I am trying to make a login system with php but i cant figure out why my form is just redirecting me to the script file when i click on my login button. it works fine on my sign up form. everything seems to work exept its redirecting me to the script file. My php file that contains my form: https://codepen.io/hubbe-andersson/pen/yGOPoM
EDIT: I have put my phpscript into my header.php instead and now im getting ERR_TOO_MANY_REDIRECTS in chrome what is caussing this?
<?php
if(isset($_POST['login-sub'])) {
require 'databash.php';
$username = $_POST['mailname'];
$password = $_POST{'pwd'};
if(empty($username) || empty($password)) {
header("Location: index.php?error=tommarutor");
exit();
} else {
$sql = "SELECT * FROM USERS WHERE uidUsers=? OR emailUsers=?";
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: index.php?error=sqlerror");
exit();
} else {
mysqli_stmt_bind_parem($stmt, "ss", $username, $username);
mysqli_stmt_execute($stmt);
$resultat = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($resultat)) {
$checkpwd = password_verify($password, $row['pwdUsers']);
if($checkpwd == false) {
header("Location: index.php?error=fellosenord");
exit();
}
else if ($checkpwd == true) {
seassion_start();
$_SESSION['userId'] = $row['idUsers'];
$_SESSION['userUid'] = $row['uidUsers'];
header("Location: index.php?login=lyckades");
exit();
}
else {
header("Location: index.php?error=fellosenord");
exit();
}
}
else {
header("Location: index.php?error=ingenanvandare");
exit();
}
}
}
} else {
header("Location: index.php");
exit();
}
line 6 error: use [...]
instead of {...}
Look at the middle code block. Everything inside that focuses on determining which error the results will return, so establish that in your $_SESSION
data and then redirect header("Location....
once. Most mistakes are little ones like the line 6 error, make a habit of adding // comments
to your code so that it's easier to sort out the lines and sections of your code.
<?php
if(isset($_POST['login-sub'])) {
require 'databash.php';
$username = $_POST['mailname'];
$password = $_POST['pwd'];
if(empty($username) || empty($password)) {
header("Location: index.php?error=tommarutor");
exit();
} else {
$sql = "SELECT * FROM USERS WHERE uidUsers=? OR emailUsers=?";
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: index.php?error=sqlerror");
exit();
} else {
mysqli_stmt_bind_parem($stmt, "ss", $username, $username);
mysqli_stmt_execute($stmt);
$resultat = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($resultat)) {
$checkpwd = password_verify($password, $row['pwdUsers']);
if($checkpwd == false) {
session_start();
$_SESSION['error']="fellosenord";
} else if ($checkpwd == true) {
seassion_start();
$_SESSION['userId'] = $row['idUsers'];
$_SESSION['userUid'] = $row['uidUsers'];
$_SESSION['login']="lyckades");
} else {
session_start();
$_SESSION['error']="fellosenord";
} //end checkpwd
} else { // if fetch fails, send error
session_start();
$_SESSION['error']="ingenanvandare";
} // end fetch
header("Location: index.php");
} // end if stmt exists
} // end not empty input
} else { // if isset isn't set...
header("Location: index.php");
exit();
} // end isset
php database mysqli
Your index.php
page need to start off by looking for the query string passed via $_SESSIONS
to prevent people from trying to access the page without the related form.
session_start();
if ( empty($_SESSION['id']) ) { // no session info...
...
} else {
...
}
Ask your teacher to explain finding errors and solving problems so you can learn what to look for.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.