Alex Costy Alex Costy - 4 months ago 14
SQL Question

Login & Register System

I have a little problem with my Login & Register System but I don't know where the problem is. When I press "Login" or "Register", the next page is white. I see only my message: "Try again!". I made 3 PHP files:

1) index.php



<!DOCTYPE html>
<html>
<head>
</head>
<body>
<form action="logreg.php" metodh="post" accept-charset="utf-8">
<label>Username:</label><input type="text" name="username" placeholder="Username">
<br>
<label>Password:</label><input type="password" name="password" placeholder="Password">
<br>
<input type="submit" name="login" value="Login">
<input type="submit" name="register" value="Register">
</form>

</body>
</html>





I think the problem is in the next file:

2) logreg.php



<?php

$servername = "localhost";
$username = "alex";
$password = "calamar28";
$database = "register/login";

$conn = mysqli_connect($servername, $username, $password, $database );

if(!$conn){
die("Connection failde:".mysqli_connect_error());
}

if(isset($_POST["login"])) {
$user = $_POST['username'];
$pass = $_POST['password'];

$sql = "SELECT * FROM users WHERE username='$user' AND password='$pass';";

$result = mysqli_query($conn, $sql);
$count = mysqli_num_rows($result);

if ($count == 1)
{
header("Location: personal.php");
}
else
{
echo "Username or password is incorrect!";
}

}
else if(isset($_POST["register"])) {
$user = $_POST['username'];
$pass = $_POST['password'];

$sql = "INSERT INTO users (id, username, password) VALUES ('', '$user', '$pass')";

$result = mysqli_query($conn, $sql);
}
else
{
echo "Try again!";
}
?>





3) personal.php



<?php

if(isset($_POST["login"])){
echo "Welcome to you personal area !";
echo '<a href = "proiect4.php">Your proiect</a>';
}
else
{
echo "You are not logged in!";
}
?>




Answer

You will also need to set some session variables to carry through onto the personal.php page... This will help determine if the user has logged in successfully or not as the original posted data won't be transferred through when you redirect to this page... You'll want your logreg.php to be the following:

<?php
if (!isset($_SESSION)) {session_start();}    

$servername = "localhost";
$username = "alex";
$password = "calamar28";
$database = "register/login";

$conn = mysqli_connect($servername, $username, $password, $database );

if(!$conn){
	die("Connection failde:".mysqli_connect_error());
}

if(isset($_POST["login"])) {
	$user = $_POST['username'];
	$pass = $_POST['password'];
	 
	$sql = "SELECT * FROM users WHERE username='$user' AND password='$pass';";
	 
	$result = mysqli_query($conn, $sql);
	$count = mysqli_num_rows($result);
	
	if ($count == 1)
	{
                $_SESSION['loggedIn'] = 1;
		header("Location: personal.php");
	}
	else
	{
		echo "Username or password is incorrect!";
	}
	
}
else if(isset($_POST["register"])) {
	$user = $_POST['username'];
	$pass = $_POST['password'];
	 
	$sql = "INSERT INTO users (id, username, password) VALUES ('', '$user', '$pass')";
	 
	$result = mysqli_query($conn, $sql);
}
else
{
	echo "Try again!";
}	
?>

And then your personal.php page will change to the following:

<?php
if (!isset($_SESSION)) {session_start();} 

if(isset($_SESSION["loggedIn"]) && ($_SESSION["loggedIn"] == 1) ){
	echo "Welcome to you personal area !";
	echo '<a href = "proiect4.php">Your proiect</a>';
}
else
{
	echo "You are not logged in!";
}
?>