-2

Session id is not showing with an error message Notice: Undefined index: UserID also if i redirect non logged in users i will not log into the home page iether.. here is my file could anyone please show me where i am going wrong.

here is the home page:

<?php 
require ("insert.php"); 
session_start();
if (isset($_SESSION["UserID"])){
}
else {
    echo "session not transferring";
}
?>



<!DOCTYPE html>
<html lang="en-US">
<head>
    <title>AMSadler</title>
    <meta charset="utf-8">
    <meta name="description" content="description of webpage">
    <meta name="keywords" content="keywords go here">
    <meta name="author" content="Anthony">
    <link rel="stylesheet" href="css/style.css">
    <link rel="stylesheet" href="css/home.css">
    <link rel="icon" href="img/favicon.png" sizes="16x16" type="image/png">
</head>
<body>

        <div class="header">

            <div id="logo">
                <a href="index.html"><img src="img/logo.png" alt="logo" title="AMSadler.com"/></a>
            </div>

            <div id="headertop">
                <div id="pagetitle">
                    <a href="home.php">HOME</a>
                </div>

                <div id="pagetitle2">
                    <a href="profile.php">PROFILE</a>
                </div>
                <div id="pagetitle3">
                    <h4>Welcome:<?php echo $_SESSION{"UserID"};?>to your page</h4>
                </div>
            </div>

        </div>

            <div class="wrapper">

                <div class="leftsidebar">
                    <ul>
                        <li><a href="home.php">blah</a></li>
                        <li><a href="#">blah</a></li>
                        <li><a href="#">blah</a></li>
                        <li><a href="#">blah</a></li>
                        <li><a href="#">blah</a></li>
                        <li><a href="#">blah</a></li>
                        <li><a href="#">blah</a></li>
                        <li><a href="#">blah</a></li>
                        <li><a href="#">blah</a></li>
                        <li><a href="#">blah</a></li>
                    </ul>
                </div>

                <div class="main">
                    <div id="maintop">
                        <div id="textboxwrap">
                            <textarea name="text" id="styled"rows="5" cols="80" placeholder="Write something here.">
                            </textarea> 
                        </div>

                        <div id="postbutton">
                            <input type="submit" name="post" value="Post" />
                        </div>
                    </div>

                    <div id="mainbottom1">
                        <div ="mainbottomwrap">
                            Your posts will go here.<br>Your posts will go here.<br>Your posts will go here.<br>Your posts will go here.<br>
                            Your posts will go here.<br>Your posts will go here.<br>Your posts will go here.<br>Your posts will go here.<br>
                            Your posts will go here.<br>Your posts will go here.<br>Your posts will go here.<br>Your posts will go here.<br>
                            Your posts will go here.<br>Your posts will go here.<br>

                        </div>
                    </div>
                </div>

                <div class="rightsidebar">
                    <div id="profilecontainer">
                        <img src="img/profile.png" alt="Upload a profile pic" title="profile pic" />
                    </div>

                    <div id="box">
                        <a href="#">blah</a><br>
                        <a href="#">blah</a><br>
                        <a href="#">blah</a><br>
                        <a href="#">blah</a><br>
                        <a href="#">blah</a><br>
                        <a href="#">blah</a><br>
                        <a href="#">blah</a><br>
                        <a href="#">blah</a>
                    </div>
                </div>
            </div>

</body>
</html>

================================================================== and here is the login page to get there. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

<?php require ("insert.php"); ?>
<?php
    if(isset($_POST[ 'Login' ]))
    {
    $email= mysqli_real_escape_string($con, $_POST ['email']);
    $pswrd= mysqli_real_escape_string($con, $_POST ['pswrd']);

    $result = $con->query (" select * from users where email='$email' AND pswrd='$pswrd' ");

    $row = $result->fetch_array(MYSQLI_BOTH);

    session_start();

    $_SESSION["User ID"] = $row['UserID'];
    header ('Location: home.php');
    }
?>
<!DOCTYPE html>
<html lang="en-US">
<head>
    <title>AMSadler login</title>
    <meta charset="utf-8">
    <meta name="description" content="description of webpage">
    <meta name="keywords" content="keywords go here">
    <meta name="author" content="Anthony">
    <link rel="stylesheet" href="css/style.css">
    <link rel="stylesheet" href="css/login.css">
    <link rel="index" href="index.php">
    <link rel="icon" href="img/favicon.png" sizes="16x16" type="image/png">
</head>
<body>

        <div class="header">
            <div id="logo">
                <a href="index.html"><img src="img/logo.png" alt="logo" title="AMSadler.com"/></a>
            </div>

            <div id="signup">
                <button type="button"><a href="signup.php">Sign up</a></button>
            </div>
        </div>

        <div id="login">
            <form action="home.php" method="post">
                <input type="text" name="email" placeholder="Email address">
                <br>
                <input type="password" name="password" placeholder="Password">
                <br>
                <input id="Login" type="submit" name="Login" value="Login">
            </form>
        </div>

        <footer>
            <div id="copyright">
                <p>&copy Copyright 2015</p>
            </div>
        </footer>

</body>
</html>
Anthony Sadler
  • 25
  • 9
  • their is a typo error.Their is space in `User ID` in the form page but no space in `UserID` on home page. – Pushkar Aug 09 '15 at 04:04

2 Answers2

2

I sure hope you're just posting an example and that you're not storing plaintext password values...anyway...

I don't have enough reps to add a comment to @Bono, but in addition to his findings, you're also using the following POST:

$_POST ['pswrd']

But on your form, you have:

<input type="password" name="password" placeholder="Password">

Either the form name for the password needs to change or the POST you're looking for.

user8735467239
  • 376
  • 3
  • 15
1

In your login page you're assigning the variable as this:

$_SESSION["User ID"] = $row['UserID'];

But on the home page you're looking for UserID.

Change:

$_SESSION["User ID"] = $row['UserID'];

to

$_SESSION["UserID"] = $row['UserID'];

The point you're getting your error from is from your usage in the HTML where you say:

<h4>Welcome:<?php echo $_SESSION{"UserID"};?>to your page</h4>

In the first instance you're using isset(), but here you're suddenly assuming it's there and ready for use. Either way you should edit the User ID variable, so this stops throwing an error. You might also want to add an isset() statement here.

P.S. Also heed Victor Perez's answer concering your password. And don't store them as plain text. You're literally just checking the POST password to the password in your database, that's no good. Also I might advice you to move away from using such query's and start using prepared statements.

Bono
  • 4,757
  • 6
  • 48
  • 77