.7 (Win32) OpenSSL/0.9.8y PHP/5.4.22 – user3151950 Jan 01 '14 at 21:35
  • 1
    Check your form action. It seems that you are sending it to one url and expecting results in other. Only for checking if isset it doesn't works. Simply doesn't crashes! – MillaresRoo Jan 01 '14 at 21:40
  • i added the checklogin.php into everthing, and i typed the real username and password in, and i got this error Fatal error: Call to undefined function session_register() in C:\xampp\htdocs\phpstuff\checklogin.php on line 33 – user3151950 Jan 01 '14 at 21:44
  • 1
    Again we must go to the documentation: This function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0. http://php.net/manual/en/function.session-register.php Check your php version. – MillaresRoo Jan 01 '14 at 21:45
  • my version is Version 5.4.22 – user3151950 Jan 01 '14 at 21:53
  • @user3151950: So what shall we conclude this means? – Lightness Races in Orbit Jan 02 '14 at 01:36
  • Instead os session_register, you may use: `$_SESSION['myusername']=$myusername;` `$_SESSION['mypassword']=$mypassword;` – MillaresRoo Jan 02 '14 at 09:08
0

Change 

$myusername=$_POST['$myusername']; 
$mypassword=$_POST['$mypassword']; 

to 

$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];
Abhik Chakraborty
  • 43,914
  • 5
  • 48
  • 61
0

In addition to changing your POST values - 

$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];

you need to put your php code in an if() so it is only executed if your login form is submitted, as $_POST['myusername'] & $_POST['mypassword'] are not set on initial page load -

<?php

if(isset($_POST['myusername'])){

ob_start();

... // truncated rest of your code

 // Define $myusername and $mypassword 
 $myusername=$_POST['myusername']; 
 $mypassword=$_POST['mypassword']; 



... // truncated rest of your code


  ob_end_flush();

 }
 ?>

in this case use an isset() to test if your form post values are set.

edit

also, change your form action to "" to have the form post to itself -> <form name="form1" method="post" action="">

Sean
  • 12,439
  • 3
  • 27
  • 46
  • oh my god, it works thank you. so when i type my username and password in it gives me this..Object not found! The requested URL was not found on this server. The link on the referring page seems to be wrong or outdated. Please inform the author of that page about the error. If you think this is a server error, please contact the webmaster. Error 404 localhost Apache/2.4.7 (Win32) OpenSSL/0.9.8y PHP/5.4.22 but i think it's because of this other file called login_success.php want me to add that so you can see it? – user3151950 Jan 01 '14 at 21:30
  • You are posting your form to `checklogin.php`. As your login script is on the same page, just set your form action to `""`, so it posts to itself -> `
    `
     – Sean Jan 01 '14 at 21:33
  • http://www.phpeasystep.com/phptu/6.html this is where i got the script from, also, I Don't see checklogin.php anywhere. – user3151950 Jan 01 '14 at 21:40
  • That tutorial has the php code on `checklogin.php` and the login form on `main_login.php`. You put both on `main_login.php`. You need to either split the code into 2 files like they do, or change your form action as I showed. – Sean Jan 01 '14 at 21:42
  • ok i added that checklogin.php into my coding and i typed the right password and username and i got this error Fatal error: Call to undefined function session_register() in C:\xampp\htdocs\phpstuff\checklogin.php on line 33 – user3151950 Jan 01 '14 at 21:43
  • What is your php version? if >= 5.4 use `$_SESSION['myusername']="";$_SESSION['mypassword']="";`. see http://stackoverflow.com/a/16082472/689579 && http://www.php.net/manual/en/function.session-register.php – Sean Jan 01 '14 at 21:46
  • 5.4.22 thats my version – user3151950 Jan 01 '14 at 21:50
  • Also i added it in and it gives me this error Fatal error: Call to undefined function session_register() in C:\xampp\htdocs\phpstuff\checklogin.php on line 33 – user3151950 Jan 01 '14 at 21:52
  • So you will want to replace `session_register("myusername"); session_register("mypassword");` with `$_SESSION['myusername']="";$_SESSION['mypassword']="";` as `session_register()` was removed from php > 5.3 – Sean Jan 01 '14 at 21:54
  • now im getting this. // Check if session is not registered, redirect back to main page. // Put this code in first line of web page. Fatal error: Call to undefined function session_is_registered() in C:\xampp\htdocs\phpstuff\login_success.php on line 5 – user3151950 Jan 01 '14 at 21:58
  • heres the coding for that , // Check if session is not registered, redirect back to main page. // Put this code in first line of web page. Untitled Document your in! – user3151950 Jan 01 '14 at 21:58
  • `session_is_registered()` was also removed in php v5.4 http://www.php.net/manual/en/function.session-is-registered.php Change to `if(!isset($_SESSION['myusername'])){...` – Sean Jan 01 '14 at 22:06
  • i got no errors! yay finally. but when i put the correct username and password, nothing happens,it just refers me back to the login page i was already on. but when i type in a random username and password it gives a wrong username or password . which is good. but how would i make it where it takes me in? – user3151950 Jan 01 '14 at 22:12
0

Isn't this form posting to itself? Then 

<form name="form1" method="post" action="checklogin.php">

should be 

<form name="form1" method="post" action="main_login.php">
or
<form name="form1" method="post" action="<?php echo(htmlentities($_SERVER['PHP_SELF'])); ?>">

However when the page starts, put your php code inside this if statement:

if($_POST)
{...}

e.g. 

if($_POST)
{
ob_start();
$host="localhost";.............
}

Since at this point in time the page hasn't yet posted from the form. In other words, at this point in time, $_POST['myusername'] is undefined, it doesn't exist. Posting all below:

<?php

if($_POST)
{
    ob_start();
    $host="localhost"; // Host name 
    $username="root"; // Mysql username 
    $password=""; // Mysql password 
    $db_name="lordhelpme"; // Database name 
    $tbl_name="members"; // Table name 

    // Connect to server and select databse.
    mysql_connect($host, $username, $password)or die("cannot connect"); 
    mysql_select_db($db_name)or die("cannot select DB");

     // Define $myusername and $mypassword 
     $myusername=$_POST['myusername']; 
     $mypassword=$_POST['mypassword']; 
     // To protect MySQL injection (more detail about MySQL injection)
     $myusername = stripslashes($myusername);
     $mypassword = stripslashes($mypassword);
     $myusername = mysql_real_escape_string($myusername);
     $mypassword = mysql_real_escape_string($mypassword);
     $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
     $result=mysql_query($sql);

     // Mysql_num_row is counting table row
      $count=mysql_num_rows($result);

      // If result matched $myusername and $mypassword, table row must be 1 row
     if($count==1){

      // Register $myusername, $mypassword and redirect to file "login_success.php"
      session_register("myusername");
      session_register("mypassword"); 
      header("location:login_success.php");
      }
      else {
      echo "Wrong Username or Password";
      }
      ob_end_flush();
      ?>

}

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>

<body>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1"     bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="main_login.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr> 
</table>
</td>
</form>
</tr>
</table>
</body>
</html>
D. Rattansingh
  • 1,297
  • 3
  • 16
  • 28