Pritesh Bhatt
asked on
I am not able to login with the given code
The above is the index.php and dbconn.php
dbconn.php
<?php
if(isset($_REQUEST['submitBtn'])){
include '_inc/dbconn.php';
// session_start();
$username=$_REQUEST['uname'];
//salting of password
$salt="@g26jQsG&nh*v";
$password= sha1($_REQUEST['pwd'].$salt);
$sql="SELECT email,password FROM customer WHERE email='".$username."' AND password='".$password."'";
// $sql="SELECT email,password FROM customer WHERE email='$username' AND password='$password'";
$query = mysqli_query($conn,$sql) or die (mysqli_error($conn));
$rws= mysqli_fetch_array();
$user=$rws[0];
$pwd=$rws[1];
if($user==$username && $pwd==$password){
session_start();
$_SESSION['customer_login']=1;
$_SESSION['cust_id']=$username;
header('location:customer_account_summary.php');
}
else{
header('location:index.php');
}}
?>
<?php
session_start();
if(isset($_SESSION['customer_login']))
header('location:customer_account_summary.php');
?>
<!DOCTYPE html>
<html>
<head>
<noscript><meta http-equiv="refresh" content="0;url=no-js.php"></noscript>
<meta charset="UTF-8">
<title>Online Banking System</title>
<link rel="stylesheet" href="newcss.css">
</head>
<body>
<div class="wrapper">
<div class="header">
<img src="header.jpg" height="100%" width="100%"/>
</div>
<div class="navbar">
<ul>
<li><a href="index.php">Home </a></li>
<li><a href="features.php">Features </a></li>
<li id="last"><a href="contact.php">Contact Us</a></li>
</ul>
</div>
<div class="user_login">
<form action='' method='POST'>
<table align="left">
<tr><td><span class="caption">Secure Login</span></td></tr>
<tr><td colspan="2"><hr></td></tr>
<tr><td>Username:</td></tr>
<tr><td><input type="text" name="uname" required></td> </tr>
<tr><td>Password:</td></tr>
<tr><td><input type="password" name="pwd" required></td></tr>
<tr><td class="button1"><input type="submit" name="submitBtn" value="Log In" class="button"></td></tr>
</table>
</form>
</div>
<div class="image">
<img src="home.jpg" height="100%" width="100%"/>
<div class="text">
<a href="safeonlinebanking.php"><h3>Click to read safe online banking tips</h3></a>
<a href="t&c.php"><h3>Terms and conditions</h3></a>
<a href="faq.php"><h3>FAQ'S</h3></a>
</div>
</div>
<div class="left_panel">
<p>Our internet banking portal provides personal banking services that gives you complete control over all your banking demands online.</p>
<h3>Features</h3>
<ul>
<li>Registration for online banking</li>
<li>Adding Beneficiary account</li>
<li>Funds Transfer</li>
<li>Last Login record</li>
<li>Mini Statement</li>
<li>ATM and Cheque Book</li>
<li>Staff approval Feature</li>
<li>Account Statement by date</li>
</ul>
</div>
<div class="right_panel">
<h3>PERSONAL BANKING</h3>
<ul>
<li>Personal Banking application provides features to administer and manage non personal accounts online.</li>
<li>Phishing is a fraudulent attempt, usually made through email, phone calls, SMS etc seeking your personal and confidential information.</li>
<li>Online Bank or any of its representative never sends you email/SMS or calls you over phone to get your personal information, password or one time SMS (high security) password.</li>
<li>Any such e-mail/SMS or phone call is an attempt to fraudulently withdraw money from your account through Internet Banking. Never respond to such email/SMS or phone call. Please report immediately on reportif you receive any such email/SMS or Phone call. Please lock your user access immediately.
</li>
</ul>
</div>
<?php include 'footer.php' ?>
dbconn.php
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "bank_db";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error($conn));
}
?>
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The 2 comments pointed out the actual issues.