I built a site that lets my user login/resigster their info. I had to go through and change up some of the old mysql
to use mysqli
reference, as I was getting errors. I can get grab users info from my Register, and insert it to the DB. However, on my Login, I cannot seem to pull the user credentials to let me in. Here's my Login Page code:
<?php require_once('Connections/localhost.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysqli_real_escape_string") ? mysqli_real_escape_string($theValue) : mysqli_escape_string($theValue); /* $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); */
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$error = "You have an issue with the connection.";
mysqli_select_db($con, 'sugabox'); /* mysql_select_db($database_localhost, $localhost); */
$query_Login = "SELECT * FROM users";
$Login = mysqli_query($con, $query_Login) or die(mysqli_error($error));
$row_Login = $Login->fetch_assoc(); /* $row_Login = mysql_fetch_assoc($Login); */
$totalRows_Login = $Login->num_rows; /* $totalRows_Login = mysql_num_rows($Login); */
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}
if (isset($_POST['Username'])) {
$loginUsername=$_POST['Username'];
$password=$_POST['Password'];
$MM_fldUserAuthorization = "UserLevel";
$MM_redirectLoginSuccess = "Account.php";
$MM_redirectLoginFailed = "Login.php";
$MM_redirecttoReferrer = true;
mysqli_select_db($con, 'sugabox'); /* mysql_select_db($database_localhost, $localhost); */
$LoginRS__query=sprintf("SELECT Username, Password, UserLevel FROM users WHERE Username=%s AND Password=%s",
GetSQLValueString($loginUsername,"text"), GetSQLValueString($password,"text"));
$LoginRS = mysqli_query($con, $LoginRS__query) or die(mysqli_error($error)); /* $LoginRS = mysql_query($LoginRS__query, $localhost) or die(mysql_error()); */
$loginFoundUser = $LoginRS->num_rows; /* $loginFoundUser = mysql_num_rows($LoginRS); */
if ($loginFoundUser) {
$loginStrGroup = mysql_result($LoginRS,0,'UserLevel');
if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && true) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
//Form Starts Here...
<!doctype html>
<html>
<head>
<title>Login</title>
<link href="CSS/Layout.css" rel="stylesheet" type="text/css" />
<link href="CSS/Menu.css" rel="stylesheet" type="text/css" />
<style type="text/css">
h1,h2,h3,h4,h5,h6 {
font-weight: bold;
}
</style>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<div id="Holder">
<div id="Header"></div>
<div id="NavBar">
<nav>
<ul>
<li><a href="Login.php">Login</a></li>
<li><a href="Register.php">Register</a></li>
<li><a href="ForgotPassword.php">Forget Password</a></li>
</ul>
</nav>
</div>
<div id="Content">
<div id="PageHeading">
<h1>Log In!</h1>
</div>
<div id="ContentLeft">
<h2>Insert a Message Here</h2>
<h6><br />
Your Message</h6>
</div>
<div id="ContentRight">
<form ACTION="<?php echo $loginFormAction; ?>" id="LoginForm" name="LoginForm" method="POST">
<table width="400" border="0" align="center">
<tbody>
<tr>
<td><label>Username:<br>
</label>
<input name="Username" type="text" class="StyleTxtField" id="Username"></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><label>Password:<br>
</label>
<input name="Password" type="password" class="StyleTxtField" id="Password"></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><input type="submit" name="LoginButton" id="LoginButton" value="Login"> </td>
</tr>
<tr>
<td> </td>
</tr>
</tbody>
</table>
</form>
</div>
</div>
<div id="Footer"></div>
</div>
</body>
</html>
<?php
mysqli_free_result($Login);
?>
The places where you see comments are where I changed the old code to be able to accommodate mysqli
... apperantly, something isn't right somewhere, but I don't know where. Can any provicde assistance, so that my login works? I've many other things, but can't seem to figure out where I'm going wrong here.
if you are redirecting the user to another page you need to use
at the top of the script.