How to match password username with php mysql with login form

Question

So basically, I am trying to match a username and password that is already in the database but I don't understand the reason why it doesnt redirect to another page when the password and username is correct

Here is my HTML form

<form class="form-inline" method="post" action= "login.php" >

<input type="email" placeholder="Enter email" class="form-control" name="logemail">
<input type="password" placeholder="password" class="form-control" name="logpass">

<button type="submit" class="btn btn-default" id="login" name ="submit1">Log in</button>
</form>

This is my login.php file

<?php



$servername = "localhost";
$username = "root";
$password = "";
$dbname = "registration_form";

if(isset($_POST['submit']))
{
$username = $_POST['logemail'];
$password = $_POST['logpass'];
$con=mysqli_connect("localhost","root","","registration_form");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
$qz = "SELECT * FROM regis where email1='".$username."' and password3='".$password."'" ; 
$qz = str_replace("\'","",$qz); 
$result = mysqli_query($con,$qz);
$row = mysqli_num_rows($result);
if($row == 1)
  {
  echo "successfully logged in";
  }
mysqli_close($con);
}
?>

Answer 1

Edit

you re checking submit in the isset when you should be checking submit1 which is why your code isnt executing at the if block, however my updated answer eliminates that anyway.

end

Updated Answer::

dologin.php

<?php

// here u would move these vars onto a seperate file outside
// the webroot that is readable by the server and "require_once"
// that file.
$dbhost = "localhost";
$dbuser = "mysql_user_name";
// using root is bad only use it for local development but better yet,
//// make a user for the database in question
$password = "password";
$dbname = "registration_form";

// Setup a filter array to sanitize/validate user input.
// look on php.net for more information on filters available
$filters =  [
                'logemail' => ["ARRAY, OF, FILTERS"],
                'logpass' => ["ARRAY, OF, FILTERS"]
            ];

// NEVER NEVER NEVER access $_POST without filtering it.
$posted = filter_var_array(INPUT_POST, $filters, true);

// check our posted array is not empty, even if its submitted it
// could be empty values.
if (!empty($posted)) {

    // I have omitted the $dbname in this procedural example
    // and move it after the error No, this is just to avoid
    // confusion and limit the number of possible things to go wrong.
    $con = mysqli_connect($dbhost, $dbuser, $dbpass);

    $username = $posted['logemail'];
    $password = $posted['logpass'];

    // Check no connection error
    if (!mysqli_connect_errno()) {
        mysqli_select_db($con, $dbname) or die("Database select error" . mysqli_error());
    } else {
        die("Failed to connect to MySQL: " . mysqli_connect_error());
    }

    $qz = "SELECT * FROM regis WHERE email1 = $username AND password3 = $password";


    $result = mysqli_query($con, $qz);
    if ( mysqli_num_rows($result) == 1 ) {

        // initialise the session.
        session_start();

        // add an entry "loggedin" and set it to true.
        $_SESSION['loggedin'] = true;
        header('location :index.php');        
    }
    mysqli_close($con);
}

Now you will need to do your index page.

index.php

<?php

// Start up the session its needed to maintain logins
session_start();

// We don't know that the raw $_SESSION is safe
$session_unsafe = $_SESSION;

// Lets play with some more filtering (php.net)
$session = filter_var($session_unsafe, FILTER_VALIDATE_BOOLEAN);

// add more filtering as required.

// remember the boolean in dologin.php here === makes sure it 
// matches the "type" of the variable too because:
// 1 == yes == true
// 0 == no == false
// but === means an exact match of type (integer/string/boolean) as
// well as its value. True === 1 would return false.
if ($session === true) {

    // show logged in stuff


} else {

    // do your none logged in actions
}

Conclusion: This is not the best method to approach this, you can use the OOP way of using mysqli or PDO and achieve the same results with cleaner looking more managable code. As you appear to be fresh off the tree you might want to look into one of those two methods and learn those before continuing. Also look into securing sessions. The example i have given you will get your login working, but it wont be secure and you wont be able to do much to it.

So your check points:

PHP: OOP, SESSIONS, FILTERS these key points i would look at as a priority before continuing.

Now, you will pick up sql queries, but it doesnt harm to learn them at the same time. so find some good resources for learning SQL also.

Answer 2

Since you have checked using isset($_POST['submit']) Modify your button HTML as

<button type="submit" class="btn btn-default" id="login" name ="submit">Log in</button>

and in addition, You haven't written any code to redirect, instead of

echo "successfully logged in";

Write

header("location:new_page.php");
exit();