0

I am trying to make login form using PHP and Mysql, my code is

main_login.html

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1"   
      bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>


</td>
</form>
</tr>
</table>

checklogin.php

<?php
$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="members"; // Table name 


 // Connect to server and select databse.
 mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
 mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
//session_register('myusername');
$_SESSION['myusername'] = $myusername;
//session_register('mypassword'); 
$_SESSION['mypassword'] = $mypassword;
header("location:login_success.php");
} 
else {
echo "Wrong Username or Password";
}
?>

loginsucces.php 

 <?php

 session_start();
 $myusername='';

  if(isset($_SESSION[$myusername])){


  header("location:main_login.html");
  }
  ?>

  <html>
  <body>
  Login Successful<br>
  welcome <?php echo $_SESSION['myusername']?>
 </body>
 </html>

now on entering login credentials i want to display the welcome'user' but it is giving output as ===>Login Successful welcome 

Notice: Undefined index: username in F:\xampp\htdocs\xampp\seesion\login_success.php on line 16
Mohit
  • 173
  • 2
  • 17

6 Answers6

1

Add

session_start();

in top of checklogin.php

ReNiSh AR
  • 2,680
  • 2
  • 28
  • 42
Leo T Abraham
  • 2,419
  • 4
  • 24
  • 53
0

You need to check if session started or not before using $_SESSION. You can do that in two ways;

1) You can set session.auto_start=1 in your php.ini

2) Create a file called check_session.php with a content;

<?php
if(!isset($_SESSION)) {
   session_start();
}

And include it in the pages that you want to use $_SESSION.

And also, be careful in session index. You are using myusername and username in your implementation. Decide which one is true.

And in your loginsuccess.php;

<?php

if(isset($_SESSION['myusername'])){
    header("Location:main_login.html");
}
?>

<html>
    <body>
    Login Successful<br>
    welcome <?php echo $_SESSION['myusername']?>
    </body>
</html>
Hüseyin BABAL
  • 15,214
  • 4
  • 50
  • 72
  • that was a copy paste mistake i corrected that and there is no problem in login activity ,i want to disaply name of user as 'welcome user' – Mohit Apr 24 '14 at 12:19
  • @Mohit See my updated answer and if you have any additional problem I can help – Hüseyin BABAL Apr 24 '14 at 12:24
  • i have tried this but on enetring the user name and password it won't redirect to checklogin.php using (isset($_SESSION[$myusername]) it is redirecting to checklogin.php – Mohit Apr 24 '14 at 13:06
  • Redirecting? You are posting form values there. Could you please explain abit more? – Hüseyin BABAL Apr 24 '14 at 13:07
0
if(isset($_SESSION[$myusername])){

should be

if(isset($_SESSION['myusername'])){

Thanks

cwiggo
  • 2,445
  • 9
  • 41
  • 85
  • my mistake, put a apostrophe outside the bracket, try again? – cwiggo Apr 24 '14 at 12:59
  • on putting a apostrophe outside the bracket getting this error >>Parse error: syntax error, unexpected ''[$myusername]'' (T_CONSTANT_ENCAPSED_STRING), expecting ',' or ')' in F:\xampp\htdocs\xampp\seesion\login_success.php on line 7 – Mohit Apr 24 '14 at 13:29
  • if(isset($_SESSION['myusername'])){ instead – cwiggo Apr 24 '14 at 13:43
  • this the same thing you wrote in the answer that's not working – Mohit Apr 24 '14 at 13:47
0

CHANGE loginsuccess.php To

<?php

session_start();

 if(!isset($_SESSION['myusername'])){ //Login unsuccessful
        header("location:main_login.html");
   }
?>

<html>
<body>
Login Successful<br>
welcome <?php echo $_SESSION['myusername']; ?>
</body>
</html>
Think Different
  • 2,795
  • 1
  • 11
  • 18
0

Shouldn't it be

  <html>
<body>
Login Successful<br>welcome <?php echo $_SESSION['myusername']?>
</body>
</html>

?

0

You have not started session on checklogin.php page and you are using session here..

so start session here before using it..

session_start();
$_SESSION['myusername'] = $myusername;
//session_register('mypassword'); 
$_SESSION['mypassword'] = $mypassword;

It works well for me. also use type="password" in password input field.

shashank
  • 574
  • 2
  • 8
  • 30