Mencarta Posted January 16, 2010 Share Posted January 16, 2010 I have index.php: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html> <head> <title>$Prince Finance, Login</title> </head> <body> <form action="login.php" method="post"> Username: <input type="text" name="username" maxlength="13" /> <br /> Password: <input type="password" name="password" maxlength="13" /> <br /> <input type="submit" value="Log In" /> </form> </body></html> login.php: <?php require_once("dbconnect.php"); //Include Database Connection Script session_start(); //Check Fields if (empty($_POST["username"]) || empty($_POST["password"])) { echo "Please Fill Out All Fields"; exit; } $username = mysql_real_escape_string($_POST["username"]); //Escape Username $password = mysql_real_escape_string($_POST["password"]); //EScape Password $password = sha1($password); //Convert Password To Sha1 $sql = "SELECT * FROM users WHERE username='$username' and password='$password'"; $result = mysql_query($sql); if (mysql_num_rows($result) > 0) { session_register("username"); $_SESSION["username"] = $username; header("Location: members.php"); exit; } echo "Invalid Username and/or Password.";?> I get this error: Notice: Undefined index: username in /www/zxq.net/p/r/i/princefinance/htdocs/login.php on line 6 Notice: Undefined index: password in /www/zxq.net/p/r/i/princefinance/htdocs/login.php on line 7Any suggestions? Link to comment Share on other sites More sharing options...
Mencarta Posted January 16, 2010 Author Share Posted January 16, 2010 Please help... Link to comment Share on other sites More sharing options...
Ingolme Posted January 16, 2010 Share Posted January 16, 2010 You need to check if $_POST['username'] and $_POST['password'] even exist before doing anything with them: if(isset($_POST['username']) && isset($_POST['password'])) { // The rest of the code} Link to comment Share on other sites More sharing options...
Mencarta Posted January 16, 2010 Author Share Posted January 16, 2010 Let me try that.Doesn't work. Link to comment Share on other sites More sharing options...
boen_robot Posted January 16, 2010 Share Posted January 16, 2010 What exactly did you tried? Anyhow, try to add those isset() checks into the check for empty field: if (!isset($_POST["username"]) || !isset($_POST["password"]) || empty($_POST["username"]) || empty($_POST["password"])) { echo "Please Fill Out All Fields"; exit; }} Link to comment Share on other sites More sharing options...
Mencarta Posted January 16, 2010 Author Share Posted January 16, 2010 Ya, well this works so I have no clue why:login.php <?php require_once("dbconnect.php"); //Include Database Connection Script session_start(); //Check Fields if (empty($_POST["username"]) || empty($_POST["password"])) { echo "Please Fill Out All Fields"; exit; } $username = mysql_real_escape_string($_POST["username"]); //Escape Username $password = mysql_real_escape_string($_POST["password"]); //EScape Password $password = sha1($password); //Convert Password To Sha1 $sql = "SELECT * FROM users WHERE username='$username' and password='$password'"; $result = mysql_query($sql); if (mysql_num_rows($result) > 0) { session_register("username"); $_SESSION["username"] = $username; echo "Hallo ".$_SESSION["username"]."!"; exit; } echo "Invalid Username and/or Password.";?> Link to comment Share on other sites More sharing options...
Mencarta Posted January 16, 2010 Author Share Posted January 16, 2010 Please help, seriously... Link to comment Share on other sites More sharing options...
jeffman Posted January 16, 2010 Share Posted January 16, 2010 Your previous post said it works. Of course no one has answered you.Have you tried this very basic step:var_dump($_POST);exit;at the top of your script?BTW, you should stop using session_register. (http://www.php.net/session_register) Link to comment Share on other sites More sharing options...
Mencarta Posted January 17, 2010 Author Share Posted January 17, 2010 What does: var_dump($_POST) do? So I should use: $HTTP_SESSION_VARS? Link to comment Share on other sites More sharing options...
Ingolme Posted January 17, 2010 Share Posted January 17, 2010 Use $_SESSION. But session_register() is unnecessary and it's even preferrable that you don't use it: This function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged. CautionIf you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister().var_dump() will show you if the $_POST variables that you're looking for were sent to the server or not.The problem with your script is that it's expecting $_POST['username'] and $_POST['password'] to be set, but if the form isn't sent then those array indices do not exist and it will give a notice. Link to comment Share on other sites More sharing options...
Mencarta Posted January 17, 2010 Author Share Posted January 17, 2010 I get: Notice: Undefined variable: _SESSION in /www/zxq.net/p/r/i/princefinance/htdocs/validate.php on line 3 Link to comment Share on other sites More sharing options...
Synook Posted January 17, 2010 Share Posted January 17, 2010 Make sure you're not trying to read the variable before calling session_start(). Link to comment Share on other sites More sharing options...
Mencarta Posted January 17, 2010 Author Share Posted January 17, 2010 I thought I didn't need session_start()... Link to comment Share on other sites More sharing options...
Synook Posted January 17, 2010 Share Posted January 17, 2010 No, it's session_register() that you don't use. session_start() is necessary if you want to access the session at all. Link to comment Share on other sites More sharing options...
Mencarta Posted January 17, 2010 Author Share Posted January 17, 2010 Its working. Thanks! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.