Here, I have created a php mysql login page. I am a newbie so please also comment on my code too.

I have this login page where after entering the correct data i am getting welcome "id" instead of "username".

I want to know what i am doing wrong here. :(

login.php

<?php

session_start();

if($_SERVER["REQUEST_METHOD"] == "POST")
{

$username=addslashes($_POST['username']);
$password=addslashes($_POST['password']);

//connect to database

$con=mysql_connect("localhost","","") or die();
$db=mysql_select_db("dashboard") or die();

//execute query

$query ="SELECT username, password from `login` where username=$username";
$result=mysql_query($query);

    if($username='username' && $password='password')
    {
        $_SESSION['username']=$username;
        header("Location:dashboard.php");
    }
    else 
    {
        echo "You got credentials wrong";
    }



}


?>

<form method="post" action="<?php htmlspecialchars("PHP_SELF"); ?>">

<label>Username :</label><input type="text" name="username"></br>
<label>Password:</label><input type="password" name="password"></br>
<br/>
<input type="submit" value="submit"></br>
</form>  

dashboard.php

<?php

session_start();

echo "Welcome ". $_SESSION['username'];

?>

<a href="logout.php">Logout</a>

logout.php

<?php

session_destroy();

header("Location:login.php");

?>
Member Avatar for iamthwee

For one in your if clauses you need to use a double equal sign to do comparisons.

if something == something

Edited but the problem still persists.

here is the new error.

Notice: Undefined index: password in /home/lampstack/apache2/htdocs/dashboard/login.php on line 23
Member Avatar for iamthwee

Post up your new code

Here is the new change in the login.php

//execute query

$query ="SELECT username, password from `login` where username='$username' and password='$password'";

$result=mysql_query($query);


    if($_SESSION['username']==$username && $_SESSION['password']==$password)
    {
        $_SESSION['username']=$username;
        header("Location:dashboard.php");
    }
    else 
    {
        echo "You got credentials wrong";
    }
Member Avatar for iamthwee

Shouldn't you use the result of your mysql query in your password checking?

You mean like this?

if($_SESSION['username']==$result['username'] && $_SESSION['password']==$result['password'])

still the same error though :(

Member Avatar for iamthwee

No, do you know how to use the result of your sql query?

Yes, using

$row= mysql_fetch_arary($result)

?
I hope I am right?

I tried something like that too.

while($row = mysql_fetch_array($result))
{
    if($_SESSION['username']==$row['username'] && $_SESSION['password']==$row['password'])
    {
        $_SESSION['username']=$username;
        header("Location:dashboard.php");
    }
    else 
    {
        echo "You got credentials wrong";
    }
}

still the error persists and this time it shows the message from else{ echo "wrong credentials";}.

Update. I got the example solved here. Instead of comparing the $_SESSION['usename']. I did the comparison with $_POST['username'] and it works perfectly. :)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.