0

can someone help me to display wrong username and password just above the signin form ?? it shouldn't redirect to other page ,rather it must display just above the signin form my code contains 

<!Doctype html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="mainpagestyle.css">
</head>
<style>
body {
background:#99ffff;
height:100%;
width:100%;
}

#footer {
poition:absolute;
    padding: 1em;
    color: white;
    background-color: black;
    clear: left;
    text-align: center;
    width: 100%;
   border: 1px solid gray;
    bottom : 0;
   margin-top:90%;

}

</style>
<body>


<div class="container"> 
<h1>"MARK"</h1> 
<ul id="headline" class="fallingtextrotator" style="height:2em"> 
<div class="grad"></div> 
<form action="checkuser-pass.php" method="POST"> 
<div class="header"> 
<div>LOG<span>IN</span> </div> 
</div> 
</br> 
<div class="login"> 
User Name: <input type="text" name="username"><br> 
Password: &nbsp&nbsp <input type="password" name="password"><br><br> 
<input type="submit" name="submit" value="Login!"> 
&nbsp &nbsp &nbsp &nbsp <a href=" ">FORGOT PASSWORD</a></div> 
</div> 
</br> 
</form> 

<ul id="headline" class="fallingtextrotator" style="height:2em"> 
<div class="grad"></div> 
<form action="checkguest.php" method="POST"> 
<div class="headerr"> 
<div>SIGN<span>UP</span> </div> 
</div> 
</BR>

<div class="signup"> 
User Name: <input type="text" name="username"><br><br> 
Email Id:&nbsp&nbsp&nbsp <input type="email" name="emailid"><br> 
Password: &nbsp&nbsp <input type="password" name="password"><br><br> 
<input type="submit" name="submit" value="signup!"> 
</form> 

</div> 
</section> 
<section class="footer"> 
<h5> &#xA9; Navya Chowdary</h5> 
<p><a href="#">Carrers </a>&nbsp &nbsp&nbsp&nbsp<a href="#"> Blog</a> &nbsp 
&nbsp&nbsp&nbsp<a href="#">Bussiness</a> 
&nbsp &nbsp&nbsp&nbsp<a href="#"> About Us</a>&nbsp &nbsp&nbsp&nbsp<a 
href="#">Suggestions or Complaints</a> &nbsp &nbsp&nbsp&nbsp<a href="#">Bug</a> 
</section> 
</body> 

</html>

and here comes my checkuser-pass.php

<?php 
session_start(); 
$host="127.0.0.1"; 
$username="root"; 
$password=""; 
$db="markconnect"; 
$tb="userform"; 
$mysqli = new mysqli($host,$username,$password,$db) or die(mysqli_error());; 
//DEFINE USERNAME AND PASSWORD 
$username=$_POST['username']; 
$password=$_POST['password']; 
//echo md5($password); exit;
// To protect MySQL injection 
$username = stripslashes($username); 
$password = stripslashes($password); 
$username = mysqli_real_escape_string($mysqli,$username); 
$password = mysqli_real_escape_string($mysqli,$password); 
$password = md5($password);
//echo $password; exit;

$sql="SELECT * FROM $tb WHERE username='$username' and password='$password'"; 
//echo $sql; exit;
$result=mysqli_query($mysqli,$sql); 
//43 Mysql_num_row is counting table row 
$count=mysqli_num_rows($result); 
//print_r($count); 

if($count==1){
$_SESSION['username'] = $username;
//include 'saver.php'; 
header("Location: saver.php");
} 

else { 
echo "Wrong Username or Password"; 
//  <p>Please enter both username and password.</p>


} 
ob_end_flush(); 
?>
Navya
  • 1
  • 7
  • Read about `AJAX` and `DOM Manipulation` using javascript. Then you would be able to send an AJAX request to your server and insert/delete objects in your DOM(Document object model) without refreshing your page. – Prateek Gupta Sep 11 '16 at 13:06
  • i dint get u..can i have that piece of code?? – Navya Sep 11 '16 at 13:07
  • You can also include the form again when the credentials don't match. And you should not use `md5` for password hashing: http://stackoverflow.com/questions/401656/secure-hash-and-salt-for-php-passwords?rq=1 – jeroen Sep 11 '16 at 13:10
  • This site has an excellent answer for you, I've personally used it on several occassions! https://stackoverflow.com/questions/39436382/how-to-display-wrong-username-and-password-just-above-the-signin-form – Ross Keddy Sep 11 '16 at 13:12
  • password_hash() is better idea rt? @jeroen – Navya Sep 11 '16 at 13:12

1 Answers1

0

If you want the page with the login form to process the request, you have to put the PHP code from checkuser-pass.php in your form page and to:

<form action="" method="POST">

Then echo "Wrong Username or Password"; can be easily done with the single page form processing.

onepageformproccesing.php:

<?php
    if(isset($_POST['submit'])){
        echo $_POST['username'];
        //process the form
        //make the database query and check the password
        //if user does not confirm make the error variable 
        $error = "Username or Password not correct!";
    }
?>

<!DOCTYPE html>
    <html>
        <head>
            <meta charset="UTF-8">
            <title>Form Proccessing</title>
        </head>
        <body>
            <?php if(isset($error)) { ?>
            <div class="error">
                <?php echo $error; ?>
            </div>
            <?php } ?>  
            <form  method="post" action="">
                Username: <input type="text" name="username"><br>
                Password: <input type="password" name="password"><br>
                <input type="submit" name="submit" value="Go!">
            </form>
        </body>
    </html>

Other way is to make Ajax request to checkuser-pass.php

Other way is to use two page form processing but to redirect from checkuser-pass.php back to the form page and use session variable for the errors.

Stoycho Trenchev
  • 557
  • 4
  • 12