Please view my code and
<form action="
<?php
$dbhost = 'localhost';
// your database username.
$dbusername = '8917';
// the password that corresponds to the above username.
$dbpasswd = 'h981';
// the database name that your username is associated with.
$database_name = 'xq_ms';
$connection = mysql_connect("$dbhost","$dbusername","$dbpasswd")
or die ("Couldn't connect to server.");
$db = mysql_select_db("$database_name", $connection)
or die("Couldn't select database.");
?>
<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<div align="right"></div>
</form><?php
if (isset($_POST['submit'])) { // if form has been submitted
/* check they filled in what they were supposed to and authenticate */
if(!$_POST['uname'] | !$_POST['passwd']) {
die('You did not fill in a required field.');
}
// authenticate.
if (!get_magic_quotes_gpc()) {
$_POST['uname'] = addslashes($_POST['uname']);
}
$qry = "SELECT username, password FROM users WHERE username = '".$_POST['uname']."'";
$sqlmembers = mysql_query($qry);
$info = mysql_fetch_array ($sqlmembers);
$check = mysql_num_rows ($sqlmembers);
if ($check == 0) {
die('That Account does not exist in our database,Please use your Browser`s BACK button to go back.');
}
// check passwords match
$_POST['passwd'] = stripslashes($_POST['passwd']);
$info['password'] = stripslashes($info['password']);
$_POST['passwd'] = md5($_POST['passwd']);
if ($_POST['passwd'] != $info['password']) {
echo"Incorrect password, please try again.";
}
// if we get here username and password are correct,
//register session variables and set last login time.
$date = date('m d, Y');
$qry = "UPDATE users SET last_login = '$date' WHERE username = '".$_POST['uname']."'";
$query=mysql_query($qry);
$_POST['uname'] = stripslashes($_POST['uname']);
$_SESSION['username'] = $_POST['uname'];
$_SESSION['password'] = $_POST['passwd'];
?>
<h1>Logged in</h1>
<p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in,click here to <span class="style15"><a href="membersonlypage.php">Continue</a></span>.</p>
<?php
} else { // if form hasn't been submitted
?>
<h1>Login</h1>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td>
<input type="text" name="uname" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="passwd" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
Full Version: When I Login To My Page And Type A Wrong Password I Got An Error Like Cant Modify Header
The problem occurs when you output anything(may be that die statement) before sending header info <head></head> or redirecting by modifying header with php. I checked your script for a while but was quite screwed to me. But what I suggest you to do is set a error variable and store any error occured but don't print/display it instantly and print it later after header. That way you can avoid the error.
genrally I get that error when you try to make PHP redirect the browser to another page
after you have already gone through most of the HTML document, check and make sure
you don't have any redirects after the <head> tags.
after you have already gone through most of the HTML document, check and make sure
you don't have any redirects after the <head> tags.
i have a few things to point out..
#1 please wrap your code in code tags next time..
Ive cleaned up your code a bit here, this hasnt been tested.. so it may or may not work..
Why is this here? It doesn't serve any purpose remove it.
Note what i did was move your
down to the correct location on line 15,i then went through and replaced
with <?= , which is the same as <?php echo. Strike-through by swordz - see below
There are so many syntax errors in this, you'd be better off starting from scratch to be honest..
#1 please wrap your code in code tags next time..
Ive cleaned up your code a bit here, this hasnt been tested.. so it may or may not work..
CODE
<?php
$dbhost = 'localhost';
// your database username.
$dbusername = '8917';
// the password that corresponds to the above username.
$dbpasswd = 'h981';
// the database name that your username is associated with.
$database_name = 'xq_ms';
$connection = mysql_connect("$dbhost","$dbusername","$dbpasswd")
or die ("Couldn't connect to server.");
$db = mysql_select_db("$database_name", $connection)
or die("Couldn't select database.");
?>
$dbhost = 'localhost';
// your database username.
$dbusername = '8917';
// the password that corresponds to the above username.
$dbpasswd = 'h981';
// the database name that your username is associated with.
$database_name = 'xq_ms';
$connection = mysql_connect("$dbhost","$dbusername","$dbpasswd")
or die ("Couldn't connect to server.");
$db = mysql_select_db("$database_name", $connection)
or die("Couldn't select database.");
?>
Why is this here? It doesn't serve any purpose remove it.
