0

Good evening! I believe I might have a problem with my php setup. I installed XAMPP and at the same time added mysql. I have taken code from website http://www.phpeasystep.com/phptu/6.html setting up the mysql database, the main_login.php, checklogin.php (with user and password info added), login_success.php, and checklogin.php through cut and paste. I am assuming that the code is correct. I saved them into a folder C:\xampp\htdocs\UnnamedSite2. When I attempt to run the code, after entering the user name and password, I get the following:

Notice: Undefined index: myusername in C:\xampp\htdocs\UnnamedSite2\checklogin.php on line 14

Notice: Undefined index: mypassword in C:\xampp\htdocs\UnnamedSite2\checklogin.php on line 15 Wrong Username or Password

What might be the problem?

main_login.php

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

checklogin.php

<?php
$host="localhost"; // Host name 
$username="web"; // Mysql username 
$password="foo.bar"; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

<?php
session_start();
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>

login_success.php

<html>
<body>
Login Successful
</body>
</html>

Logout.php

<?php 
session_start();
session_destroy();
?>
Improve this question
5
  • 1
    Put your the <form></form> tags outside of <table></table>. It's easy to make mistake if you mix the form tags with the table elements. Commented Jun 7, 2015 at 1:43
  • @frz3993, that shouldn't make a difference and isn't necessary. Commented Jun 7, 2015 at 1:45
  • 1
    To the OP: I don't see any reason those $_POST vars wouldn't exist, but this tutorial is outdated. You should be avoiding mysql_* functions and real_escape_string and be using PDO/mysqli with prepared statements. Commented Jun 7, 2015 at 1:48
  • @Devon: actually, it makes a difference - unexpected markup in tables is handled in surprising ways. (Invalid HTML causes problems, who'd have seen that coming?) Commented Jun 7, 2015 at 4:18
  • I swapped the form tags. It acted the same. I have no clue how to do the PDO/mysqli suggestion. Commented Jun 7, 2015 at 14:20

3 Answers 3

Reset to default
0

The error means there are no 'myusername' and 'mypassword' in your $_POST array. Try adding this:

var_dump($_POST);

Somewhere in your checklogin script to check the contents of said variable.

It will help debugging

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I added it to the first line after the ,?php. I got: array(0) { }
0

The problem seems to be with Expression web 4. When I ran the code in Dremweaver, and replaced the deprecated global sessions, everything started working. Thanks for looking into this.

Improve this answer

Comments

-1

i cannot see your error but this one :

error_reporting(E_ALL & ~E_NOTICE);

(to make error disappear)

Improve this answer

3 Comments

Closing your eyes and pretending the error doesn't exist won't make it go away. It won't make the code run properly either.
@DCoder i agree with you but i prefer to ignore uninitialized variable error, in this case, 'myusername' is uninitialized, other error will show as usual
@Yassuki However, in this case it means $_POST isn't being populated... hence te uninitialized variable. Warning and notices are there for a reason. Ignoring errors is (almost) never a good option.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.