Can someone please help me....I am new to php and I am having trouble with redirecting back to my loginpage with an error message showinf at the top of the loginpage when the wrong user name and password is entered that will say that the user is invalid...here is my login code:

<?php session_start(); ?>
<html>
<head>
<title>Login Page</title>
</head>
<body>

<h1>Login Here</h1>
<form name="input" action="mainform.php" method="post">
  <p>

  <br>
    Username: <input type="text" name="username" size="15"><br>
    Password: <input type="password" name="password" size="15"><br>


   <input type='submit' name='submit' value='Submit'>

</form>

</body>
</html>


and here is my mainform.php: 

<?php 
session_start(); 

if (isset($_POST['submit'])) {

    //$username = (isset($_POST['username'])) ? $_POST['username'] : '';
    //$password = (isset($_POST['password'])) ? $_POST['password'] : '';


$username = $_POST['username'];
$passwd = $_POST['password'];
$server = 'localhost';
$user = 'root';
$datapassword = '';
$database = 'km';
$table_name = 'users';

if($username && $passwd) {

$connect = mysql_connect($server, $user, $datapassword) or die ("Could Not Connect!");
mysql_select_db($database, $connect) or die ("Could Not Connect!");
$SQLcmd = "SELECT * FROM $table_name WHERE username='$username' AND password='$passwd'"; 
$query = mysql_query($SQLcmd);
$numrows = mysql_num_rows($query);

if ($numrows != 0){

            while ($row = mysql_fetch_array($query)) {

                $dbusername = $row['username'];
                $dbpassword = $row['password'];
                }


            //Check to see if they are match!
                if ($username == $dbusername && ($passwd) == $dbpassword) {                   
                    $_SESSION['username'] = $username;                  
                    header('Location: program1input.php');

                }
                elseif ($username == $dbusername && ($passwd) != $dbpassword)    
                    $_SESSION['unerror']= "Invalid Password, Please Try Again!!";
                    header('Location: program3inputnew.php');

        }    
        elseif ($username != $dbusername && ($passwd) != $dbpassword)
          $_SESSION['unerror']= "That user does not exist!!!";
          header("Location.program3inputnew.php");        

    }
    else
      echo "Please enter a username and password!";
}
?>

hey ,
i suppose that your mainform.php code had some syntax errors with if statements.
now i have removed those errors.
but , i dont know why are u validating everytime username and password. once a sql check is undergone...its not that necessary.
however now in the below code if the query is successfull than it redirects to the respective page .

<?php 
session_start(); 

if (isset($_POST['submit'])) 
	{

//$username = (isset($_POST['username'])) ? $_POST['username'] : '';
//$password = (isset($_POST['password'])) ? $_POST['password'] : '';


$username = $_POST['username'];
$passwd = $_POST['password'];
$server = 'localhost';
$user = 'root';
$datapassword = '';
$database = 'km';
$table_name = 'users';

		if($username && $passwd) 
		{

$connect = mysql_connect($server, $user, $datapassword) or die ("Could Not Connect!");
mysql_select_db($database, $connect) or die ("Could Not Connect!");
$SQLcmd = "SELECT * FROM $table_name WHERE username='$username' AND password='$passwd'"; 
$query = mysql_query($SQLcmd);
$numrows = mysql_num_rows($query);

			if ($numrows != 0)
					{

		while ($row = mysql_fetch_array($query)) 
		{
		$dbusername = $row['username'];
		$dbpassword = $row['password'];
		}


//Check to see if they are match!
if ($username == $dbusername && ($passwd) == $dbpassword) 
	{ 
	$_SESSION['username'] = $username;	
	header('Location: program1input.php');

	}
		elseif ($username == $dbusername && ($passwd) != $dbpassword) 
			{
				$_SESSION['unerror']= "Invalid Password, Please Try Again!!";
				header('Location: program3inputnew.php');

			} 
											
				else{ 
			$_SESSION['unerror']= "That user does not exist!!!";
			header("Location.program3inputnew.php"); 
				 	 }
											 
		}
						
		}else
				{
					echo "Please enter a username and password!";
				}
						
	}

?>

bye

Thank you so much for your help...

hello,
sorry i observed it as marked after i posted this.
Thankyou

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.