CODE
<form action="<?= $_SERVER['PHP_SELF']; ?>" method="post">
<div align="right"></div></form>
<div align="right"></div></form>
CODE
<?php
if (isset($_POST['submit'])) { // if form has been submitted
/* check they filled in what they were supposed to and authenticate */
if(!$_POST['uname'] | !$_POST['passwd']) {
die('You did not fill in a required field.');
}
// authenticate.
if (!get_magic_quotes_gpc()) {
$_POST['uname'] = addslashes($_POST['uname']);
}
$qry = "SELECT username, password FROM users WHERE username = '".$_POST['uname']."'";
$sqlmembers = mysql_query($qry);
$info = mysql_fetch_array ($sqlmembers);
$check = mysql_num_rows ($sqlmembers);
if ($check == 0) {
die('That Account does not exist in our database,Please use your Browser`s BACK button to go back.');
}
// check passwords match
$_POST['passwd'] = stripslashes($_POST['passwd']);
$info['password'] = stripslashes($info['password']);
$_POST['passwd'] = md5($_POST['passwd']);
if ($_POST['passwd'] != $info['password']) {
echo"Incorrect password, please try again.";
}
// if we get here username and password are correct,
//register session variables and set last login time.
$date = date('m d, Y');
$qry = "UPDATE users SET last_login = '$date' WHERE username = '".$_POST['uname']."'";
$query=mysql_query($qry);
$_POST['uname'] = stripslashes($_POST['uname']);
$_SESSION['username'] = $_POST['uname'];
$_SESSION['password'] = $_POST['passwd'];
?>
<h1>Logged in</h1>
<p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in,click here to <span class="style15"><a href="membersonlypage.php">Continue</a></span>.</p>
<?php
} else { // if form hasn't been submitted
?>
<h1>Login</h1>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td>
<input type="text" name="uname" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="passwd" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
if (isset($_POST['submit'])) { // if form has been submitted
/* check they filled in what they were supposed to and authenticate */
if(!$_POST['uname'] | !$_POST['passwd']) {
die('You did not fill in a required field.');
}
// authenticate.
if (!get_magic_quotes_gpc()) {
$_POST['uname'] = addslashes($_POST['uname']);
}
$qry = "SELECT username, password FROM users WHERE username = '".$_POST['uname']."'";
$sqlmembers = mysql_query($qry);
$info = mysql_fetch_array ($sqlmembers);
$check = mysql_num_rows ($sqlmembers);
if ($check == 0) {
die('That Account does not exist in our database,Please use your Browser`s BACK button to go back.');
}
// check passwords match
$_POST['passwd'] = stripslashes($_POST['passwd']);
$info['password'] = stripslashes($info['password']);
$_POST['passwd'] = md5($_POST['passwd']);
if ($_POST['passwd'] != $info['password']) {
echo"Incorrect password, please try again.";
}
// if we get here username and password are correct,
//register session variables and set last login time.
$date = date('m d, Y');
$qry = "UPDATE users SET last_login = '$date' WHERE username = '".$_POST['uname']."'";
$query=mysql_query($qry);
$_POST['uname'] = stripslashes($_POST['uname']);
$_SESSION['username'] = $_POST['uname'];
$_SESSION['password'] = $_POST['passwd'];
?>
<h1>Logged in</h1>
<p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in,click here to <span class="style15"><a href="membersonlypage.php">Continue</a></span>.</p>
<?php
} else { // if form hasn't been submitted
?>
<h1>Login</h1>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td>
<input type="text" name="uname" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="passwd" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
Note what i did was move your
CODE
<form action="
down to the correct location on line 15,
CODE
<?php echo
with <?= , which is the same as <?php echo.
There are so many syntax errors in this, you'd be better off starting from scratch to be honest..
Your last but 1 comment made me physically wince.
Never use short tags - you're willingly limiting the portability of your code.
Otherwise, thanks for taking the time.
Swordz
Never use short tags - you're willingly limiting the portability of your code.
Otherwise, thanks for taking the time.
Swordz
QUOTE(swordz @ Oct 9 2009, 02:07 AM) 
Your last but 1 comment made me physically wince.
Never use short tags - you're willingly limiting the portability of your code.
Otherwise, thanks for taking the time.
Swordz
Never use short tags - you're willingly limiting the portability of your code.
Otherwise, thanks for taking the time.
Swordz
How is using the shortcut <?= limiting? Its virtually the same as <?php echo please clarify.
<? is a PHP short tag. Not all servers have short tags enabled. If you use <? you may find, if you ever have a server upgrade, you have to go and find all of your short tags and replace them. It also causes conflicts with <?xml - if you have short tags enabled it drops into php mode, and throws an error.
Basically, as I said above, it limits portability.
Swordz
Basically, as I said above, it limits portability.
Swordz
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.