Home/ Questions/Q 7799399
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-02T00:17:46+00:00

So, I’m in the process of making an SQL login system, and I figured

  • 0

So, I’m in the process of making an SQL login system, and I figured I’d start out with something simple, like an IF to check the username and password, and then return you to the main index with a greeting in the top-right.
I did all this, and it should be working from what I see, but when I submit the login form the server throws an HTTP Error 500 (Internal Server Error).
I was hoping I could get some help here, as my IRC friend hasn’t been able to find a solution. The login system encompasses 2 files, and their contents are:

index.php:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
    <title>Kinz</title>
    <?php session_start(); ?>
    <link rel="stylesheet" href="stylesheet.css">
    <meta name="description" content="Kinz's personal website." />
    <meta name="keywords" content="kinz,php,login,fruity,css" />
    <meta name="author" content="Kinz" />
    <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
</head>
<body>
    <div id="mainbar">
        <label class="menubar">Home</label>

        <?php if ($_SESSION['loggedin'] == false || isset($_SESSION['loggedin']) == false) { ?>
        <form id="loginform" action="auth.php?login=true" method="POST">
            <input type="submit" class="login" id="login" name="loginSubmit" value="Login">
            <input type="password" class="login" id="password" name="password" value="Password">
            <input type="text" class="login" id="username" name="username" value="Username">
        </form> <?php } elseif ($_SESSION['loggedin'] == true) { ?>
            <label id="loginWelcome">Welcome, <?php echo $_SESSION['user']; ?>!</label> <?php } else { echo "Error."; } ?>
    </div>
    <div id="content">
        Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
    </div>
</body>
</html>

auth.php:

<?php session_start();
$user = preg_replace("/[^a-zA-Z1-9]/", '', $_POST['username']);
$pass = preg_replace("/[^a-zA-Z1-9]/", '', $_POST['password']);
$hpass = md5($pass);

if (isset($_POST['loginSubmit']) && $_GET['login'] == "true") {
    if ($user == "Admin" && $pass == "Password123") {
        $_SESSION['loggedin'] = true;
        $_SESSION['user'] = $user;
        header("Location: index.php"); exit();
    } else {
            print("<h1><b>Login failure.</b></h1>"); sleep(10);
            header("Location: index.php"); exit();
            }

    if (!$_SESSION['loggedin']) {
        header("Location: index.php"); exit();
    } else {
            header("Location: index.php"); exit();
    }
} ?>

I could not find any errors in my code, I’m hoping someone will. Any help is appreciated.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The first thing I’ve noticed is that session_start() is not on the first line of your script.
    session_start() must always be executed before sending any output!

    Also, why this:

    if (!$_SESSION['loggedin']) {
    header("Location: index.php");
    exit();
} else {
    header("Location: index.php");
    exit();
}/* THIS BIT */ else {
    header("Location: index.php");
    exit();
}/* TO HERE */

    You can’t have 2x “else” in 1 if-statement.

    • 0