PHP - dreamweaver authentication code not working

Question

I am new to php. I am using DW to auto generate the code for user authentication from mySQL. But, the generated code does not direct me to the next page even if the username and password are correct instead it remain on the same page. Can u suggest me the problem ?

Here in my index file

<?php require_once('Connections/idea.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "home.html";
  $MM_redirectLoginFailed = "home.html";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_idea, $idea);

  $LoginRS__query=sprintf("SELECT username, password FROM `user` WHERE username=%s AND password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 

  $LoginRS = mysql_query($LoginRS__query, $idea) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";

    if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;       

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];  
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Welcome to the Idea</title>
<meta charset="utf-8">
<link href="css/style.css" rel='stylesheet' type='text/css' />
<meta name="viewport" content="width=device-width, initial-scale=1">
<link href='http://fonts.googleapis.com/css?family=Open+Sans:600italic,400,300,600,700' rel='stylesheet' type='text/css'>
</head>
<body>
<div class="main">
  <div class="login-form">
    <h1>Member Login</h1>
    <div class="head"> <img src="images/user.png" alt=""/> </div>
    <form ACTION="<?php echo $loginFormAction; ?>" METHOD="POST" id="login">
      <input id="username" type="text" class="text" placeholder="USERNAME">
      <input id="password" type="password" placeholder="PASSWORD">
      <div class="submit">
        <input type="submit" onclick="myFunction()" value="LOGIN" >
      </div>
      <p><a href="#">Forgot Password ?</a></p>
    </form>
  </div>
</div>
</body>
</html>

And here the connection file

<?php
# FileName="Connection_php_mysql.htm"
# Type="MYSQL"
# HTTP="true"
$hostname_idea = "localhost";
$database_idea = "idea";
$username_idea = "root";
$password_idea = "";
$idea = mysqli_connect($hostname_idea, $username_idea, $password_idea) or trigger_error(mysql_error(),E_USER_ERROR); 
?>

You or DW is mixing DB drivers. `mysqli_connect` and `mysql_` dont work together. They are two different drivers. DW probably is building using the outdated `mysql_` functions. You should use the `mysqli` driver though or `PDO`. — chris85, Aug 23 '15 at 14:03
wow - there's some code I haven't seen in a long while! Try putting some debug statements in at various points in the code to see what values you are getting - thus narrowing it down to the point where it fails. For instance, does it set the session vars `MM_Username` and `MM_UserGroup`? — Professor Abronsius, Aug 23 '15 at 14:03
mysql_ is deprecated. Do i need to call mysqli functions in my index file if using mysqli for making connections? — , Aug 23 '15 at 14:11
Consult http://stackoverflow.com/questions/17498216/can-i-mix-mysql-apis-in-php which this question may very well fall under that one as a possible duplicate. There should NOT be any instances of `mysql_whatever_function following mysql_` when using `mysqli_` to connect with. — Funk Forty Niner, Aug 23 '15 at 14:12
Free bit of advice. Ditch that code immediately. Dreamweaver is a terrible tool for PHP development. — GordonM, Aug 23 '15 at 14:14
You may be connecting to your db at first with `mysqli_`, but your queries are failing thereafter in your index file. Edit: `FileName="Connection_php_mysql.htm"` ***Woahhhh there cowboy.*** `.htm` file extension? I take that back; you're probably not even connecting unless you instructed Apache to treat `.htm` files as PHP. Then no database chosen for `mysqli_connect($hostname_idea, $username_idea, $password_idea)` missing the 4th parameter. `mysqli_connect($hostname_idea, $username_idea, $password_idea, $your_DB)` — Funk Forty Niner, Aug 23 '15 at 14:15
I tried it with .php as well earlier. No success. I think file extension makes no difference here. is it? — , Aug 23 '15 at 14:18
Reload my comment above yours; it was edited. There is no way for anyone to "answer" this question. There are far too many mistakes made here. *"I think file extension makes no difference here."* - again, reload my comment. But yes, there is a huge difference. — Funk Forty Niner, Aug 23 '15 at 14:20
This is an auto-generated code. I got no clues about it. Can u suggest any other IDE for php that can do this authentication for me? — , Aug 23 '15 at 14:28
Plus, your code resembles this one http://stackoverflow.com/q/25703771/ - So, it's hard to say whose code is whose. You may even find the right code under this one http://codereview.stackexchange.com/questions/42497/update-php-function-getsqlvaluestring which uses a `mysqli_` method. In short, you CANNOT mix `mysql_` with `mysqli_` and vice-versa. Use the same one from connection to query. — Funk Forty Niner, Aug 23 '15 at 14:29
You should really tell us exactly what you are doing and what the end result should be. This generated code is awful. Get rid of it straight away. Do some googling around and see what you can find to help you write the code yourself and understand it. — Shivam Paw, Aug 23 '15 at 15:52
@WasiqNoor when I was writing php I'd always just use a text editor. There's not a while lot you can gain by using an IDE. Actually, I don't think any colleague I've ever had has written php in an IDE. — skeggse, Aug 23 '15 at 17:31

score 0 · Answer 1 · answered Sep 29 '15 at 05:04

You are redirecting to home page for both condition.

$MM_redirectLoginSuccess = "home.html";  
$MM_redirectLoginFailed = "home.html";

Just change the location for $MM_redirectLoginSuccess.

If you want to redirect to admin.php page when you authentication success

$MM_redirectLoginSuccess = "admin.php";

That should do the trick Good Luck

PHP - dreamweaver authentication code not working

1 Answers1