473,503 Members | 1,656 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

any one help me with this code !!!

1 New Member
i am trying to built urer registration and user login page

the registration page works perfectly fine.(the enterted data is stored the the database with $hash password)

Expand|Select|Wrap|Line Numbers
  1. <?php
  2.  
  3.  
  4. $showError="false";
  5. if($_SERVER["REQUEST_METHOD"] == "POST"){
  6.     include '_dbconnect.php';
  7.  
  8.     $user_email = $_POST['signupemail'];
  9.     $pass = $_POST['signuppassword'];
  10.     $cpass = $_POST['signuppassword'];
  11.  
  12.     // check wether this email exists
  13.  
  14.     $existSql="select * from `users` where user_email = '$user_email'";
  15.     $result = mysqli_query($conn, $existSql);
  16.     $numRows = mysqli_num_rows($result);
  17.     if($numRows>0){
  18.         $showError = "Email already in use";
  19.     } else{
  20.         if($pass == $cpass){
  21.            $hash = password_hash($pass, PASSWORD_DEFAULT);
  22.            $sql =" INSERT INTO `users` ( `user_email`, `user_pass`, `timestamp`) VALUES ('  $user_email', '  $hash', current_timestamp())";
  23.            $result = mysqli_query($conn, $sql);
  24.            if($result){
  25.             $showAlert=true;
  26.             header("Location:/wediscuss%20forum/index.php?signupsuccess=true");
  27.             exit();
  28.            }
  29.         }else{
  30.             $showError ="passwords do not match";  
  31.  
  32.         }
  33.     }
  34.     header("Location:/wediscuss%20forum/index.php?signupsuccess=false&error= $showError ");
  35. }
  36.  
  37.  
  38.  
  39. ?>
The problem arises when i try to login . the page gets redirected but the echo is not working ( like printing THIS user is loged in)

Expand|Select|Wrap|Line Numbers
  1. <?php
  2. $showError = "false";
  3. if($_SERVER["REQUEST_METHOD"] == "POST"){
  4.   include '_dbconnect.php';
  5.   $email = $_POST['loginEmail'];
  6.   $pass = $_POST['loginPass'];
  7.  
  8.   $sql = "SELECT * FROM `users` where user_email='$email'";
  9.   $result = mysqli_query($conn, $sql);
  10.   $numRows = mysqli_num_rows($result);
  11.   if($numRows==1){
  12.     $row = mysqli_fetch_assoc($result);
  13.     if(password_verify(  $email, $row['user_pass'])){
  14.           session_start();
  15.           $_SESSION['loggedin'] = true;
  16.             $_SESSION['slno'] = $row['slno'];
  17.             $_SESSION['useremail'] = $email;
  18.             echo "loggedin". $email;
  19.  
  20.         } 
  21.         else{
  22.           echo "unable to login";
  23.  
  24.         }
  25.     }
  26.  
  27.  
  28. ?>
Sep 11 '22 #1
1 16996
bakertaylor28
45 New Member
Expand|Select|Wrap|Line Numbers
  1.  header("Location:/wediscuss%20forum/index.php?signupsuccess=false&error= $showError ");
  2.  
This is your problem - logins are better done by storing a session var:

Expand|Select|Wrap|Line Numbers
  1. ...
  2. // After checking against database We set session variable to 0 when logged out and 1 when logged in
  3. $_SESSION['login'] === foo;
  4.  
  5. //We then evaluate for login:
  6. if  ($_SESSION['login'] === 1) {
  7. //show pasword protected content 
  8.  header("Location:/protected/content.php");
  9. } elseif ($_SESSION['login'] === 0) {
  10. // deny access
  11.  header("Location:/path/to/static/errorpage.php ");
  12. } else {
  13. die();
  14. }
  15. ...
  16.  
We check the session var on every protected page or location. it is important that we use === not == or = in order to prevent code injection, any time we're anywhere around SQL.
Feb 25 '23 #2

Sign in to post your reply or Sign up for a free account.

Similar topics
1
1337
can sm 1 help me transform this code to C# code??
by: lily82 | last post by:
can sm 1 help me transform this code to C# code?? tq so much :wink: Goto : <% Dim counter Dim page Dim pages counter= 10 pages = 20 page = 1
.NET Framework
12
3272
What do other's make of this code?
by: Steven T. Hatton | last post by:
This is something I've been looking at because it is central to a currently broken part of the KDevelop new application wizard. I'm not complaining about it being broken, It's a CVS images. ...
C / C++
5
2163
Possible to hide code outside the mdb and use this code?
by: Arno R | last post by:
Hi all, Is it possible to 'hide' code (e.g. in a mde) and to use this in app.mdb? Reason for asking: I have made some of the applications a client (health-care organisation) works with. My...
Microsoft Access / VBA
2
2676
Why Does This Code Work SOOOO Slow?
by: blongmire | last post by:
.... I know just enough to be dangerous, but the real danger is that I might fall asleep and hit my head on my keyboard waiting for this code to finish executing. Some preliminaries: WinXP Pro,...
Microsoft Access / VBA
6
2630
what is wrong with this code ? hi-q
by: Niklaus | last post by:
Hi, Can someone point out what is wrong with this code ? How can i make it better optimize it. When run it gives me seg fault in linux. But windows it works fine(runs for a long time). Do we...
C / C++
6
1731
How to convert this code from C# to VB.NET?
by: Chris | last post by:
When I run this code in VB.NET, it hangs on the GeneratePerlinTexture call. I think it is because I am not calling it correctly. The C# code that works: static extern unsafe void...
Visual Basic .NET
53
3121
What do you think about the code?
by: jaso | last post by:
Can you give any comments on this code? I used one goto, is it bad? #include <stdio.h> #include <stdlib.h> #include <ctype.h> #include <string.h> #include <assert.h> #define NOT_NULL 1
C / C++
54
3339
Tryiing just to read/understand this code
by: smnoff | last post by:
Below is a section from string.c at this linkhttp://cvs.opensolaris.org/source/xref/on/usr/src/common/util/string.cthat I am trying to fully understand.I don't fully understand LINE 514; not to...
C / C++
21
1612
Why is this code compiling properly??
by: onkar | last post by:
#include<stdio.h> int i; int i; int main(){ printf("i=%d\n",i); return 0; } Note : I am using gcc-3.4.3 on i386-redhat-linux
C / C++
8
1755
serious help - #Name error in txtHosp whenever this code is ran
by: teneesh | last post by:
I am trying to get rid of the #Name error that appears in my txtHosp text box when I run this code. the code below is also a call command, so any time I am updating a combo box, the following error...
Microsoft Access / VBA
0
7072
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
7271
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
7319
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
1
6979
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
4666
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp
0
3149
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
0
1498
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
C# / C Sharp
1
730
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
0
373
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us