PHP login trouble

2019-09-05 19:48发布

Having some trouble with a PHP login that I found online -

 <?php

$host="localhost"; // Host name 
$username="SOME_USERNAME"; // Mysql username 
$password="SOME_PASSWORD"; // Mysql password 
$db_name="b00556019"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
  if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
 }
else {
echo "Wrong Username or Password";
}
 ?>

The error is on lines 16-17 and shows as follow -

Notice: Undefined index: myusername in E:\home\students\2137\B00556019\public_html\workspace\login\checklogin.php on line 16

Notice: Undefined index: mypassword in E:\home\students\2137\B00556019\public_html\workspace\login\checklogin.php on line 17

Wrong Username or Password

this is the 2 lines not working :

 $myusername=$_POST['myusername']; 
 $mypassword=$_POST['mypassword']; 

Here is the HTML

<!DOCTYPE HTML>
<html>
<head>
<body>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
</body>
</html>#

Anybody with any ideas or a better tutorial example would be greatly appreciated :)

3条回答
一夜七次
2楼-- · 2019-09-05 20:49

Add form start tag and it will start working

<!DOCTYPE HTML>
<html>
<head>
<body>
<form action="" method="post">
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1"               bgcolor="#CCCCCC">
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr> 
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td> 
 </tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>

</form>
</body>

specify action as per your requirement

查看更多
时光不老,我们不散
3楼-- · 2019-09-05 20:52

please use

if(isset($_POST['myusername']) && $_POST['myusername']!=''){
    $myusername=$_POST['myusername']; 
   $mypassword=$_POST['mypassword']; 

    // To protect MySQL injection (more detail about MySQL injection)
   $myusername = stripslashes($myusername);
   $mypassword = stripslashes($mypassword);
   $myusername = mysql_real_escape_string($myusername);
   $mypassword = mysql_real_escape_string($mypassword);
   $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and     password='$mypassword'";
  $result=mysql_query($sql);

  // Mysql_num_row is counting table row
  $count=mysql_num_rows($result);

 // If result matched $myusername and $mypassword, table row must be 1 row
 if($count==1){

 // Register $myusername, $mypassword and redirect to file "login_success.php"
   session_register("myusername");
   session_register("mypassword"); 
  header("location:login_success.php");
 }
else {
 echo "Wrong Username or Password";
}


}

This will solve your problem

查看更多
SAY GOODBYE
4楼-- · 2019-09-05 20:53

$_POST[] contains data from form submissions from HTML. If an user didn't have send in a form, the $myusername field will be empty because the index (actually the key) 'myusername' cannot be found in the array. That's why you are getting these errors.

// username and password sent from form 
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword']; 

to ensure that the POST data (from form submissions) contains the keys/indexes, please use isset() command, (or array_key_exists(), both works.)

if(isset($_POST['myusername']) && isset($_POST['mypassword']) {
    // username and password sent from form 
    $myusername=$_POST['myusername']; 
    $mypassword=$_POST['mypassword'];
    // To protect MySQL injection (more detail about MySQL injection)
    $myusername = stripslashes($myusername);
    $mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
    $mypassword = mysql_real_escape_string($mypassword);
    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
    $result=mysql_query($sql);

    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);

    // If result matched $myusername and $mypassword, table row must be 1 row
    if($count==1){
        // Register $myusername, $mypassword and redirect to file "login_success.php"
        session_register("myusername");
        session_register("mypassword"); 
        header("location:login_success.php");
    }
    else {
        echo "Wrong Username or Password";
    } 
}

But if you want to use the $_POST, you have to write a form in your HTML. Also i recommend to not use table for aligning the HTML form elements. It's not an elegant solution. There are many examples on stackoverflow of how-to.

Here below is an example of your form in HTML5

<form action="#" method="post">
     <label for="myusername">Your username : </label>
     <input name="myusername" type="text" id="myusername" />
     <label for="mypassword">Your password : </label>
     <input name="mypassword" type="password" id="mypassword" />
     <input type="submit" name="Submit" value="Login">
</form>

the <label for="input id"> hooks a label text to the input box. If an user clicks on the text, the for attribute ensures the browser that the focus will be at the input element where the for is pointing to.

Then the <input> has many attributes. The name field is used for serverside programs to handle the form submissions. The id for the browser itself. It is mainly used by CSS and client side scripts.

Also, you are using a very outdated tutorial to achieve a login webpage. mysql() functions are officially deprecated. Please use PDO instead.

Also, this tutorial should guide you in the PDO world without problems

查看更多
登录 后发表回答