We help IT Professionals succeed at work.
Get Started

trouble with the login script in php

Siobhan Williams
on
275 Views
Last Modified: 2017-04-25
when i enter the username and password and click on enter I keep getting Login failed. I keep wondering if to add a num row statement to create the session.


<?php
   //initialize a feedback variable
   $feedback = ""; 
   
    //retrieve the form details from the POST global variable
	$f = $_POST['firstname'];
	$l = $_POST['lastname'];
	$u = $_POST['username'];
	$e = $_POST['email'];
	$p = $_POST['password'];
	$c = $_POST['captcha_code'];
	
	   //echo "Data retieved from form<br/>";
	
	//validate the data 
	validate($f, $l, $u, $e, $p, $c);
	 
	    //echo "Data validated<br/>";
		
		// call made after validation to check presence
	verifyCaptchaValue($c);
		//echo "captcha validated<br/>";
		
	if($feedback != ""){ // validation has failed
		Header("Location:../presentation/registerUser.php?feedbackMsg=$feedback");
		//echo "Data validation failed<br/>";
		
	}else{
		/*$feedback = "validation passed";
		Header("Location:../presentation/registerUser.php?feedbackMsg=$feedback"); //-- for testing*/
		
		//sanitize data
		$f = sanitize($f);
		$l = sanitize($l);
		$u = sanitize($u);
		$e = sanitize($e);
		$p = sanitize($p);
		
		//echo "Data snaitize<br/>";
		
		//hash password for storage
		$p = md5($p); 
		//echo "Password hashed<br/>";
		
		//CONNECT TO DB SERVER AND SELECT DB/
		require("../data/dbconnection.php");
		
		//echo "connected to db<br/>";
		
		// PREPARE SQL STATEMENT
		if ($stmt = mysqli_prepare($mysqli,
		     "INSERT INTO tbluser(firstname, lastname, username, email, password, confirm_code, active)
			 VALUES (?, ?, ?, ?,?, ?, ?")){
			
				 
			
            //echo "statement prepared<br/>";
			
		 //BIND PARAMETERS TO SQL STAEMENT OBJECT
		 mysqli_stmt_bind_param($stmt, "sssssss", $f, $l, $u, $e, $p, $confirm_code, $active);
				 
				 //echo "Parameters bound<br/>";
				 
		//EXECUTE STATEMENT OBJECT AND CHECK IF SUCCESSFUL
		      if(mysqli_stmt_execute($stmt)){
				  
					 $feedback = "Add User Successfully";
					 emailMbr($e, $f);
					//echo "statement executed - $feedback<br/>";
				 }else{
					 
					 $feedback = "Add User Unsuccessfully";
					 //echo "statement failed executed - $feedback<br/>";
				 }
				
               	
			 }//end prepare stmt block
			 
			 Header("Location:../presentation/registerUser.php?feedbackMsg=$feedback");
			 
			 
	}//end validation block
	
function emailMbr($e, $name){	
	
//random code
$confirm_code= getCode(7);



// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...
$to=$e;

// Your subject
$subject="Activation Link For Your Account";

// Your Header Information
$header = "MIME-Version: 1.0" . "\r\n";
$header .= "Content-type:text/html;charset=iso-8859-1" . "\r\n";
$header .="From:WAD<wsiobhan492@gmail.com>";

// Your message
$message = "
<html>
<head>
<title>HTML email</title>
</head>
<body style='background-color:pink'>
	<h3 bgcolor='#0099ff'>Your Activation Link</h3>
	<p>Hey $name,
	<br/>Please click on the link below to activate your account status</p>
	<a href='http://localhost/YOUR SITE ACTIVATION SCRIPT AND CODE HERE'>Click Here</a> To activate your account.
</body>
</html>";

// send email using PHP mail function 
ini_set("smtp_port","465"); 
$sentmail = mail($to,$subject,$message,$header);

// if your email succesfully sent
if($sentmail){
 echo "<p>Your Confirmation link Has Been Sent To Your Email Address.";
}
else {
 echo "Cannot send Confirmation link to your e-mail address";
}
}

//code genarator

function getCode($len){
	$result = "";
     $chars = "abcdefghijklmnopqrstuvwxyz$?!-0123456789";
     $charArray = str_split($chars);
       for($i = 0; $i < $len; $i++){
	     $randItem = array_rand($charArray);
	     $result .= "".$charArray[$randItem ];
}
     return $result;
}
	
	
	
	//functions at the bottom of the page
	
	//function to SANITIZE (Clean) data
	function sanitize($data){
		$data = trim($data);
		$data = stripslashes($data);
		$data = filter_var($data, FILTER_SANITIZE_STRING);
		$data = filter_var($data, FILTER_SANITIZE_SPECIAL_CHARS);
		$data = filter_var($data, FILTER_SANITIZE_MAGIC_QUOTES);
		
		//format data for storage (maintain uniformity)
		$data = strtolower($data); //lowercase
		$data = ucfirst($data); //uppercase first character of string
		
		//finally .... return the cleaned and formatted data
		return $data;
		
	} // end function sanitize
	
	
	//function to VALIDATE data
	function validate($fVal, $lVal, $uVal, $eVal, $pVal, $cVal){
		global $feedback;
		
		if($fVal="" || $fVal==null){
			$feedback  .= "Firstname required.<br/>";
		}
		
		if($lVal="" || $lVal==null){
			$feedback  .= "Lastname required.<br/>";
		}
		
		if($uVal="" || $uVal==null){
			$feedback  .= "Username required.<br/>";
		}
		
		if($eVal="" || $eVal==null){
			$feedback  .= "Email required.<br/>";
		}
		
		/*if (!preg_match("/[-0-9a-zA-Z.+_]+@[-0-9a-zA-Z.+_]+.[a-zA-Z]{2,4}/",  $e))
		{
        $feedback  .= "Email invalid.<br/>"; //Email address is invalid.
        }*/
				
		if($pVal="" || $pVal==null){
			$feedback  .= "Password required.<br/>";
		}
		
	} // end validate method
	
	function verifyCaptchaValue($cVal){
		global $feedback;
		
		include_once '/securimage/securimage.php';
	
	$securimage = new Securimage();
	
	if ($securimage->check($_POST['captcha_code']) == false) {
		// the code was incorrect
		
       $feedback .= "Incorrect captcha";
	  
	}

	}
?>

Open in new window

Comment
Watch Question
Most Valuable Expert 2011
Author of the Year 2014
Commented:
This problem has been solved!
Unlock 3 Answers and 8 Comments.
See Answers
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE