I'm trying to build a login form so an admin I specify in the database can insert images into my database.
I'm having a few errors:
1) I'm using <?php echo $_SERVER['PHP_SELF']; ?>
<?php echo $_SERVER['PHP_SELF']; ?>
to call itself (call Login.php) so it will load the PHP code below it (which is in the same file). Whenever I press submit, it doesn't go to the specified header in the php code, but rather goes back to the homepage.php.
Login.php: Admin Login Form html
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table>
<tr>
<td>Username: </td><td><input type="text" name="username"></td>
</tr>
<tr>
<td>Password: </td> <td><input type="text" name="pw"></td>
</tr>
</table>
<br />
<input type="submit" value="Log in">
</center>
2) The second issue is... looking at the php code, I'm trying to find a function that will let me grab a specific key of an associate array. For example, I run the database query and store it as an associate array in $result, and return that. Then I want to grab a key ("username" and "password") from users table and compare them to the input from the above html form.
I've tried using array_keys, but that needs an array, not an object. So I casted it, and it still won't work.
I'm using print_r(array_keys($userResult, "username"));
to see if it would print the key I wanted.
Login.php Php code
<?php
$username = isset($_POST['username']) ? $_POST['username'] : "";
$password = isset($_POST['pw']) ? $_POST['pw'] : "";
$userResult = verify($username, $password);
$array = (array)$userResult; //cast to array
print_r(array_keys($userResult, "username"));
if(array_keys($userResult, "username") == "dan" && array_keys($userResult, "password") == "12345") {
header("Location: ?action=admin");
}
else {
echo "<center>Incorrect credentials</center>";
}
function verify($user, $pw) {
include './scripts/dbconnect.php';
$result = $mysqli->query("SELECT username, password FROM users WHERE username='" . $user . "' AND password='" . $pw . "'");
return $result;
}
include 'include/footer.php';
?>
Any thoughts would be appreciated!
For part one if you want to just refresh the page you can do this.
<form action='' method=''>
Otherwise it is probably easier to just hard-code the path from login.php to your processing file.
For part two I think you incorrectly created your array.
$array = array();
$array[$username] = $password; // $username is the key and $password is the value aka.. array ($username => $password )
I am not sure why but it seems like with
$array = (array)$userResult;
you are trying to set an array as a tuple run though a function and that method seems a lot less clear than just setting the keys and values.
You can leave action in blank like action=""
and it will post in the same page. I don't remember what $_SERVER['PHP_SELF']
returns inside/outside includes but that must be your problem.
Also, you are alreadly checking the username and password on your query, then you just need to know if it returns a result or dont. Check for the number of rows :)
Thanks nimlhug, got it to work as such... forgot my main reason for checking the database was to actually see if there was a matching result... don't know why I was checking again to see if there was a match when I could have just used num_rows == 1
, lol.
<?php
include 'include/header.php';
?>
<center>
<h2>Admin Log in</h2>
<br/>
<form action="" method="post">
<table>
<tr>
<td>Username: </td><td><input type="text" name="username"></td>
</tr>
<tr>
<td>Password: </td> <td><input type="text" name="pw"></td>
</tr>
</table>
<br />
<input type="submit" value="Log in">
</center>
<?php
$username = isset($_POST['username']) ? $_POST['username'] : "";
$password = isset($_POST['pw']) ? $_POST['pw'] : "";
if(verify($username, $password) == 1) {
header("Location: ?action=admin");
}
else {
echo "<center>Incorrect credentials</center>";
}
function verify($user, $pw) {
include './scripts/dbconnect.php';
$result = $mysqli->query("SELECT username, password FROM users WHERE username='" . $user . "' AND password='" . $pw . "'");
return $result->num_rows;
}
include 'include/footer.php';
?>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.