Home/ Questions/Q 7714737
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T02:12:22+00:00

I can’t wrap my head around oop just yet, so I’m sticking with procedural

  • 0

I can’t wrap my head around oop just yet, so I’m sticking with procedural coding for now.

Ok, so the registration and auth portion of the scripts work, it’s logging in that pitches a fit and I’m not sure where my error is.

<?php
include ('database_connection.php');
if (isset($_POST['formsubmitted']))
{
  // Initialize a session:
  session_start();
  $error = array();//this aaray will store all error messages
  if (empty($_POST['e-mail'])) 
  {
    //if the email supplied is empty 
    $error[] = 'You forgot to enter  your Email ';
  } 
  else 
  {
    if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['e-mail'])) 
    {
      $Email = $_POST['e-mail'];
    } 
    else 
    {
      $error[] = 'Your EMail Address is invalid  ';
    }
  }
  if (empty($_POST['Password'])) 
  {
    $error[] = 'Please Enter Your Password ';
  } 
  else 
  {
    $Password = $_POST['Password'];
  }
  if (empty($error))//if the array is empty , it means no error found
  { 
    $query_check_credentials = "SELECT * FROM users WHERE (email ='$Email' AND cpassword='$Password') AND code IS NULL";
    $result_check_credentials = mysqli_query($dbc, $query_check_credentials);
    if(!$result_check_credentials)
    {
      //If the QUery Failed 
      echo 'Query Failed ';
    }
    if (@mysqli_num_rows($result_check_credentials) == 1)
    //if Query is successfull A match was made.
    { 
      $_SESSION = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);//Assign the result of this query to SESSION Global Variable
      header("Location: page.php");
    }
    else
    { 
      $msg_error= 'Either Your Account is inactive or Email address /Password is Incorrect';
    }
  }  
  else 
  {
    echo '<div class="errormsgbox"> <ol>';
    foreach ($error as $key => $values) 
    {
      echo '<li>'.$values.'</li>';
    }
    echo '</ol></div>';
  }
  if(isset($msg_error))
  {
    echo '<div class="warning">'.$msg_error.' </div>';
  }
  /// var_dump($error);
  mysqli_close($dbc);
} // End of the main Submit conditional.



?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org /TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login Form</title>





 <style type="text/css">
 body {
font-family:"Lucida Grande", "Lucida Sans Unicode", Verdana, Arial, Helvetica, sans-serif;
font-size:12px;
 }
  .registration_form {
margin:0 auto;
width:500px;
padding:14px;
 }
 label {
width: 10em;
float: left;
margin-right: 0.5em;
display: block
 }
 .submit {
float:right;
 }
 fieldset {
background:#EBF4FB none repeat scroll 0 0;
border:2px solid #B7DDF2;
width: 500px;
 }
 legend {
color: #fff;
background: #80D3E2;
border: 1px solid #781351;
padding: 2px 6px
 }
 .elements {
padding:10px;
 }
p {
border-bottom:1px solid #B7DDF2;
color:#666666;
font-size:11px;
margin-bottom:20px;
padding-bottom:10px;
}
a{
color:#0099FF;
font-weight:bold;
 }

/* Box Style */


.success, .warning, .errormsgbox, .validation {
border: 1px solid;
margin: 0 auto;
padding:10px 5px 10px 60px;
background-repeat: no-repeat;
background-position: 10px center;
 font-weight:bold;
 width:450px;

 }

 .success {

color: #4F8A10;
background-color: #DFF2BF;
background-image:url('images/success.png');
 }
 .warning {

color: #9F6000;
background-color: #FEEFB3;
background-image: url('images/warning.png');
 }
 .errormsgbox {

color: #D8000C;
background-color: #FFBABA;
background-image: url('images/error.png');

 }
 .validation {

color: #D63301;
background-color: #FFCCBA;
background-image: url('images/error.png');
 }



 </style>

  </head>
  <body>


  <form action="login.php" method="post" class="registration_form">
 <fieldset>
 <legend>Login Form  </legend>

  <p>Enter Your username and Password Below  </p>

  <div class="elements">
  <label for="name">Email :</label>
  <input type="text" id="e-mail" name="e-mail" size="25" />
  </div>

  <div class="elements">
  <label for="Password">Password:</label>
  <input type="password" id="Password" name="Password" size="25" />
  </div>
  <div class="submit">
  <input type="hidden" name="formsubmitted" value="TRUE" />
  <input type="submit" value="Login" />
  </div>
  </fieldset>
  </form>
  Go Back to <a href="#">Account Verification on sign up</a>
  </body>
  </html>

I’m not sure if I need to post the sql fields from the db.
I know the member page has this:

<?php
ob_start();
session_start();
if(!isset($_SESSION['Username'])){
     header("Location: login.php");
}


?>

I don’t know where the Username is coming from, nor do I have it in my db. I’ve tried changing it to a field I do have, but no luck.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    First off: You should escape the mysql input. 

    $query_check_credentials = "SELECT * FROM users WHERE (email ='$Email' AND cpassword='$Password') AND code IS NULL";

    should be

    $query_check_credentials = "SELECT * FROM users WHERE (email =".mysqli_real_escape_string($Email)." AND cpassword=".mysqli_real_escape_string($Password).") AND code IS NULL";

    Secondly, I’m pretty sure you shouldn’t do 

    $_SESSION = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);

    But rather something like

    $_SESSION['userdata'] = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);

    The $_SESSION[‘Username’] could be from some earlier code that did set it.

    • 0