Returning ID instead of Username in login forms dashboard

Question

arunpawar -1 Junior Poster in Training

11 Years Ago

Here, I have created a php mysql login page. I am a newbie so please also comment on my code too.

I have this login page where after entering the correct data i am getting welcome "id" instead of "username".

I want to know what i am doing wrong here. :(

login.php

<?php

session_start();

if($_SERVER["REQUEST_METHOD"] == "POST")
{

$username=addslashes($_POST['username']);
$password=addslashes($_POST['password']);

//connect to database

$con=mysql_connect("localhost","","") or die();
$db=mysql_select_db("dashboard") or die();

//execute query

$query ="SELECT username, password from `login` where username=$username";
$result=mysql_query($query);

    if($username='username' && $password='password')
    {
        $_SESSION['username']=$username;
        header("Location:dashboard.php");
    }
    else 
    {
        echo "You got credentials wrong";
    }



}


?>

<form method="post" action="<?php htmlspecialchars("PHP_SELF"); ?>">

<label>Username :</label><input type="text" name="username"></br>
<label>Password:</label><input type="password" name="password"></br>
<br/>
<input type="submit" value="submit"></br>
</form>

dashboard.php

<?php

session_start();

echo "Welcome ". $_SESSION['username'];

?>

<a href="logout.php">Logout</a>

logout.php

<?php

session_destroy();

header("Location:login.php");

?>

php

2 Contributors
9 Replies
177 Views
2 Hours Discussion Span
Latest Post 11 Years Ago Latest Post by arunpawar

iamthwee

11 Years Ago

For one in your if clauses you need to use a double equal sign to do comparisons.

if something == something

iamthwee

11 Years Ago

Post up your new code

iamthwee

11 Years Ago

Shouldn't you use the result of your mysql query in your password checking?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

arunpawar -1 Junior Poster in Training · Answer 1 · 2013-05-27T18:06:22+00:00

Edited but the problem still persists.

here is the new error.

Notice: Undefined index: password in /home/lampstack/apache2/htdocs/dashboard/login.php on line 23

arunpawar -1 Junior Poster in Training · Answer 2 · 2013-05-27T18:20:19+00:00

Here is the new change in the login.php

//execute query

$query ="SELECT username, password from `login` where username='$username' and password='$password'";

$result=mysql_query($query);


    if($_SESSION['username']==$username && $_SESSION['password']==$password)
    {
        $_SESSION['username']=$username;
        header("Location:dashboard.php");
    }
    else 
    {
        echo "You got credentials wrong";
    }

arunpawar -1 Junior Poster in Training · Answer 3 · 2013-05-27T18:36:27+00:00

You mean like this?

if($_SESSION['username']==$result['username'] && $_SESSION['password']==$result['password'])

still the same error though :(

iamthwee · Answer 4 · 2013-05-27T18:39:21+00:00

No, do you know how to use the result of your sql query?

arunpawar -1 Junior Poster in Training · Answer 5 · 2013-05-27T18:47:14+00:00

Yes, using

$row= mysql_fetch_arary($result)

?
I hope I am right?

I tried something like that too.

while($row = mysql_fetch_array($result))
{
    if($_SESSION['username']==$row['username'] && $_SESSION['password']==$row['password'])
    {
        $_SESSION['username']=$username;
        header("Location:dashboard.php");
    }
    else 
    {
        echo "You got credentials wrong";
    }
}

still the error persists and this time it shows the message from else{ echo "wrong credentials";}.

arunpawar -1 Junior Poster in Training · Answer 6 · 2013-05-27T18:59:57+00:00

Update. I got the example solved here. Instead of comparing the $_SESSION['usename']. I did the comparison with $_POST['username'] and it works perfectly. :)