Robert Francis
asked on
Cant get PHP login page to work
I am trying to create a basic login page using php. I have tried to keep it simple at first. Here is a screenshot of the table in SQL Server:
Here is the code:
Whenever I try to login using a correct username and password it tells me "username or password is invalid". You can see where I echod the information from the textboxes, the query, and the row results from the query. See image:
Whenever I use a blank username and password it tells me "Information Matched". See image:
This is not how this is supposed to work. Any ideas?
Here is the code:
<?php error_reporting(E_ALL);?>
<!DOCTYPE html>
<html>
<head>
<title>Portal2 Login</title>
</head>
<body>
<?php
//Connection string
require_once("includes/conn_intranet.php")?>
<?php
// Starting Session
session_start();
// Variable To Store Error Message
$error='';
// Define $txtUsername and $txtPassword
$txtUsername=$_POST['txtUsername'];
$txtPassword=$_POST['txtPassword'];
echo "Username is " . $txtUsername . "</br>";
echo "Password is " . $txtPassword . "</br>";
//Query employee table
$query = "SELECT * FROM employee WHERE ename='$txtUsername'";
echo "Query is " . $query . "</br>";
$results = sqlsrv_query($connIntranet, $query);
$row = sqlsrv_fetch_array($results);
echo "Row ename " . $row["ename"] . "</br>";
echo "Row password " . $row["password"] . "</br>";
if($row["ename"]==$txtUsername && $row["password"]==$txtPassword){
//$_SESSION['login_user']=$txtUsername;
//header("location: index.php");
$error = "Information matched";}
else {
$error = "Username or Password is invalid";
}
echo $error;
sqlsrv_close( $connIntranet );
?>
<!-- Login Form -->
<div style="text-align: center;">
<form name="frmLogin" action="" method="post">
<h3>Login to access the Portal2</h3>
<p>Username: <input name="txtUsername"></p>
<p>Password: <input name="txtPassword"></p>
<p><input name="btnSubmit_login" type="submit" value="Submit"></p>
</form>
</div>
</body>
</html>Whenever I try to login using a correct username and password it tells me "username or password is invalid". You can see where I echod the information from the textboxes, the query, and the row results from the query. See image:
Whenever I use a blank username and password it tells me "Information Matched". See image:
This is not how this is supposed to work. Any ideas?
ASKER
Dave - The session start is commented out so I don't think that is the problem
Ray - I am looking into that article now. I would still like to know what is wrong with the code I have now. It just seems so straight forward. It might help me in the future.
Ray - I am looking into that article now. I would still like to know what is wrong with the code I have now. It just seems so straight forward. It might help me in the future.
ASKER
My bad. The session start was not commented out. I fixed that but still very confused as to why this code is not working.
PHP sessions may fail to work if there is any browser output at all (even invisible whitespace) before session_start().
https://www.experts-exchange.com/articles/11909/PHP-Sessions-Simpler-Than-You-May-Think.html
The reason for this is that PHP sessions set HTTP cookies, and HTTP cookies are headers. Headers must come first and be complete before any browser output at all.
https://www.experts-exchange.com/articles/11909/PHP-Sessions-Simpler-Than-You-May-Think.html
The reason for this is that PHP sessions set HTTP cookies, and HTTP cookies are headers. Headers must come first and be complete before any browser output at all.
ASKER
Ray. Cool. I have the session stuff fixed based off the article you sent. But I still want to know what is going on with the "Username is Invalid" problem.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I found the problem. The datatype I was using was creating whitespace at the end of the usernames and passwords.
PHP trim() may be your friend :-)
Open in new window