0

I am trying to do a login with MySQL, but it's not working. Basically I'm trying to check the login and password posted against my DB, but it's not working for some reason. Could someone give me a hint?

login.php

include "conexao.php";

$result = mysql_query("SELECT * FROM usuario WHERE login =  '".$_POST['login']."' AND senha = '".$_POST['senha']."'") or die (mysql_error());

while ($row = mysql_fetch_assoc($result)) {

session_start();
if ($_POST['login'] && $_POST['senha']) {
    if ($row['login'] == $_POST['login'] && $row['senha'] == $_POST['senha']) {
        $_SESSION['login'] = $row['login'];
        $_SESSION['senha'] = $row['senha'];
        header("Location: index.php");

    } else {
        unset ($_SESSION['login']);
        unset ($_SESSION['senha']);
        header("Location: login2.php?i=n");
    }
}
}

HTML form

<form method="post" action="login.php" class="cbp-mc-form" autocomplete="off">

<label for="login">Login</label>
<input type="text" name="login" id="login" /><br />
<label for="senha">Senha</label>
<input type="password" name="senha" id="senha" /><br />
<center><input class="cbp-mc-submit" type="submit" value="Login""/></center>
</form>
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
ledesma
  • 248
  • 1
  • 7
  • 18
  • Maybe try mysql_fetch_array instead of mysql_fetch_assoc – SyntaxLAMP Mar 09 '14 at 04:15
  • Sidenote: If you're using this code for your own use, great. Otherwise, [`do read this`](http://stackoverflow.com/q/60174/) and for so many reasons. – Funk Forty Niner Mar 09 '14 at 04:17
  • it doesn`t work as well.. – ledesma Mar 09 '14 at 04:19
  • Two questions. 1) Your posted code, is that all in the same file and exactly as shown? 2) Is your DB connection `mysql_*` or `mysqli_*` by any chance? @GilbertoGonçalvesMachado – Funk Forty Niner Mar 09 '14 at 04:23
  • `session_start();` is in there @ArifBangash - Line 7 – Funk Forty Niner Mar 09 '14 at 04:26
  • the thing is.. it is setting the sessions variables but it's not redirecting the page... – ledesma Mar 09 '14 at 04:27
  • You didn't answer any of my questions / especially question #1. Good luck with that. – Funk Forty Niner Mar 09 '14 at 04:28
  • Fred, sorry mate.. but it's mysql_ ... and its exactly the same.. just didnt put the .js files... about the security thing.. its for my use.. so.. its not going to have sql injection – ledesma Mar 09 '14 at 04:31
  • I meant; I don't see a closing `?>` PHP tag between your PHP and your HTML. If anyone were to ask me, I'd say that your code would break because of it. If you do have the closing `?>` tag, modify your question. Or, if you're using two seperate files, then edit it so that they show as being seperate files. – Funk Forty Niner Mar 09 '14 at 04:33
  • i see... but i do have the tags and everything... i just made it simple to post here without the tags – ledesma Mar 09 '14 at 04:34
  • it's strange because if i set variables without searching it on the db.. works fine.. – ledesma Mar 09 '14 at 04:38
  • Wait, scratch my last comment; you didn't have a DB then. My mistake. – Funk Forty Niner Mar 09 '14 at 04:54
  • Try and remove the `if ($_POST['login'] && $_POST['senha']) {` and the closing `}` associated with it. @GilbertoGonçalvesMachado see if removing it will change anything. – Funk Forty Niner Mar 09 '14 at 05:00
  • yes now i`m getting the validantion from the DB.. before i use to set them. – ledesma Mar 09 '14 at 05:01
  • You answered your own question using `ob_start();` you didn't by chance have an error message originally saying `Headers already sent...`? @GilbertoGonçalvesMachado – Funk Forty Niner Mar 09 '14 at 05:07
  • no... there isn`t another header.. it`s very strange... anyway.. my problem is sorted.. thanks for your help.. – ledesma Mar 09 '14 at 05:12
  • You're welcome. Just as a test, remove the `ob_start();` (*for now*) and then add this on top of your code `ini_set('display_startup_errors',1); ini_set('display_errors',1); error_reporting(-1);` you most likely will get an error message. – Funk Forty Niner Mar 09 '14 at 05:16
  • After i tried to log in.. i got the error: Warning: Cannot modify header information - headers already sent by (output started at /home/u301110757/public_html/novo/conexao.php:1) in /home/u301110757/public_html/novo/login.php on line 26... so that was the problem.. – ledesma Mar 10 '14 at 06:22

2 Answers2

1

Dear Brother try the following code, (I edited your code) I hope it will work in your case, but if you're using the same code for production, than please take care of the Sanitization.

the code I edited for you is as follows (if it still doesn't work, than there might be some error in your database connection).

The PHP Script:

<?php
session_start(); // better to start the session in the begining, 
                 //in some cases it doesn't work in the mid of the document'
include 'conexao.php';

if (isset($_POST['login']) && isset($_POST['senha'])) // check if both the form fields are set or not
{
    // Values coming from the user through FORM
    $login_form = $_POST['login'];
    $senha_form = $_POST['senha'];

    // query the database only when user submit the form with all the fields filled
    $result = mysql_query("SELECT * FROM usuario WHERE login='$login_form' AND senha='$senha_form'") or die (mysql_error());
    while ($row = mysql_fetch_assoc($result)) 
    {
        // values coming from Database
        $login_db = $row['login'];
        $senha_db = $row['senha'];
    }

    // compare the values from db to the values from form
    if ($login_form == $login_db && $senha_form == $senha_db) 
    {
        // Set the session only if user entered the correct username and password
        // it doesn't make sense to set session even if the user entered wrong values
        $_SESSION['login'] = $login_db;
        $_SESSION['senha'] = $senha_db;
        header("Location: index.php");
    }
    else
    {
        header("Location: login2.php?i=n");
    }

}
?>

The HTML: (exactly your html copied)

<form method="post" action="login.php" class="cbp-mc-form" autocomplete="off">
<label for="login">Login</label>
<input type="text" name="login" id="login" /><br />
<label for="senha">Senha</label>
<input type="password" name="senha" id="senha" /><br />
<center><input class="cbp-mc-submit" type="submit" value="Login""/></center>
</form>
Bangash
  • 1,152
  • 3
  • 10
  • 30
0

from PHP Header not redirecting

I added ob_start(); on the very first line and it worked.

Community
  • 1
  • 1
ledesma
  • 248
  • 1
  • 7
  • 18