-1

i m using 000webhost.com for testing my website... when i was using localhost the form was working properly.. link to the testing website

the errors which it shows are jquery ajax based... i don't think there is any problem in ajax, i think the form is not calling action

form...

<form action="login.php" method="post" id="login">
    <input id="email" placeholder="E-mail" type="text" name="em" />
    <input id="email" placeholder="Password" type="password" name="pwd"/>
    <div class="txt1"><input type="checkbox" name="check" />Keep me logged in |<a href="#"> Forgot Password ?</a></div>
    <input type="submit" id="loginButton" value="Login" name="log" />
    </form>

login.php page..

<?php
session_start();
include "incfiles/connection.php";
$user_login=$_POST['em'];
$password_login=$_POST['pwd'];
$password_login = md5($password_login);

if(empty($user_login) || empty($password_login))
{
die (retmsg(0,"Please fill Email and Password"));
}

$query = mysqli_query($con,"select * from registration where email='$user_login' and password='$password_login'");
$read = mysqli_num_rows($query);

if(!$read)
{
    die (retmsg(0,"Incorrect Email or Password"));
}
else
{
    while($row = mysqli_fetch_array($query)){ 
         $id = $row["id"];
    }
     $_SESSION["id"] = $id;
     $_SESSION["user_login"] = $user_login;
     $_SESSION["password_login"] = $password_login;
     if (isset($_SESSION["user_login"]) && isset($_SESSION["password_login"]))
     {echo retmsg(1,"profile.php?id=$id");}
 }

 function retmsg($status,$txt)
 {
return json_encode(array('status' => $status, 'txt' => $txt));
 }
 ?>
Vijay Verma
  • 3,660
  • 2
  • 19
  • 27
vishal vasistha
  • 206
  • 3
  • 6
  • It seems that the response is not JSON: "
    PHP Error Message

    Warning: mysqli_connect() [function.mysqli-connect]: (28000/1045): Access denied for user 'root'@'localhost' (using password: NO)...     – José M. Pérez Nov 17 '13 at 07:58
  • your response says you mysql localhost permission denied, check your credentials – Drixson Oseña Nov 17 '13 at 07:58
  • **WARNING!** Your code contains an [SQL injection vulnerability](http://en.wikipedia.org/wiki/SQL_injection) -- you are passing raw, unfiltered, unvalidated user input directly into an SQL string. SQL injection is [very easy to fix](http://stackoverflow.com/q/60174/168868). Use [prepared statements with parameterized queries](http://en.wikipedia.org/wiki/Prepared_statement) instead of concatenating variables into SQL. – Charles Nov 17 '13 at 08:04
  • thank you friends... i got it... – vishal vasistha Nov 17 '13 at 08:05

1 Answers1

1

I looked at your site. The response from your server includes

Access denied for user 'root'@'localhost' (using password: NO)

Check the database login credentials you are using, and ensure that you are using a password to log in to the database.

  • This. Check 'incfiles/connection.php' to see the credentials contained in the $con = new mysqli() string. – StigM Nov 17 '13 at 08:03