I'm facing an issue where my simple dummy form doesn't pass it's session variable. There is an error code
Notice: Undefined index: username in ...login.php on line 8
Notice: Undefined index: password in ...\\login.php on line 9
Wrong username or password
session start index.php
<html>
<head></head>
<body>
<?php session_start();?>
<form action="login.php" method="POST">
Username:<input type="text" name="username">
Password:<input type="password" name="password">
<input type="submit" value="Login">
</form>
</body>
</html>
Validation of the input will be passed on to login.php
<html>
<head></head>
<body>
<?php
session_start();
$user = "NULL";
$password = "NULL";
$user = $_REQUEST["username"];
$password = $_REQUEST["password"];
if($user == "ali" && $password == "123"){
$_SESSION["$user"] = $user;
echo "Login Successful</br>";
echo '<a href="logout.php">Logout</a>';
}
else{
echo "Wrong username or password</br>";
echo '<a href="index.php">Back</a>';
}
?>
<p>Welcome <?php echo htmlspecialchars($user) ?></p>
</body>
</html>
logout.php
<html>
<head></head>
<body>
<?php session_start();?>
<form action="login.php" method="POST">
Username:<input type="text" name="username">
Password:<input type="password" name="password">
<input type="submit" value="Login">
</form>
</body>
</html>
-You are facing Undefined index error because when you directly execute login.php or reload login.php or you open it in another tab, at that time $_REQUEST
is an empty array. Actually your coding of login.php is wrong, thats why you are getting Undefined index error.
-First of all session_start()
must be before <!DOCTYPE html>
- $_SESSION["$user"]
is wrong, use $_SESSION['user']
instead.
-Why are you using $_REQUEST
? Your form method is POST, so use $_POST
. Refer $_REQUEST vs $_GET and $_POST
-Session must be destroyed when user logout.
-Here is the working code...
1. index.php
<html>
<head></head>
<body>
<form action="login.php" method="POST">
Username:<input type="text" name="username">
Password:<input type="password" name="password">
<input type="submit" value="Login">
</form>
</body>
</html>
2. login.php
<?php session_start(); ?>
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<?php
if( isset($_SESSION['user']) ){
echo 'User is already logged in.<br />';
echo '<a href="logout.php">Logout</a>';
}
else {
if( isset($_POST["username"]) && isset($_POST["password"]) ) {
if($_POST["username"] == "ali" && $_POST["password"] == "123"){
$_SESSION["user"] = $_POST["username"];
echo "Login Successful</br>";
echo '<a href="logout.php">Logout</a>';
}
else {
echo "Wrong username or password</br>";
echo '<a href="index.php">Back</a>';
}
}
}
?>
</body>
</html>
3. logout.php
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<body>
<?php
// remove all session variables
session_unset();
// destroy the session
session_destroy();
echo "All session variables are now removed, and the session is destroyed."
?>
</body>
</html>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.