Can't display wrong credentials error in HTML code from PHP

Question

I have a problem this is my index.php file

<section class="main">
    <form class="form-3" method="post" action="back/login.php">
        <p class="clearfix">
            <input type="text" name="username" id="username" placeholder="username">
            <label for="login">username</label>
        </p>
        <p class="clearfix">
            <input type="password" name="password" id="password" placeholder="password"> 
            <label for="password">password</label>
        </p>

        <p class="clearfix">
            <input type="submit" name="submit" value="Sign In">
        </p>

        <p class="clearfix">
            <label for="remember">remember me</label>
            <input type="checkbox" name="remember" id="remember">
        </p>
    </form>

    *
    <div class="error"><?php echo $error;?></div>
    *
</section>

and this is my login.php file

<?php

session_start();
include("connection.php");

$error = "";
if (isset($_POST["submit"])) {
    if (empty($_POST["username"]) || empty($_POST["password"]))
        $error = "Both fields are required.";

    else {
        $username = $_POST['username'];
        $password = $_POST['password'];
        $username = stripslashes($username);
        $password = stripslashes($password);
        $username = mysqli_real_escape_string($db, $username);
        $password = mysqli_real_escape_string($db, $password);
        $password = md5($password);

        $sql = "SELECT uid FROM users WHERE username='$username' and password='$password'";
        $result = mysqli_query($db,$sql);
        $row = mysqli_fetch_array($result,MYSQLI_ASSOC);
        $login_user = $username;

        if (mysqli_num_rows($result) == 1) {
            $_SESSION['username'] = $login_user;
            header("location: home.php");
        }
        else {
            $error = "Incorrect username or password.";
            header("location: ../index.php");
        }
    }
}

but my $error in html code doesn't work...

I mean when i put incorrect password and user name, it just redirect my index.php page and there is not any error inside...

Also my login.php file is included in my index.php

possible duplicate of http://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php — Funk Forty Niner, Feb 14 '16 at 15:26
they are two separate files - the variables you set in one will not be available in the other. Better would be a session variable or include a querystring in your header() fnction possibly — Professor Abronsius, Feb 14 '16 at 15:28

Ketan Malhotra · Accepted Answer · 2016-02-14T15:38:06.417

1

This is because the $error variable is inside the login.php file and not index.php.

There is basically no variable named $error in the index.php file.

A simple way to do what you're trying to do is redirecting to index.php from login.php with an error variable like:

header("location: ../index.php?error=1");

and then within index.php, use a switch case for errors like:

if(isset($_GET['error'])) {
  $error_id = $_GET['error'];
  switch($error_id) {
    case 1:
      $error = "Incorrect username or password.";
    break;
  }
}

I hope that helps!

edited Feb 14 '16 at 15:38

answered Feb 14 '16 at 15:27

Ketan Malhotra

1,255
3
16
44

yes this is a good way, but i recieve this error in my error log file Undefined index: error in .../index.php on line 7 – Feb 14 '16 at 15:34
I edited my code above. Please try using that. It should not give any error then :) – Ketan Malhotra Feb 14 '16 at 15:38

Can't display wrong credentials error in HTML code from PHP

1 Answers1