1

Hey everyone I'm creating a login system for dissertation website. I have used an external php file which contains my php code however when I preview the html file in a browser it displays nothing. Not even any of the form elements.

Any help would be greatly appreciated.

<?php
    include 'core/init.php';
    ?>

    <!doctype html>
    <html>
    <head>
    <meta charset="utf-8">
    <title>Index</title>

    </head>
    <body>
    <div>
    </div>
    <div>

    <form action='login.php' name="login" method = "POST">
    <table width=>
      <tr>
        <td><label for="Email"></label>
          Email:
          <input type="text" name="email" id="Email">
         </td>
        <td><label for="Password"></label>
          Password:

          <input type="password" name="Password" id="Password">
          </td>
        <td><input type="submit" name="Login" id="Login" value="Login"></td>
      </tr>
    </table>
    <a href="UserRegistration.php">not registered sign up</a>
    </form>
    </div>

    </body>
    </html>

core init file

<?php
session_start();
//error_reporting(0);
require '/database/connect.php';
require '/functions/general.php';
require '/functions/users.php';
$errors = array();
?>

General file

<?php
function sanitize($data) {
    return mysql_real_escape_string($data);

}
?>

User File 

}

function user_active ($email) {
    $email = sanitize ($email);
    $query = mysql_query ("SELECT COUNT ('UserID') FROM 'users' WHERE 'Email' = '$email' AND 'activated' = 1");
    return (mysql_result($query, 0) == 1) ? true : false;

}
function user_id_from_email($email){
    $email =sanitize ($email);
    return mysql_result(mysql_query("SELECT 'UserID' FROM 'users WHERE 'Email' = '@$email'"), 0, 'UserID');
}
function login ($email, $password){
 $UserID = UserID_from_username($email);
 $email = sanitize ($email);
 $password = md5 ($password);

 return(mysql_result(mysql_query ("SELECT COUNT ('UserID' FROM 'users' WHERE 'Email' = '$email' AND 'Password' = '$password'"), 0) == 1) ? $UserID : false;
};
?>

Connect File

<?php
$connect_error = 'Sorry, we\'re experiencing connection problems.';
mysql_connect('localhost','root','pass123') or die ($connect_error);
mysql_select_db('bitev2') or die ($connect_error);
?>
DollyKolly
  • 15
  • 1
  • 6
  • Whats in `core/init.php` are we supposed to guess? What have you done to try and debug your issue, have you checked your error logs? also tables should not be used for layouts because its easy to align things. – Lawrence Cherone Jan 22 '14 at 04:23
  • can you show your core/init.php so that we furthur process what wrong with your code – Agha Umair Ahmed Jan 22 '14 at 04:26

1 Answers1

0

Some issues I see but the error is most likely from your typo in the function name when attempting to call it:

UserID_from_username does not equals user_id_from_email, or is it Missing?, so its going to throw a fatal error, which you most likely don't have error reporting on so its just showing a blank page. Checking your error log will show the error.

Also the @ in the query below is going to cause issues, as it's not a concatenated string. Remove it, and check the variable is set before using.

SELECT `UserID` FROM users WHERE `Email` = '@$email'

Also, Don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO, or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.

Also, don't use md5() for password hashing. Check out best way to store password in database for better password handling.

Zoe
  • 27,060
  • 21
  • 118
  • 148
Lawrence Cherone
  • 46,049
  • 7
  • 62
  • 106