troubleshooting Question

PHP Login System - Cannot Login User

Avatar of Joseph Longo
Joseph LongoFlag for United States of America asked on
HTMLPHPMySQL Server
1 Comment1 Solution13 ViewsLast Modified:
Hello Experts,
I have a basic PHP login/registration system. I am able to register users without any issue. However, when I try to login as a user, I receive an error message, which I created, stating "Incorrect username." I am stumped as to where the issue/error exists. Would love assistance in troubleshooting the error. Thanks in advance!

LOGIN.INC.PHP
<?php
if(isset($_POST["loginToSite"])){
    $username = $_POST["deputyUsername"];
    $pwd = $_POST["deputyPWD"];

    require_once 'dbh.inc.php';
    require_once 'functions.inc.php';

    if(emptyInputLogin( $username, $pwd)===true){
        header("location:../index.php?error=emptyInput");
        exit();
    }
    loginUser($conn, $username, $pwd); 
}else{
    header("location:../index.php?error=none");
    exit();
}
?>

FUNCTIONS.INC.PHP
<?php
function emptyInputSignup($userRank, $userFirstName, $userLastName, $userID, $userUsername, $userPassword, $userPasswordRepeat, $userAgencyEmail){
    $result;
    if(empty($userRank) || empty($userFirstName) || empty($userLastName) || empty($userID) || empty($userUsername) || empty($userPassword) || empty($userPasswordRepeat)|| empty($userAgencyEmail)){
        $result = true;
    }else{
        $result = false; 
    }
    return $result;
}

function invalidUsername ($userUsername){
    $result;
    if(!preg_match("/^[a-zA-Z0-9]*$/", $userUsername)){
        $result = true;
    }else{
        $result = false; 
    }
    return $result;
}

function invalidEmail($userAgencyEmail){
    $result;
    if(!filter_var($userAgencyEmail, FILTER_VALIDATE_EMAIL)){
        $result = true;
    }else{
        $result = false; 
    }
    return $result;
}

function pwdMatch($userPassword, $userPasswordRepeat){
    $result;
    if($userPassword !== $userPasswordRepeat){
        $result = true;
    }else{
        $result = false; 
    }
    return $result;
}
function usernameExists($conn,  $userUsername){
    $sql ="SELECT * FROM users WHERE  usersUsername = ? OR usersEmail = ?;";
    $stmt = mysqli_stmt_init($conn);
    if(!mysqli_stmt_prepare($stmt, $sql)){
        header("location:../php/signup.php?error=stmtfailed");
        exit();
    }
    mysqli_stmt_bind_param($stmt, "s", $userUsername);
    mysqli_stmt_execute($stmt);

    $resultData = mysqli_stmt_get_result($stmt);

    if($row = mysqli_fetch_assoc($resultData)){
        return $row;
    }else{
        $result = false;
        return $result;
    }
    mysqli_stmt_close($stmt);
}

function registerUser($conn,  $userRank, $userFirstName, $userLastName, $userID, $userUsername, $userPassword, $userAgencyEmail){
    $sql ="INSERT INTO users (usersRank, usersFirstName, usersLastName, usersID, usersUsername, usersPassword, usersEmail) VALUES (?, ?, ?, ?, ?, ?, ?);";
    $stmt = mysqli_stmt_init($conn);
    if(!mysqli_stmt_prepare($stmt, $sql)){
        header("location:../php/signup.php?error=stmtfailed");
        exit();
    }

    $hashedUserPassword = password_hash($userPassword, PASSWORD_DEFAULT);

    mysqli_stmt_bind_param($stmt, "sssssss", $userRank, $userFirstName, $userLastName, $userID, $userUsername, $hashedUserPassword, $userAgencyEmail);
    mysqli_stmt_execute($stmt);
    mysqli_stmt_close($stmt);
    header("location:../php/signup.php?error=none");
    exit();
}

function emptyInputLogin($userUsername, $userPassword){
    $result;
    if(empty($userUsername) || empty($userPassword)){
        $result = true;
    }else{
        $result = false; 
    }
    return $result;
}

function loginUser($conn, $userUsername, $userPassword){
    $usernameExists = usernameExists($conn,  $userUsername);

    if ($usernameExists === false){
        header("location:../index.php?error=incorrectUsername");
        exit();
    }

    $hashedPassword = $usernameExists["usersPassword"];
    $checkPassword = password_verify($userPassword, $hashedPassword);

    if($checkPassword ===false){
        header("location:../index.php?error=incorrectPassword");
        exit();
    }elseif($checkPassword ===true){
        session_start(); 
        $_SESSION["ID"] = $usernameExists["id"];
        $_SESSION["rank"] = $usernameExists["usersRank"];
        $_SESSION["firstName"] = $usernameExists["usersFirstName"];
        $_SESSION["lastName"] = $usernameExists["usersLastName"];
        $_SESSION["payroll"] = $usernameExists["usersID"];
        $_SESSION["ID"] = $usernameExists["usersUsername"];
        $_SESSION["email"] = $usernameExists["usersEmail"];
        header("location:../index.php?error=none");
        exit();
    }

}
?>

LOGIN FORM:

<form action="includes/login.inc.php" method="post">
    <table>
    <tr name="employee">
    <td><b><font color="white">Username:<br><br><input type="text" id="deputyRank" name="deputyUsername"></b></font><br></td>
        <td><b><font color="white">Password:<br><br><input id="resizePWD" type="password" name="deputyPWD"></b></font><br></td>
            <td><br><br><input type="submit" value="Login" id="LoginToSite" name="loginToSite"></td>
            </tr>
            </table>
            <?php
            if (isset($_GET["error"])){
                if ($_GET["error"] == "emptyInput"){
                    echo "<p><font color='white'>Please fill out all fields.</font></p>";
                }else if ($_GET["error"] == "wronglogin"){
                    echo "<p><font color='white'>Incorrect login credentials.</font></p>";
                }else if ($_GET["error"] == "incorrectUsername"){
                    echo "<p><font color='white'>Incorrect username.</font></p>";
                }else if ($_GET["error"] == "incorrectPassword"){
                    echo "<p><font color='white'>Incorrect password.</font></p>";
                }
            }
            ?>
</form>


Open in new window

ASKER CERTIFIED SOLUTION
Log in to continue reading
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform for $9.99/mo
View membership options
Unlock 1 Answer and 1 Comment.
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
The Value of Experts Exchange in My Daily IT Life

Experts Exchange (EE) has become my company's go-to resource to get answers. I've used EE to make decisions, solve problems and even save customers. OutagesIO has been a challenging project and... Keep reading >>

Mike

Owner of Outages.IO
Phoenix, Arizona, United States
Member Since 2016
Join a full scale community that combines the best parts of other tools into one platform.
Unlock 1 Answer and 1 Comment.
View membership options
“All of life is about relationships, and EE has made a virtual community a real community. It lifts everyone's boat.”
William Peck

Member since 2004