I have created a log in system however when i log in it say the email or password are incorrect even though it's a test user and the details are correct. Maybe it doesn't match the database, I have check over and over again. I can't seem to find the problem. Any help is much appreciated.
PHP:
if(isset($_SESSION['user'])!="")
{
header("Location: index-user.php");
}
if(isset($_POST['btn-login']))
{
$email = mysql_real_escape_string($_POST['email']);
$upass = mysql_real_escape_string($_POST['pass']);
$email = trim($email);
$upass = trim($upass);
$res=mysql_query("SELECT user_id, user_name, user_pass FROM users WHERE user_email='$email'");
$row=mysql_fetch_array($res);
$count = mysql_num_rows($res); // if uname/pass correct it returns must be 1 row
if($count == 1 && $row['user_pass']==md5($upass))
{
$_SESSION['user_name'] = $row['user_id'];
header("Location: index-user.php");
}
else
{
?>
<script>alert('Email or password invalid.');</script>
<?php
}
}
?>
HTML:
<input class="loginmodal-input" type="text" name="email" placeholder="Email" required>
<input class="loginmodal-input" type="password" name="upass" placeholder="Password" required>
<button type="submit" name="btn-login" id="login-btn" class="login btn-block loginmodal-submit">Login</button>
<button class="login-btn-2 btn btn-lg btn-block" type="button" aria-label="Close" value="Cancel" data-dismiss="modal"> Cancel</button>
MySQL Info: user_id user_name user_email user_pass
The condition in this line:
if(isset($_SESSION['user'])!="")
results True
if the $_SESSION['user']
is set, not if it's empty: isset
return boolean value, set to True
if the variable is set, to False
otherwise. An ampty string is evaluated as False
. So, when $_SESSION['user']
is not set, the code evaluate if( False != False )
.
Furthermore, you have to end the php script after calling header("Location")
:
if( !isset( $_SESSION['user'] ) )
{
header( "Location: index-user.php" );
die();
}
(...)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.