Home/ Questions/Q 6892933
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T06:35:46+00:00

I have created a login system for my webpage, but when I enter in

  • 0

I have created a login system for my webpage, but when I enter in the username and password, it fails to get past the first stage of the process. Anyone have any ideas on what the problem maybe, I have provided the code below.

if(!$_POST['client_username'] || !$_POST['client_password']) {
                    die('You did not fill in a required field.');
                }



                if (!get_magic_quotes_gpc()) {
                    $_POST['client_username'] = addslashes($_POST['client_username']);
                }

                $qry = "SELECT client_username, client_password FROM client WHERE client_username = '".$_POST['client_username']."'";
                $result = mysql_query($qry);

                if($result) {
                if(mysql_num_rows($result) == 1) {
                       die('That username does not exist in our database.');
                    }
                }


                // check passwords match

                $_POST['client_password'] = stripslashes($_POST['client_password']);
                $info['client_password'] = stripslashes($info['client_password']);
                $_POST['client_password'] = md5($_POST['client_password']);

                if ($_POST['client_password'] != $info['client_password']) {
                    die('Incorrect password, please try again.');
                }

                // if we get here username and password are correct, 
                //register session variables and set last login time.

                $client_last_access = 'now()';

                $qry = "UPDATE client SET client_last_access = '$client_last_access' WHERE client_username = '".$_POST['client_username']."'";
                if(!mysql_query($insert,$con)) {
                die('Error: ' . mysql_error());
                }

                else{

                $_POST['client_username'] = stripslashes($_POST['client_username']);
                $_SESSION['client_username'] = $_POST['client_username'];
                $_SESSION['client_password'] = $_POST['client_password'];


                echo '<script>alert("Welcome Back");</script>';
                echo '<meta http-equiv="Refresh" content="0;URL=pv.php">';
                }

When I fill in the username and password, it dies at the first stage and shows the message:
You did not fill in a required field.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You should use || instead of a simple |.

    I’m in a good mood.
    Here’s your code. It should work.

    <?php

if( empty( $_POST['client_username'] ) || empty( $_POST['client_password'] ) ) {
    die('You did not fill in a required field.');
}

$qry = sprintf( "SELECT client_username, client_password FROM client WHERE client_username = '%s' LIMIT 1", mysql_real_escape_string( $_POST['client_username'] ) );
$result = mysql_query( $qry );

if( $result ) {
    if( mysql_num_rows( $result ) == 0 ) {
        die('That username does not exist in our database.');
    }
}

// where the f**k do you get your info? i added some.
$info = mysql_fetch_assoc( $result );

if( md5( $_POST['client_password'] ) != $info['client_password'] ) {
    die('Incorrect password, please try again.');
}

// if we get here username and password are correct, 
//register session variables and set last login time.
$qry = sprintf( "UPDATE client SET client_last_access = NOW() WHERE client_username = '%s'", $info['client_username'] );
if( !mysql_query( $qry ) ) {
    die('Error: ' . mysql_error() );
} else {
    $_SESSION['client_username'] = $info['client_username'];
    $_SESSION['client_password'] = $info['client_password'];

    echo '<script>alert("Welcome Back");</script>';
    echo '<meta http-equiv="Refresh" content="0;URL=pv.php">';
}
    • 0