PHP variables not declaring?

Question

I found a tutorial for a mysqli and php login page to add to a website, i followed that tutorial step by step, spent at least 7 hours trying to figure out why it won't work, searching Google endlessly but nothing.

The code seems to be working but it seems two variables won't declare and it's skipping over them, I'll enter an email and password, hit log in, then ill get the notification 'Email or password are incorrect' the database is setup correctly and linked it just seems like it's one line of code and i can't figure it out.

Any input is welcome even if it's something basic, i am only learning this stuff hence the tutorial i was following, just want to know what is wrong and why.

Thanks.

Html Code

<!DOCTYPE html><?php session_start();?>

<html>

<head>

<title>Sign In</title>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="css/style.css"/>

</head>
<body>
<div id="container">

<header>

<a href="index.html"><img src="images/Header.jpg" alt="logo" /></a>

</header>


<header>
<a href="login.html"><img src="images/login.jpg" alt="login" /></a>
<a href="https://www.facebook.com/ArcticMonkeys"><img src="images/Facebook.jpg" alt="FB" /></a>
<a href="https://twitter.com/arcticmonkeys"><img src="images/Twitter.jpg" alt="Twitter" /></a>

</header>

<div class="menu">
<div align="center">
<ul class="list">
    <li class="item"><a href="index.html">Home</a>
    <li class="item"><a href="gallery.html">Gallery</a>
    <li class="item"><a href="videos.html">Videos</a>
    <li class="item"><a href="discography.html">Discography</a>
    <li class="item"><a href="register.html">Register</a>

     <li class="item"><a href="#">About</a>
        <ul class="list">
            <li><a href="alex.html">Alex Turner</a></li>
            <li class="list">
                <a href="matt.html">Matt Helders</a>
                <ul class="list">
                    <a href="jamie.html">Jamie Cook</a>
                    <ul class="list">
                        <a href="nick.html">Nick O'Malley</a>
                        <ul class="list">
                            <a href="andy.html">Andy Nicholson</a>
                            <ul class="list">
                        </ul>
            </li>


</div>
</div>


<div align="center"><BR><BR><BR><BR>
<body id="body-color"> 

<div id="Sign-In"> 




</head>

<form action="login.php" method="post">

<table width="500" align="center">

<tr align="center">

<td colspan="3"><h2>User Login</h2></td>

</tr>

<tr>

<td align="right"><b>Email</b></td>

<td><input type="text" name="email" required="required"/></td>

</tr>

<tr>

<td align="right"><b>Password:</b></td>

<td><input type="password" name="pass" required="required"></td>

</tr>

<tr align="center">

<td colspan="3">

<input type="submit" name="login" value="Login"/>


</td>

</tr>

</table>

</form>

<br><br>
<br><br>

<H3>If you do not have an account please register <a href="register.html">HERE</a><br>otherwise access is restricted to member pages<h3>

</div> 

</body> 

</html> 

Here's the php code

<!DOCTYPE html><?php session_start();?>
//Forgot this line when first posting //
<?php

// establishing the MySQLi connection



$con = mysqli_connect("localhost","root","","info");

if (mysqli_connect_errno())

{

echo "MySQLi Connection was not established: " . mysqli_connect_error();

}

// checking the user

if(isset($_POST['login'])){

$email = mysqli_real_escape_string($con,$_POST['email']);

$pass = mysqli_real_escape_string($con,$_POST['pass']);

$sel_user = ("select * from users where user_email='$email' AND user_pass='$pass'");  
//This is where i think my problem is,  $email and $pass are highlighted grey
instead of how normally declared variables would look. //

$run_user = mysqli_query($con, $sel_user);

$check_user = mysqli_num_rows($run_user);

if($check_user>0){

$_SESSION['user_email']=$email;

echo "<script>window.open('home.php','_self')</script>";

}

else {

echo "<script>alert('Email or password is not correct, try again!')</script>";

}

}

?>

Here is a link to screenshots they might give more clarity [ http://imgur.com/bX6HSmD,qFvyTGK,xEEiBi6,yAEvqAR,OdgRYFZ,U48OWkh]

Answer 1

Your screenshot's password column is user_password but your column is user_pass in your query.

AND user_pass='$pass'
    ^^^^^^^^^

Having checked for errors would have signaled that , unknown column.

As I mentioned in comments to add or die(mysqli_error($con)) to mysqli_query() .

---

Edit:

It has been mentioned but I am including this here, should some of those comments get deleted in regards to password storage and prepared statements.

Since you appear to be new at this, it's good to start learning about using proper hashing and safe queries.

Storing passwords in plain text isn't safe, not for online use anyway or should anyone hack into your own PC; it is highly discouraged.

I recommend you use CRYPT_BLOWFISH or PHP 5.5's password_hash() function. For PHP < 5.5 use the password_hash() compatibility pack .

Plus, in regards to SQL injection, use mysqli with prepared statements , or PDO with prepared statements , they're much safer .

Answer 2

在页面顶部使用if(session_id() == "") {session_start();} ，

Answer 3

You need to start a session in all your PHP Scripts which use sessions. Use: session_start(); before calling $_SESSION and then set the $_SESSION with the desired value.