[byawad130]

Hey, I kinda need help with my practice site.. i'll post the codes below.. the problem with my codes is that whenever i enter the login page.. it automatically log-ins without having to click the submit button.. any help is appreciated..

Quote:

<?PHP
session_start();
function loginchk()
{

echo '<form name="form1" method="post" action="">';
echo ' <p>&nbsp;</p>';
echo ' <p>';
echo ' <label>';
echo ' <blockquote>';
echo ' <p>Username';
echo ' <input type="text" name="UName" id="UName">';
echo ' </p>';
echo ' </blockquote>';
echo ' </label>';
echo ' </p>';
echo ' <p>';
echo ' <label>';
echo ' <blockquote>';
echo ' <p>Password';
echo ' <input type="password" name="UPass" id="UPass">';
echo ' </p>';
echo ' </blockquote>';
echo ' </label>';
echo ' </p>';
echo ' <label>';
echo ' <blockquote>';
echo ' <blockquote>';
echo ' <blockquote>';
echo ' <p>';
echo ' <input type="submit" name="Submit" id="Submit" value="Submit">';
echo ' </blockquote>';
echo ' </blockquote>';
echo ' </blockquote>';
echo ' </label>';
echo ' </form> ';

$UName = "";
$UPass = "";
$UName = $_POST['UName'];
$UPass = $_POST['UPass'];
$logged = $_SESSION['logged'];
$dbhost = "localhost";
$dbname = "web1db";
$dbuser = "root";
$dbpass = "";

mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());
mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());

$checkPassword = mysql_query("SELECT * FROM accounts WHERE usernameDB = '".$UName."' AND passwordDB = '".$UPass."'")
or die(mysql_error());

if(mysql_num_rows($checkPassword) != 1)
{
echo "User Name and Password Doesn't match!";
$_SESSION['logged'] = false;
exit;

}
else
{

$_SESSION['logged'] = true;
echo "Hi " . $UName . " you have logged-in.";
header ("Location: redirect.php" );
exit;
}

}
?>]

[cerapax]

Short answer... Take the form out of the function!!

for example....

PHP Code:

<?PHP
session_start();

echo '<form name="form1" method="post" action="">';
echo ' <p>&nbsp;</p>';
echo ' <p>';
echo ' <label>';
echo ' <blockquote>';
echo ' <p>Username';
echo ' <input type="text" name="UName" id="UName">';
echo ' </p>';
echo ' </blockquote>';
echo ' </label>';
echo ' </p>';
echo ' <p>';
echo ' <label>';
echo ' <blockquote>';
echo ' <p>Password';
echo ' <input type="password" name="UPass" id="UPass">';
echo ' </p>';
echo ' </blockquote>';
echo ' </label>';
echo ' </p>';
echo ' <label>';
echo ' <blockquote>';
echo ' <blockquote>';
echo ' <blockquote>';
echo ' <p>';
echo ' <input type="submit" name="Submit" id="Submit" value="Submit">';
echo ' </blockquote>';
echo ' </blockquote>';
echo ' </blockquote>';
echo ' </label>';
echo ' </form> ';

function loginchk()
{

$UName = "";
$UPass = "";
$UName = $_POST['UName'];
$UPass = $_POST['UPass'];
$logged = $_SESSION['logged'];
$dbhost = "localhost";
$dbname = "web1db";
$dbuser = "root";
$dbpass = "";

mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());
mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());

$checkPassword = mysql_query("SELECT * FROM accounts WHERE usernameDB = '".$UName."' AND passwordDB = '".$UPass."'")
or die(mysql_error());

if(mysql_num_rows($checkPassword) != 1)
{
echo "User Name and Password Doesn't match!";
$_SESSION['logged'] = false;
exit;

}
else
{

$_SESSION['logged'] = true;
echo "Hi " . $UName . " you have logged-in.";
header ("Location: redirect.php" );
exit;
}

}


?>

But I can see other problems with your script and for someone that's learning, you shore are doing it the long way!

I can give you a much simpler and better tutorial to learn from, if you like!

otherwise checkout W3 schools, they're always good to learn the basics!

I hope I was of some help! Good luck!

[cerapax]

how do I delete something from here??

[byawad130]

Tnx cerapax.. but im actually trying to make the form appear if they are not logged in.. and NOT appear if they are logged in..

currently checking w3schools and would really like to get that tutorial from you.. tnx again

[cerapax]

ok, I've answered your question, but it's gotta wait for approval from a moderator!

[byawad130]

hey cerapax tnx again.. the thing is still not yet solved actually.. i still get the "undefined index" and i am still able to login without the need of typing a username or password..

[job0107]

Hello byawad130,
We don't understand what you mean by "undefined index".
We don't see where you are using any indexing at all.
cerapax is trying to give you some sound programming techniques, and I don't think you understand.
Let's try to simplify this a little bit.

Here is a very simple login form that checks the username and password against values stored in a database.
When login is successful, then redirect to redirect.php.

Sample login form:

PHP Code:

<?php
session_start();
$msg0 = $msg1 = "&nbsp;";
if(!empty($_POST["submit"]))
{
 $username = empty($_POST['username']) ? "" : $_POST['username'];
 $password = empty($_POST['password']) ? "" : $_POST['password'];
 if(!$username){$msg0 = "<span style='color:#f00;'>Enter a username.</span>";}
 if(!$password){$msg1 = "<span style='color:#f00;'>Enter a password.</span>";}
 if($username && $password)
 {
  $connect = mysql_connect("localhost","root","") or die ("Couldn't connect!");
  mysql_select_db("phplogin") or die ("couldn't find db");
  $query = mysql_query("SELECT * FROM users WHERE username='$username' AND password ='$password'");
  while($row = mysql_fetch_assoc($query))
  {
   $dbusername = $row ['username'];
   $dbpassword = $row ['password'];
   }
  if ($username==$dbusername && $password==$dbpassword)
  {
   $_SESSION['username']=$username;
   header("Location:redirect.php" );
   }
  else{$msg0 = "<span style='color:#f00;'>That user doesn't exist!</span>";}
  }
 }
?>
<html>
<head>
</head>
<body>
<div style="width:390px;border:1px solid #000;">
<form action='#' method='POST'>
<table cellpadding=5 width=388>
<tr><td colspan=2 align=center style="font-size:20px;font-weight:bold;">Enter username and password</td></tr>
<tr><td width=60%>Username: <input type='text' name='username' value="<?php echo $username; ?>"></td><td><?php echo $msg0; ?></td></tr>
<tr><td>Password: <input type='password' name='password' value="<?php echo $password; ?>"></td><td><?php echo $msg1; ?></td></tr>
<tr><td colspan=2 align=center><input type='submit' name='submit' value='Submit'></td></tr>
<tr><td colspan=2><a href="register.php">Register?</a></td></tr>
</table>
</form>
</div>
</body>
</html>

Sample redirect.php:

PHP Code:

<?php
session_start();
echo "Hi <span style='color:#00f;'><u>".$_SESSION['username']."</u></span> you have logged-in.";
?>

[byawad130]

alright then.. i think that will be all..

tnx everyone.. D