I'm using an external file to connect to a database, and I also have a login file. The log in file should be comparing the user input to the database records. Currently, after submitting the data the page is just blank and doesn't even display an error.
The register form works fine so I don't think the connection is the problem.
PHP:
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
include 'connect.php';
session_start();
$error = ""; //Variable for storing our errors.
if(isset($_POST["login-submit"]))
{
if(empty($_POST["username"]) || empty($_POST["password"]))
{
$error = "Both fields are required.";
}else
{
// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];
// To protect from MySQL injection
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysqli_real_escape_string($db, $username);
$password = mysqli_real_escape_string($db, $password);
$password = md5($password);
//Check username and password from database
$sql="SELECT UserID FROM user WHERE Email='$username' and Password='$password'";
$result=mysqli_query($db,$sql);
$row=mysqli_fetch_array($result,MYSQLI_ASSOC);
//If username and password exist in our database then create a session.
//Otherwise echo error.
if(mysqli_num_rows($result) == 1)
{
$_SESSION['username'] = $login_user; // Initializing Session
header("location: http://localhost/alisonhurmanwebsite/index.html"); // Redirecting To Other Page
}else
{
$error = "Incorrect username or password.";
}
}
}
?>
