You also have an error here:
if (md5($_POST['password']) == $user['Password'] {
you are missing a closing bracket. It should be like this:
if (md5($_POST['password']) == $user['Password']) {
Frage
I am trying to create a login form, however it is not working.
here is the code of the login.php file
<?php
session_start();
if(isset($_SESSION['user'])) {
header('location: index.php');
}
?>
<html>
<head>
<title>Basic CMS - Login Area</title>
</head>
<body>
<form action="dologin.php" method="post">
<table>
<tr>
<td><span>Username:</span></td>
<td><input type="text" name="username" /></td>
</tr>
<tr>
<td><span>Password:</span></td>
<td><input type="password" name="password" /></td>
</tr>
<?php
if (isset($message)) {
echo "<tr><td colspan='2'>" . $message . "</td></tr>";
}
?>
<tr>
<td colspan="2" align='right'><input type="submit" name="login"
value="login" /></td>
</tr>
</table>
</form>
</body>
</html>
And here is the code of the dologin.php file
<?php
include('includes/functions.php');
session_start();
if (isset($_POST['login'])) {
if (isset($_POST['username']) {
if (isset($_POST['password'])) {
$username = $_POST['username'];
$query = mysql_query("SELECT * FROM users WHERE Username = '$username'") or die(mysql_error());
$user = mysql_fetch_array($query);
if (md5($_POST['password']) == $user['Password'] {
$message = "Login succesful";
$_SESSION['user'] = $user['Username'];
header('location: index.php');
}
else {
$message = "Please check your login details";
include('login.php');
}
}
else {
$message = "Please check your password!";
include('login.php');
}
}
else {
$message = "Please check your username!";
include('login.php');
}
}
else {
$message = "Please check that you filled out the login form!";
include('login.php');
}
?>
When I submit the form on login.php it redirects to dologin.php however then nothing shows up there, no error or the form itself. Just a blank page, doesn't matter what I fill in in the form.
Please help is appeciated.
Lösung 2
You also have an error here:
if (md5($_POST['password']) == $user['Password'] {
you are missing a closing bracket. It should be like this:
if (md5($_POST['password']) == $user['Password']) {
Andere Tipps
Well you didn't close your brackets properly on this line for a start:
if (isset($_POST['username']) {
In future, please check your error logs before posting questions here. Or better still, put error_reporting(E_ALL);
at the top of all your scripts until you're satisfied they're working properly.
And just to reiterate @Quentin's comment — you absolutely should not be using the old mysql
commands any more, and putting user-supplied data straight into your database queries is really asking for trouble.
You need to either close php tags or echo that. Here is one example:
<?php
if (isset($message)) {
echo '<tr><td colspan="2">'. $message .'</td></tr>';
}
?>