Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    Regular Coder
    Join Date
    Apr 2006
    Posts
    111
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Need help, login just redirects to host homepage

    I am unsure what happens in the code. Maybe one of you can see what's wrong with it?

    Code:
    <?php
    
    if (isset($_POST['submitted'])) {
    
    	$user = $_POST['userlog'];
    	$pass = $_POST['passlog'];
    
    	$abc = mysqli_connect('mysql16.***************','a2527189_main2','fusiongtxo0');
    
    	mysqli_select_db($abc, 'a2527189_main2');
    
    	$query = mysqli_query($abc, "SELECT * FROM MEMBERS WHERE USERNAME ='" . $user . "'") or die ("User does not exist!");
    
    	$query2 = mysqli_num_rows($query);
    
    		if ($query2 == 0) {
    
    				echo "Username does not exist";
    
    				echo "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"POST\">
    
    					<input type=\"username\" size=\"18\" value=\"username\" id=\"userlog\" name=\"userlog\" />
    					<input type=\"password\" size=\"18\" value=\"password\" id=\"passlog\" name=\"passlog\" />
    					<input type=\"submit\" value=\"Submit\" id=\"submitted\" />
    
    				     </form>";
    
    		}
    
    		else {
    
    			while($row = mysqli_fetch_array($query, MYSQLI_ASSOC)) {
    
    			if ($user == $row['USERNAME'] && $pass == $row['PASSWORD']) {
    
    				echo "Welcome: " . $user . "";
    				setcookie('user',$user,time()+3600);
    				setcookie('pass',$pass,time()+3600);
    
    
    
    			}
    
    			else {
    
    				echo "Username or Password does not exist";
    
    				echo "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"POST\">
    
    					<input type=\"username\" size=\"18\" value=\"username\" id=\"userlog\" name=\"userlog\" />
    					<input type=\"password\" size=\"18\" value=\"password\" id=\"passlog\" name=\"passlog\" />
    					<input type=\"submit\" value=\"Submit\" id=\"submitted\" />
    
    				     </form>";
    			}
    		}
    	}
    }
    
    else {
    
    ?>
    
    <form action="{$_SERVER['PHP_SELF']}" method="POST">
    
    <input type="username" size="18" value="username" id="userlog" name="userlog" />
    <input type="password" size="18" value="password" id="passlog" name="passlog"  />
    <input type="submit" value="Submit" id="submitted" />
    
    </form>
    
    <?php
    
    }
    
    ?>

  • #2
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,341
    Thanks
    60
    Thanked 527 Times in 514 Posts
    Blog Entries
    4
    Code:
    <form action="{$_SERVER['PHP_SELF']}" method="POST">

    Try printing / echo'ing that in php for a start..

    PHP Code:
    <form action="<? print $_SERVER['PHP_SELF']; ?>" method="POST">
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  • #3
    Regular Coder
    Join Date
    Apr 2005
    Location
    Ohio
    Posts
    254
    Thanks
    1
    Thanked 63 Times in 63 Posts
    Quoted from http://php.net/manual/en/reserved.variables.php by "Typer85 at gmail dot com"
    Note the manual entry for PHP_SELF states the following:

    "The filename of the currently executing script, relative to the document root. For instance, $_SERVER['PHP_SELF'] in a script at the address http://example.com/test.php/foo.bar would be /test.php/foo.bar."

    However I did some vigorous testing on three different machines and this note is not always true. The results are given below:

    Given a URL of http://www.example.com/Info.php/Page/Home

    Apache 2.2.4/Win32/PHP 5.2.2/Apache 2.0 Handler
    ----> PHP_SELF = Info.php/Page/Home

    Apache 1.3.37/Unix/PHP 5.2.2/CGI
    ----> PHP_SELF = Info.php

    Apache 1.3.33/Unix/5.1.4/FastCGI
    ----> PHP_SELF = Info.php

    To be completely honest, I am not sure why this is the case; perhaps there is a setting in Apache to modify this option, but in either case take careful consideration of this note.
    Seems like you fall in the last 2 categories. If that's the case, replace $_SERVER['PHP_SELF'] in your code with an absolute path.

    Also, pls look into securing your code.

  • #4
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,341
    Thanks
    60
    Thanked 527 Times in 514 Posts
    Blog Entries
    4
    Also please don't show us your mysql connection user and password as you have above - just leave those blank or put something like <username> <password> in their place.

    Next:
    PHP Code:
    //PHP.net manual doesn't appear to have this function - use mysql_select_db() instead or see:
    //http://uk.php.net/manual/en/mysqli.select-db.php
    mysqli_select_db($abc'a2527189_main2');

    //Secondly, $abc is passed as an optional 2nd parameter:
    mysql_select_db('a2527189_main2'$abc); 
    Even more:
    PHP Code:
    //Again, unable to find mysqli_query on php.net - use mysql_query() instead or see:
    //http://uk.php.net/manual/en/mysqli.query.php
    $query mysqli_query($abc"SELECT * FROM MEMBERS WHERE USERNAME ='" $user "'") or die ("User does not exist!");

    //Note we don't need the mysql resource parameter - You can use it but not needed
    $query mysql_query("SELECT * FROM MEMBERS WHERE USERNAME ='" $user "'") or die ("User does not exist!"); 
    Next up: Queries

    A Query is the actual SQL string: select from <table> where ..
    PHP Code:
    //This is a result so call it a $Result not a $query - otherwise you'll get confused
    $query mysqli_query($abc"SEL");

    //Same again - this isn't a query it's a returned result
    $query2 mysqli_num_rows($query); 
    The reason i say about the name of queries is that quite easy to use another variable inside a loop called $query and then overwrite the $query variable that the loop was working from - EG:

    PHP Code:
    while ($row mysql_fetch_array($query))
    {
    //Do lots of stuff here and then..
     
    $query "select * from somewhere_else";
     
    $query mysql_query($query); //Hang, we've just broken our loop

    Finally mysqli is in the format of an object so you need to create and use like this:
    PHP Code:
    $mysqli = new mysqli("localhost""my_user""my_password""test");

    /* check connection */
    if (mysqli_connect_errno()) {
        
    printf("Connect failed: %s\n"mysqli_connect_error());
        exit();
    }

    /* return name of current default database */
    if ($result $mysqli->query("SELECT DATABASE()")) {
        
    $row $result->fetch_row();
        
    printf("Default database is %s.\n"$row[0]);
        
    $result->close();

    Last edited by tangoforce; 05-27-2011 at 10:25 PM.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  • #5
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,341
    Thanks
    60
    Thanked 527 Times in 514 Posts
    Blog Entries
    4
    Quote Originally Posted by shadowmaniac View Post
    Seems like you fall in the last 2 categories. If that's the case, replace $_SERVER['PHP_SELF'] in your code with an absolute path.
    No it just wasn't in <? ?> tags and had no print / echo statement.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •