I have created a function. if i provide correct username and password. i am getting a error message as Sorry, that username / password is invalid !

can any one please help me to fix the issue.

login.php

<?php

    require 'include/init.php';

    $general->logged_in_protect();

    if(empty($_POST) === false)
    {
        $username = trim($_POST['username']);
        $password = trim($_POST['password']);

        if(empty($username)===true || empty($password)=== true)
        {
            $errors[] = 'Sorry, But we need your username and passowrd.';
        } else 
        {
            $login = $users->login($username, $password);

            if($login === false)
            {
                $errors[] = 'Sorry, that username / password is invalid';
            }
            else 
            {
                $_SESSION['user_'] = $login;

                header('Location: dashboard.php');

                exit();
            }
        }

    }

?>

dashboard.php

<?php
    require 'include/init.php';

    $user = $users->userdata($_SESSION['user_session']);

    $username = $user['SWYQ64USRNM'];

    $general->logged_out_protect();
?>

Welcome - <?php echo $username; ?>

include/init.php

<?php
    session_start();

    require '/config/database.php';

    $database = new Database();
    $db = $database->getConnection();

    require 'include/users.php';

    require 'include/general.php';

    $users = new Users($db);

    $general = new General();

    $error = array();
?>

include/users.php

<?php
    class Users {

        private $conn;

        public function __construct($db)
            {
                $this->conn = $db;
            }

        public function login($username, $password) 
            {
                $query = $this->conn->prepare("SELECT * FROM tablename WHERE SWYQ64USRNM  =?");
                $query->bindValue(1,$username);

                try{

                    $query->execute();

                    $data = $query->fetch();

                    $stored_password = $data['SWYQ64PWD'];

                    $user_session = $data['SWYQ64USRNM'];

                    if($stored_password === $password) {

                        return $user_session;

                    } else {
                        return false;
                    }

                }catch(PDOException $e) {
                    die($e->getMessage());
                }
            }

        public function userdata($user_session) {
            $query = $this->conn->prepare("SELECT * FROM tablename WHERE SWYQ64USRNM  =?");

            $query->bindValue(1,$user_session);

            try{
                $query->execute();

                return $query->fetch();
            }catch(PDOException $e) {
                    die($e->getMessage());
                }


        }
    }


?>

include/general.php

<?php
    class General {

        #Check if the user is logged in.

        public function logged_in() {
            return(isset($_SESSION['user_session'])) ? true : false;

        }

        #if logged in then redirect to dashboard.php

        public function logged_in_protect() {

            if($this->logged_in() === true) {

                header('Location: dashboard.php');
                exit();
            }

        }

        #if not logged in then redirect to login.php
        public function logged_out_protect() {
            if($this->logged_in() === false) {

                header('login.php');
                exit();

            }
        }

    }

?>

config/database.php

<?php
    class Database{
        //specify your own databse credentials

        private $host = "odbc:DRIVER={SQL Server};SERVER=servername;DATABASE=databasename";
        //private $db_name = "JDE_DEVELOPMENT";
        private $username = "username";
        private $password = "password";
        public $conn;

        //get the database connection
        public function getConnection() {

            $this->conn = null;

            try{
                $this->conn = new PDO($this->host,$this->username,$this->password);
            }catch(PDOException $exception){
                echo "Connection error: " . $exception->getMessage();
            }
            return $this->conn;
        }



    }



?>

Your code looks OK, there is nothing that immediately stands out anyway.
So you need to tick off everything is working correctly.
Can you connect successfully to the database (does another query provide the correct results)?
Do the username/password variables hold actual values?
In your login function do both of the queries work and return values?
If you can't debug it at least dump out the variable values and the SQL statements so you confirm what is happening. Run the SQL into against the the database in the command line or similar to make sure that gives you what you would expect to see.

Hi hericles

Thanks for your reply,

Connection to databse is working fine and i can able to display the datas from the table.

But i am unable to login to the page through my code.

I fixed the issue

issue is my existing password has a empty space on the rightside.

i have used trim function in include/users.php at line 22

$stored_password = $data['SWYQ64PWD'];

to

$stored_password = trim($data['SWYQ64PWD']);
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.