Log in system is not working

Question

I have created a simple log in page but the code isn't working. I tried checking console but it was not giving me any errors. The out put is "0 results". I tried to correct it but i couldn't. Please see the code for your reference: Could you guys tell me the error?

<html>
    <head>
        <title>Login Page</title>
    </head>

    <body>
        <?php
            include ('conn.php');

            $un = isset($_POST['name']);
            $up = isset($_POST['pass']);

            $query = "select * from login where l_name = '$un' AND l_pass = '$up'";
            $result = mysqli_query($conn, $query);

            $count = 0;

            if(mysqli_num_rows($result) > 0) {

                while ($row = mysqli_fetch_assoc($result)) {
                    $name = $row['l_name'];
                    $pass = $row['l_pass'];

                    if ($un == $name && $up == $pass) {
                        $count = 1;
                    }

                    if($count==1 && !empty($un) && !empty($pa))
                     echo"Your Successfully Logged";
                     else
                     echo"You Failed";

                }

            }

            else{
                echo "0 result";



        ?>

        <form name="form1" method="POST">
            <fieldset>
            <legend> Log in </legend>
            <label> Username: <input type="text" name="name" />
            <label> Password :<input type="text" name="pass" /> 
        </fieldset>
        <input type="submit" name="submit" value="Submit">
        </form>
    </body>
</html>

Did Mike his answer fix it? It should have – Loko Mar 24 '15 at 09:18 — Loko, Mar 24 '15 at 09:18

score 2 · Answer 1 · answered Mar 24 '15 at 08:53

2

The problem is with these lines:

$un = isset($_POST['name']);
$up = isset($_POST['pass']);

Replace them with the below ones. They should read:

$un = isset($_POST['name']) ? $_POST['name'] : '';
$up = isset($_POST['pass']) ? $_POST['pass'] : '';

answered Mar 24 '15 at 08:53

NaijaProgrammer

2,892
2
24
33

Vivek Singh · Answer 2 · 2015-03-24T09:02:45.133

<?php
            include ('conn.php');

            if(isset($_POST['name']) && $_POST['name']!='')
{
$un = $_POST['name'];
}
 if(isset($_POST['pass']) && $_POST['pass']!='')
{
 $up = $_POST['pass'];
}
  $query = "select * from `login` where `l_name` = '".$un."' AND `l_pass` = '".$up."'";
            $result = mysqli_query($conn, $query);

            $count = 0;

            if(mysqli_num_rows($result) > 0) {

                while ($row = mysqli_fetch_assoc($result)) {
                    $name = $row['l_name'];
                    $pass = $row['l_pass'];

                    if ($un == $name && $up == $pass) {
                        $count = 1;
                    }

                    if($count==1 && !empty($un) && !empty($pa))
                     echo"Your Successfully Logged";
                     else
                     echo"You Failed";

                }

            }

            else{
                echo "0 result";



        ?>

Did you see these lines in your code: `if(isset($_POST['pass']) && $_POST['pass']!='') { $up = isset($_POST['pass']); }` Is that actually what you meant? isset() will return a boolean value, and not the value contained in the POST super-global — NaijaProgrammer, Mar 24 '15 at 08:59

score 0 · Answer 3 · edited May 23 '17 at 12:22

0

There are a few errors:

$un = $_POST['name'];
$up = $_POST['pass'];

you forgot to close your else:

else{
    echo "0 result";
}

and some notes:

Give an error when the mysqli_query fails.
Encrypt the password
You're open to mysql injection

edited May 23 '17 at 12:22

Community

1
1

answered Mar 24 '15 at 09:02

Loko

6,539
14
50
78

NaijaProgrammer · Accepted Answer · 2015-03-24T09:07:28.833

A more robust code will be:

<html>
<head>
    <title>Login Page</title>
</head>

<body>
    <?php
        include ('conn.php');

        $un = isset($_POST['name']) ? $_POST['name'] : '';
        $up = isset($_POST['pass']) ? $_POST['pass'] : '';

       if(empty($un) || empty($up))
       {
          echo 'Please fill in the name and password fields';
       }
       else
       {
           $un = mysqli_real_escape_string($conn, $un);
           $up = mysqli_real_escape_string($conn, $up);

           $query = "select * from login where l_name = '$un' AND l_pass = '$up'";
           $result = mysqli_query($conn, $query);

           $count = 0;

           if(mysqli_num_rows($result) > 0) {

              while ($row = mysqli_fetch_assoc($result)) {
                  $name = $row['l_name'];
                  $pass = $row['l_pass'];

                  if ($un == $name && $up == $pass) {
                     $count = 1;
                  }

                  if($count==1){
                    echo"Your Successfully Logged";
                  }
                 else{
                  echo"You Failed";
                 }
              }
           }

           else{
            echo "0 result";
           }
        }
    ?>

    <form name="form1" method="POST">
        <fieldset>
        <legend> Log in </legend>
        <label> Username: <input type="text" name="name" />
        <label> Password :<input type="text" name="pass" /> 
    </fieldset>
    <input type="submit" name="submit" value="Submit">
    </form>
</body>

In the first, I was merely pointing out the erroneous parts of the code. In the second, I did a re-write of the code. Maybe I should delete the first, anyway. — NaijaProgrammer, Mar 24 '15 at 09:09

Log in system is not working

4 Answers4