Hey guys I have no idea why this wont work...It doesn't seem to want to pick up the POST values....I can't figure it out
This is loginbox
<div class="loginbox">
<form action="processlogin.php" method="post">
<table width="100%" border="0" cellspacing="0" cellpadding="5">
<tr>
<td>Username</td>
<td><input type="text" name="UserName" /></td>
</tr>
<tr>
<td>Password</td>
<td><input type="text" name="Password" /></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" value="Login" /></td>
</tr>
<tr>
<td> </td>
<td><span style="font-size:12px;"><a href="adduser.php">Click here to register</a></span></td>
</tr>
</table>
</form>
This is just a box I embed into my index template.
<div class="header">
{if loggedin == false}
<h1>welcome</h1>
{else}
{include file="loginbox.tpl"}
{/if}
</div>
Loginbox when submited goes to processlogin.php which is this
<?php
include '/usr/local/Smarty/libs/Smarty.class.php';
require "includes/defs.php";
$smarty = new Smarty;
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
// Get any error message
$error = @$_GET['error'];
} else
{
$UserName = @$_POST['UserName'];
$Password = @$_POST['Password'];
echo $UserName;
}
processlogin($UserName, $Password);
?>
This calls the function processlogin...but even before that I was testing to see if I could even get UserName and I can't...
function processlogin($UserName, $Password){
echo $UserName;
session_start();
$UserName = mysq开发者_StackOverflow社区l_escape_string($UserName);
$Password = md5($Password);
echo $UserName;
$connection = mysql_open();
$SQL = "SELECT * FROM tblUsers WHERE UserName = '$UserName' AND UserPass = '$Password'";
$Result = @ mysql_query($SQL)
or showerror();
if(mysql_num_rows($Result) > 0)
{
$DATA = mysql_fetch_assoc($Result);
$_SESSION['userID'] = $DATA['ID'];
$_SESSION['Loggedin'] = "true";
echo 'true';
//header("Location:index.php");
}
else
{
$_SESSION['Loggedin'] = "false";
echo 'trdddde';
//header("Location:index.php");
}
}
This is the function...you will see I just have random tests in which make no real sense. I am just trying to make it show things along the way so I can figure out what's going wrong
Sorry for my poor coding skills. I've only been learning for 2 or so months now.
By the looks of what you've posted, you're stopping your session from being started properly by echoing debug info:
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
// Get any error message
$error = @$_GET['error'];
} else {
$UserName = @$_POST['UserName'];
$Password = @$_POST['Password'];
echo $UserName;
}
processlogin($UserName, $Password);
The call to session_start
is in the processlogin
function, which comes after you've already output content to the browser. This is what the PHP maunal says:
To use cookie-based sessions, session_start() must be called before outputing anything to the browser.
Try removing the line echo $UserName;
HTH.
p.s. Seeing as you're a beginner, note that your processlogin
function is susceptible to SQL Injection attacks.
精彩评论