Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

PHP

PHP Login

Help! I'm trying to create a login form using PHP so the user can go to an eCommerce site. Below is my code for checking the form, username and password. The second part is part of the form and where it checks if the username/password variables are set. I know the SQL string statements match the table in my DB. So I don't know what the issue is. Anytime I try loging in with a registered username/password it doesn't take me anywhere. Anytime I log in with mismatched username/password...it doesn't take me anywhere either.....I'm so lost..

session_start();
unset($_SESSION['badPass']);
//username and pasword sent from form
$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];
//Connect to server and select database
require_once 'DataBaseConnection.php';
//To protect MySQL injection
$myusername = mysql_fix_string($conn, $myusername);
$mypassword = mysql_fix_string($conn, $mypassword);
//hashed
$Hashed = hash("ripedmd128", $mypassword);

$sql = "SELECT * FROM Library.FandFamily WHERE UserName ='" . $myusername . "' and PassWord='" . $Hashed . "'";
$result = $conn->query($sql);

if(!$result) {
    $message = "Whole query " . $sql;
    echo $message;
    die('Invalid query: ' . mysqli_error());
}
//Mysql num_row is counting row
$count = $result->num_rows;

//If result moethod $myusername and $mypassword, table row must be 1 row
if($count == 1) {
    $_SESSION["something"] = "Yeah stuff";
    $_SESSION['user'] = $myusername;
    $_SESSION['password'] = $mypassword;
    //Register $username, $mypassword and redirect to file "Logn_success.php"
    header("Location: CodeExLoginSuccess.php");
        echo "Welcome";
    //echo"<a href='Catalogue.php'>To Shopping</a>";
} else {
    header("Location: CodeExLoginForm.php");
    $_SESSION['badPass']++;
    echo "Wrong username and password";
}
?>

***And here is the part of the form where it checks if the $_SESSION is set with isset()***

<form name="form1" method="post" action="CodeExLoginCheck.php" >
                <table align = "center" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">

                    <tr>
                        <td colspan="3"><strong>Member Login </strong></td>
                    </tr>
                    <tr>
                        <td width="78">Username</td>
                        <td width="6">:</td>
                        <td width="294"><input name="myusername" type="text" id="myusername" class="error"></td>
                    </tr>
                    <tr>
                        <td>Password</td>
                        <td>:</td>
                        <td><input name="mypassword" type="password" id="mypassword">
                            <?php
                                if(isset($_SESSION['badPass'])) {
                                    echo "<br> Username or password do not match";
                                }
                            ?>

1 Answer

Long Tang
Long Tang
610 Points

Hi,

Please check what $result and $count returned ? set display_errors = On in php.ini for debugging.