0

I'm trying to make log in and register script with php and html. It doesn't work and i ant press a button. What am i doing wrong? I'm new to programming sites.This is HTML :

Register:

<form action="register.php" method="post">
<input  type=text name="uid" /><br/></form>
<form action="register.php" method="post">
<input type="password" name="pass" /><br/>
</form>

<input type="submit" action="register.php" name="R" value="Sign Up" />

PHP:

require "sqlconnect.php"


$pass=$_POST("pass")
$uid=$_POST("uid")
$clicked=$_POST("R")


if($uid and $pass) { 

 connection()

 $ins = @mysql_query("INSERT INTO Users SET id='$uid', pass='$pass'"); 

 if($ins) 
 echo "Registered!You can log in now :)";
 header("Location: index2.php"); 

 else echo "Error!"; 

mysql_close($connection);

Log in:

<center><cc><b>Please login to proceed:</b></cc></center>
<center><form action="login.php" method="post" style="border-color:#0068AD" >
<input  type=text name="uid" /><br/></form>
<form action="login.php" method="post" style="border-color:#0068AD" >
<input type="password" name="pass" /><br/>
</form>
<input type="submit" action="login.php" name="L" value="Log in"/><br/>
<center><cc><a href="register.html"> Register </a></cc></center>

PHP:

 require "sqlconnect.php"

connection()


$pass=$_POST("pass")
$uid=$_POST"uid")
$clicked=$_POST("L")

$pass = "SELECT `pass` FROM `Users` WHERE `id`='$uid'";
$passcheck = mysql_query($pass);

    if($clicked>1||$passcheck=true)
        header=index3.html
        elseif(clicked>1||passcheck=false)
            echo ("Wrong username or password")


 mysql_close($connection)
Improve this question
2
  • 4
    What am i doing wrong? Nearly everything Commented Aug 26, 2011 at 18:06
  • Maybe you should look it up on google; so many good tutorials on this subject out there. Commented Aug 26, 2011 at 18:26

7 Answers 7

Reset to default
3

wow. there are a lot of mistakes

$pass=$_POST("pass")
$uid=$_POST("uid")
$clicked=$_POST("R")

should be 

$pass=$_POST["pass"];
$uid=$_POST["uid"];
$clicked=$_POST["R"];

you forgot a lot of semicolons

form should look like 

<form action="login.php" method="post" style="border-color:#0068AD" >
    <input type="password" name="pass" /><br/>
    <input type="submit" action="login.php" name="L" value="Log in"/>
</form>
<br/>

(submit must be in form)

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Good catch, I didn't even notice that. The OP should definitely look at his PHP error logs.
1

Your submit button needs to be inside your form element, and you should have all inputs inside the same (single form)

HTML should be something like:

<form action="register.php" method="post">
  <b>Username:</b> <input type="text" name="uid" /><br/>
  <b>Password:</b> <input type="password" name="pass" /><br/>
  <input type="submit" name="R" value="Sign Up" />
</form>

While your PHP for retrieving data from the $_POST array should be:

$pass=$_POST["pass"];
$uid=$_POST["uid"];

And you should be escaping both those values before you include them in a SQL statement (to prevent SQL injection).

So your $pass line should be something like:

$pass = "SELECT `pass` FROM `Users` WHERE `id`='"+
   mysql_real_escape_string($uid)+"'";

And your $ins line should be something like:

$ins = @mysql_query("INSERT INTO Users SET id='".mysql_real_escape_string($uid)+
   "', pass='"+mysql_real_escape_string($pass)+"'");

And you should be either hashing or encrypting people's passwords before storing.

Improve this answer

Comments

1

Your forms are broken. All of your inputs need to be inside one form in order to all be submitted in the same POST:

<form action="register.php" method="post">
  <input type=text name="uid" /><br/>
  <input type="password" name="pass" /><br/>
  <input type="submit" action="register.php" name="R" value="Sign Up" />
</form>

And:

<center><cc><b>Please login to proceed:</b></cc></center>
<center>
  <form action="login.php" method="post" style="border-color:#0068AD" >
    <input type=text name="uid" /><br/>
    <input type="password" name="pass" /><br/>
    <input type="submit" action="login.php" name="L" value="Log in"/><br/>
  </form>
</center>
<center><cc><a href="register.html"> Register </a></cc></center>

(Also, it's best not to use the center tag anymore. I understand that you're just getting started, but you'll want look into using CSS for your styling sooner rather than later. It will lead to much cleaner and easier to manage HTML markup.)

Improve this answer

1 Comment

@genesis φ: Indeed, there is much to be improved here.
1

This is my best guess at what you were trying to do based on the original code. I would like to see inside sqlconnect.php to see what's going on in there...

Corrections are FAR too numerous to mention, ask specific questions about anything you don't understand...

Register

HTML:

<form action="register.php" method="post">
    <!-- forms should contain ONLY block level elements as direct children! -->
    <div>
        <input type="text" name="uid" /><br/>
        <input type="password" name="pass" /><br/>
        <input type="submit" value="Sign Up" />
    </div>
</form>

PHP:

$pass = $_POST["pass"];
$uid = $_POST["uid"];

if ($uid and $pass) { 
    require "sqlconnect.php";
    connection();
    $ins = @mysql_query("INSERT INTO `Users` (`id`,`pass`) VALUES ('".mysql_real_escape_string($uid)."','".mysql_real_escape_string($pass)."')"); 
    if ($ins) {
        echo "Registered! You can log in now :)";
        header('HTTP/1.1 302 Found');
        header("Location: http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/index2.php");
    } else echo "Error!";
    mysql_close($connection);
}



Log In

HTML:

<form action="login.php" method="post" style="border-color:#0068AD;">
    <div>
        <center><b>Please login to proceed:</b></center><br/>
        <center><input type="text" name="uid" /><br/>
        <center><input type="password" name="pass" /></center><br/>
        <center><input type="submit" value="Log in"/></center>
    </div>
</form>
<center><a href="register.html">Register</a></center>

PHP:

require "sqlconnect.php";
connection();


$pass = $_POST["pass"];
$uid = $_POST["uid"];

if (!$passcheck = mysql_query("SELECT `pass` FROM `Users` WHERE `id`='".mysql_real_escape_string($uid)."'")) die('MySQL Error');
$passcheck = mysql_fetch_assoc($passcheck);
mysql_close($connection);

if ($passcheck['pass'] == $pass) {
  header('HTTP/1.1 302 Found');
  header("Location: http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/index3.html");
} else echo ("Wrong username or password");
Improve this answer

Comments

0

All fields and the button should be inside the same form. Don't use a different form for each one. I'm on mobile, so I can't post code. Left as community wiki so people will add it.

Improve this answer

Comments

0

At first glance your SQL INSERT statement is incorrect. It should be INSERT INTO users (id,pass) VALUES ('$id','$pass'). There are also a lot of syntax errors that you'll need to look into.

Improve this answer

Comments

0

Your submit button should be inside your form, otherwise it won't know what to submit. You should also review the security of your form, when interacting with the database you should always sanitise data with mysql_real_escape_string().

So it should read:

$pass = mysql_real_escape_string($_POST["pass"]);
$uid = mysql_real_escape_string($_POST["uid"]);
$clicked = mysql_real_escape_string($_POST["L"]);

You're also missing a lot of semi-colons which should go at the end of every single line as shown above.

You should also use double equal signs (==) or triple equals sign (===) when comparing statements in an if statement, so yours should read:

if($clicked> 1 || $passcheck == true)

You should also include curly braces, so the full if should look like:

if($clicked>1||$passcheck=true) {
    header = index3.html; //This should probably be header = 'index3.html'
} elseif(clicked> 1 || passcheck == false) {
    echo ("Wrong username or password");
}

I've probably missed some, but there are lots of errors.

Improve this answer

1 Comment

How should i put them in the same form?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.