troubleshooting Question

trouble with the login script in php

Avatar of Siobhan Williams
Siobhan Williams asked on
PHP
8 Comments3 Solutions276 ViewsLast Modified:
when i enter the username and password and click on enter I keep getting Login failed. I keep wondering if to add a num row statement to create the session.


<?php
   //initialize a feedback variable
   $feedback = ""; 
   
    //retrieve the form details from the POST global variable
	$f = $_POST['firstname'];
	$l = $_POST['lastname'];
	$u = $_POST['username'];
	$e = $_POST['email'];
	$p = $_POST['password'];
	$c = $_POST['captcha_code'];
	
	   //echo "Data retieved from form<br/>";
	
	//validate the data 
	validate($f, $l, $u, $e, $p, $c);
	 
	    //echo "Data validated<br/>";
		
		// call made after validation to check presence
	verifyCaptchaValue($c);
		//echo "captcha validated<br/>";
		
	if($feedback != ""){ // validation has failed
		Header("Location:../presentation/registerUser.php?feedbackMsg=$feedback");
		//echo "Data validation failed<br/>";
		
	}else{
		/*$feedback = "validation passed";
		Header("Location:../presentation/registerUser.php?feedbackMsg=$feedback"); //-- for testing*/
		
		//sanitize data
		$f = sanitize($f);
		$l = sanitize($l);
		$u = sanitize($u);
		$e = sanitize($e);
		$p = sanitize($p);
		
		//echo "Data snaitize<br/>";
		
		//hash password for storage
		$p = md5($p); 
		//echo "Password hashed<br/>";
		
		//CONNECT TO DB SERVER AND SELECT DB/
		require("../data/dbconnection.php");
		
		//echo "connected to db<br/>";
		
		// PREPARE SQL STATEMENT
		if ($stmt = mysqli_prepare($mysqli,
		     "INSERT INTO tbluser(firstname, lastname, username, email, password, confirm_code, active)
			 VALUES (?, ?, ?, ?,?, ?, ?")){
			
				 
			
            //echo "statement prepared<br/>";
			
		 //BIND PARAMETERS TO SQL STAEMENT OBJECT
		 mysqli_stmt_bind_param($stmt, "sssssss", $f, $l, $u, $e, $p, $confirm_code, $active);
				 
				 //echo "Parameters bound<br/>";
				 
		//EXECUTE STATEMENT OBJECT AND CHECK IF SUCCESSFUL
		      if(mysqli_stmt_execute($stmt)){
				  
					 $feedback = "Add User Successfully";
					 emailMbr($e, $f);
					//echo "statement executed - $feedback<br/>";
				 }else{
					 
					 $feedback = "Add User Unsuccessfully";
					 //echo "statement failed executed - $feedback<br/>";
				 }
				
               	
			 }//end prepare stmt block
			 
			 Header("Location:../presentation/registerUser.php?feedbackMsg=$feedback");
			 
			 
	}//end validation block
	
function emailMbr($e, $name){	
	
//random code
$confirm_code= getCode(7);



// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...
$to=$e;

// Your subject
$subject="Activation Link For Your Account";

// Your Header Information
$header = "MIME-Version: 1.0" . "\r\n";
$header .= "Content-type:text/html;charset=iso-8859-1" . "\r\n";
$header .="From:WAD<wsiobhan492@gmail.com>";

// Your message
$message = "
<html>
<head>
<title>HTML email</title>
</head>
<body style='background-color:pink'>
	<h3 bgcolor='#0099ff'>Your Activation Link</h3>
	<p>Hey $name,
	<br/>Please click on the link below to activate your account status</p>
	<a href='http://localhost/YOUR SITE ACTIVATION SCRIPT AND CODE HERE'>Click Here</a> To activate your account.
</body>
</html>";

// send email using PHP mail function 
ini_set("smtp_port","465"); 
$sentmail = mail($to,$subject,$message,$header);

// if your email succesfully sent
if($sentmail){
 echo "<p>Your Confirmation link Has Been Sent To Your Email Address.";
}
else {
 echo "Cannot send Confirmation link to your e-mail address";
}
}

//code genarator

function getCode($len){
	$result = "";
     $chars = "abcdefghijklmnopqrstuvwxyz$?!-0123456789";
     $charArray = str_split($chars);
       for($i = 0; $i < $len; $i++){
	     $randItem = array_rand($charArray);
	     $result .= "".$charArray[$randItem ];
}
     return $result;
}
	
	
	
	//functions at the bottom of the page
	
	//function to SANITIZE (Clean) data
	function sanitize($data){
		$data = trim($data);
		$data = stripslashes($data);
		$data = filter_var($data, FILTER_SANITIZE_STRING);
		$data = filter_var($data, FILTER_SANITIZE_SPECIAL_CHARS);
		$data = filter_var($data, FILTER_SANITIZE_MAGIC_QUOTES);
		
		//format data for storage (maintain uniformity)
		$data = strtolower($data); //lowercase
		$data = ucfirst($data); //uppercase first character of string
		
		//finally .... return the cleaned and formatted data
		return $data;
		
	} // end function sanitize
	
	
	//function to VALIDATE data
	function validate($fVal, $lVal, $uVal, $eVal, $pVal, $cVal){
		global $feedback;
		
		if($fVal="" || $fVal==null){
			$feedback  .= "Firstname required.<br/>";
		}
		
		if($lVal="" || $lVal==null){
			$feedback  .= "Lastname required.<br/>";
		}
		
		if($uVal="" || $uVal==null){
			$feedback  .= "Username required.<br/>";
		}
		
		if($eVal="" || $eVal==null){
			$feedback  .= "Email required.<br/>";
		}
		
		/*if (!preg_match("/[-0-9a-zA-Z.+_]+@[-0-9a-zA-Z.+_]+.[a-zA-Z]{2,4}/",  $e))
		{
        $feedback  .= "Email invalid.<br/>"; //Email address is invalid.
        }*/
				
		if($pVal="" || $pVal==null){
			$feedback  .= "Password required.<br/>";
		}
		
	} // end validate method
	
	function verifyCaptchaValue($cVal){
		global $feedback;
		
		include_once '/securimage/securimage.php';
	
	$securimage = new Securimage();
	
	if ($securimage->check($_POST['captcha_code']) == false) {
		// the code was incorrect
		
       $feedback .= "Incorrect captcha";
	  
	}

	}
?>
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 3 Answers and 8 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 3 Answers and 8 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros