$_POST can be read but value is not

Question

I input using the form then $_POST, the code look like this

       <form class="form-signin" method="POST" action="">
          <div class="form-label-group">
            <label for="username">User Name</label>
            <input type="text" name="username" class="form-control" placeholder="username" required autofocus>
          </div>

          <div class="form-label-group">
            <label for="password">Password</label>
            <input type="password" name="password" class="form-control" placeholder="Password" required>
          </div>

          <button class="btn btn-primary mt-3" type="submit" name="SubmitLogin">Submit</button>
        </form>

it's just a simple username and password, then I check the username and password using this code

if(isset($_POST["SubmitLogin"])){
$data = $_POST['SubmitLogin'];
var_dump($data);
$username = $data['username'];
$password = $data['password'];
$result = mysqli_query($mysqli, "SELECT COUNT(*) AS Exist FROM user WHERE username = '$username' AND pwd = '$password' ");
$login = mysqli_fetch_array($result);

if($login['Exist'] == 1){
    $_SESSION["Login"] = true;
    header('Location:index.php');
}else{
    echo '<script language="javascript">';
    echo 'alert("Username/Password wrong")';
    echo '</script>';
  } 
}

and unfortunately as written in the code I want to check what is inside $_POST["SubmitLogin"] by containing it in $data variable and it returns "" instead....what could possibly fix this?

[Warning, Warning, Danger Will Robinson, DANGER!](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) — CD001, Nov 27 '19 at 09:38

score 4 · Answer 1 · answered Nov 27 '19 at 09:42

if(isset($_POST["SubmitLogin"])){
    $data = $_POST;
    $username = $data['username'];
    $password = $data['password'];
    $result = mysqli_query($mysqli, "SELECT COUNT(*) AS Exist FROM user WHERE username = '$username' AND pwd = '$password' ");
    $login = mysqli_fetch_array($result);

    if($login['Exist'] == 1){
     $_SESSION["Login"] = true;
        header('Location:index.php');
    }else{
        echo '<script language="javascript">';
        echo 'alert("Username/Password wrong")';
        echo '</script>';
    } 
}

score 4 · Answer 2 · answered Nov 27 '19 at 09:44

4

Try this:

if(isset($_POST["SubmitLogin"])){

    $username = $_POST['username'] ?? ''; // php7
    $password = $_POST['password'] ?? '';// php7
    var_dump($_POST);
}

answered Nov 27 '19 at 09:44

Dmitry

3,457
3
19
33

score 3 · Accepted Answer · answered Nov 27 '19 at 09:39

3

You made mistake here $data = $_POST['SubmitLogin'];

So you can use

$data = $_POST;
$username = $data['username'];
$password = $data['password'];

OR

$username = $_POST['username'];
$password = $_POST['password'];

answered Nov 27 '19 at 09:39

Devsi Odedra

5,071
1
21
33

$_POST can be read but value is not

3 Answers3