Joseph Longo
asked on
PHP Login System - Cannot Login User
Hello Experts,
I have a basic PHP login/registration system. I am able to register users without any issue. However, when I try to login as a user, I receive an error message, which I created, stating "Incorrect username." I am stumped as to where the issue/error exists. Would love assistance in troubleshooting the error. Thanks in advance!
I have a basic PHP login/registration system. I am able to register users without any issue. However, when I try to login as a user, I receive an error message, which I created, stating "Incorrect username." I am stumped as to where the issue/error exists. Would love assistance in troubleshooting the error. Thanks in advance!
LOGIN.INC.PHP
<?php
if(isset($_POST["loginToSite"])){
$username = $_POST["deputyUsername"];
$pwd = $_POST["deputyPWD"];
require_once 'dbh.inc.php';
require_once 'functions.inc.php';
if(emptyInputLogin( $username, $pwd)===true){
header("location:../index.php?error=emptyInput");
exit();
}
loginUser($conn, $username, $pwd);
}else{
header("location:../index.php?error=none");
exit();
}
?>
FUNCTIONS.INC.PHP
<?php
function emptyInputSignup($userRank, $userFirstName, $userLastName, $userID, $userUsername, $userPassword, $userPasswordRepeat, $userAgencyEmail){
$result;
if(empty($userRank) || empty($userFirstName) || empty($userLastName) || empty($userID) || empty($userUsername) || empty($userPassword) || empty($userPasswordRepeat)|| empty($userAgencyEmail)){
$result = true;
}else{
$result = false;
}
return $result;
}
function invalidUsername ($userUsername){
$result;
if(!preg_match("/^[a-zA-Z0-9]*$/", $userUsername)){
$result = true;
}else{
$result = false;
}
return $result;
}
function invalidEmail($userAgencyEmail){
$result;
if(!filter_var($userAgencyEmail, FILTER_VALIDATE_EMAIL)){
$result = true;
}else{
$result = false;
}
return $result;
}
function pwdMatch($userPassword, $userPasswordRepeat){
$result;
if($userPassword !== $userPasswordRepeat){
$result = true;
}else{
$result = false;
}
return $result;
}
function usernameExists($conn, $userUsername){
$sql ="SELECT * FROM users WHERE usersUsername = ? OR usersEmail = ?;";
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt, $sql)){
header("location:../php/signup.php?error=stmtfailed");
exit();
}
mysqli_stmt_bind_param($stmt, "s", $userUsername);
mysqli_stmt_execute($stmt);
$resultData = mysqli_stmt_get_result($stmt);
if($row = mysqli_fetch_assoc($resultData)){
return $row;
}else{
$result = false;
return $result;
}
mysqli_stmt_close($stmt);
}
function registerUser($conn, $userRank, $userFirstName, $userLastName, $userID, $userUsername, $userPassword, $userAgencyEmail){
$sql ="INSERT INTO users (usersRank, usersFirstName, usersLastName, usersID, usersUsername, usersPassword, usersEmail) VALUES (?, ?, ?, ?, ?, ?, ?);";
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt, $sql)){
header("location:../php/signup.php?error=stmtfailed");
exit();
}
$hashedUserPassword = password_hash($userPassword, PASSWORD_DEFAULT);
mysqli_stmt_bind_param($stmt, "sssssss", $userRank, $userFirstName, $userLastName, $userID, $userUsername, $hashedUserPassword, $userAgencyEmail);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
header("location:../php/signup.php?error=none");
exit();
}
function emptyInputLogin($userUsername, $userPassword){
$result;
if(empty($userUsername) || empty($userPassword)){
$result = true;
}else{
$result = false;
}
return $result;
}
function loginUser($conn, $userUsername, $userPassword){
$usernameExists = usernameExists($conn, $userUsername);
if ($usernameExists === false){
header("location:../index.php?error=incorrectUsername");
exit();
}
$hashedPassword = $usernameExists["usersPassword"];
$checkPassword = password_verify($userPassword, $hashedPassword);
if($checkPassword ===false){
header("location:../index.php?error=incorrectPassword");
exit();
}elseif($checkPassword ===true){
session_start();
$_SESSION["ID"] = $usernameExists["id"];
$_SESSION["rank"] = $usernameExists["usersRank"];
$_SESSION["firstName"] = $usernameExists["usersFirstName"];
$_SESSION["lastName"] = $usernameExists["usersLastName"];
$_SESSION["payroll"] = $usernameExists["usersID"];
$_SESSION["ID"] = $usernameExists["usersUsername"];
$_SESSION["email"] = $usernameExists["usersEmail"];
header("location:../index.php?error=none");
exit();
}
}
?>
LOGIN FORM:
<form action="includes/login.inc.php" method="post">
<table>
<tr name="employee">
<td><b><font color="white">Username:<br><br><input type="text" id="deputyRank" name="deputyUsername"></b></font><br></td>
<td><b><font color="white">Password:<br><br><input id="resizePWD" type="password" name="deputyPWD"></b></font><br></td>
<td><br><br><input type="submit" value="Login" id="LoginToSite" name="loginToSite"></td>
</tr>
</table>
<?php
if (isset($_GET["error"])){
if ($_GET["error"] == "emptyInput"){
echo "<p><font color='white'>Please fill out all fields.</font></p>";
}else if ($_GET["error"] == "wronglogin"){
echo "<p><font color='white'>Incorrect login credentials.</font></p>";
}else if ($_GET["error"] == "incorrectUsername"){
echo "<p><font color='white'>Incorrect username.</font></p>";
}else if ($_GET["error"] == "incorrectPassword"){
echo "<p><font color='white'>Incorrect password.</font></p>";
}
}
?>
</form>
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.