Home/ Questions/Q 6540089
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T10:56:11+00:00

so I have a simple login page like this: <fieldset> <legend>Verification</legend> <form method=post action=authentication.php>

  • 0

so I have a simple login page like this:

   <fieldset>
    <legend>Verification</legend>
   <form method="post" action="authentication.php">


<?php if($_GET['error']==1){
      echo "<p style=\"float: left; \" class=\"criticMsg\">Username or password are wrong</p>";  
    }
    ?>


 <br /><br /> <br /><br />
 <label style="float: left; margin-top: 15px;" for="username">User</label><input    type="text" name="username"></input><br />
 <label for="password">Password</label><input type="password" name="password"></input>  <br />
  <input type="submit" class="globalBtn" value="Enter"></input>
  </form>

    </fieldset>

then the authenticate.php file is like this:

 include ('functions.php');

if(valid_details($_POST['username'], $_POST['password'])){
header("Location: ../../storage_update.php?message=1");
}else{
header("Location: login.php?error=1");
}

finally the functions.php looks like this

include("../connection.php");


$sql = "SELECT user, pass FROM users";
$back = "There is an error. <a href=\"login.php\">Back</a>";
$result = $conn->query($sql) or die($back);

while($row = $result->fetch_object()){

//validates user input

function valid_details($username, $password){
if(isset($username) && $username == $row->user){
   if(isset($password) && $password == $row->pass){
   return true;}
   }


  };
 }

When I type the correct username and password provided in the database I get the error=1 variable in the url, which is not what I expect on correct credentials. However if I fastly double click the submit button it gets me on the expected page returning message=1 in the url, so that it means the function valid_credentials is works ok, but why does the button react like that? EDIT In the page storage_update.php (the landing page) I have implemented fancybox jquery plugin.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The structure of your code is really odd, if i had my way i would rewrite most of it, anyways, putting that aside. Currently you have your function within a while loop, why you’re looping in the first place is bizarre, you can just do a direct check in the database for the user that you are looking for. See below. 

    include("../connection.php");

function valid_details($username, $password){
    $sql = "SELECT user, pass FROM users";
    $sql .= "WHERE user='".$username."' AND pass='".$password."'"; 
    $back = "There is an error. <a href=\"login.php\">Back</a>";
    $result = $conn->query($sql) or die($back);

    return count( $result ) > 0             
}
    • 0