0

I am trying to make login portal connected to mysql using php but my index.php is not redirecting to profile.php and showing index.php with blank screen here are my code files.Database is added properly.

login.php

<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) 
{
 if (empty($_POST['username']) || empty($_POST['password'])) 
{ 
    $error = "Username or Password is invalid";
}
else
{
    // Define $username and $password
    $username=$_POST['username'];
    $password=$_POST['password'];

    $connection = mysql_connect("localhost", "root", "pwd");
    // To protect MySQL injection for Security purpose
    $username = stripslashes($username);
    $password = stripslashes($password);
    $username = mysql_real_escape_string($username);
    $password = mysql_real_escape_string($password);
    // Selecting Database
    $db = mysql_select_db("company", $connection);

    $query = mysql_query('select * from login where password="$password"   AND username="$username"', $connection);
    $rows = mysql_num_rows($query);
    if ($rows == 1) 
    {
        $_SESSION['login_user']=$username; // Initializing Session
        header("location: profile.php"); // Redirecting To Other Page
        exit();
    } 
    else 
    {
        $error = "Username or Password is invalid";
    }
    mysql_close($connection); // Closing Connection
}
} 
?>

index.php

 <?php
 include('login.php'); // Includes Login Script

if(isset($_SESSION['login_user'])) 
{
header("location: profile.php");
exit();
} 
?>
<!DOCTYPE html>
 //some html code
 <input name="submit" type="submit" value=" Login ">
  <span><?php echo $error; ?></span>
Alex
  • 1
  • 4
    **Don't** use the **deprecated and insecure** _mysql_*-functions. They have been deprecated since PHP 5.5 (in 2013) and were completely removed in PHP 7 (in 2015). Use MySQLi or PDO instead. 2. You are **wide open to** [SQL Injections](http://php.net/manual/en/security.database.sql-injection.php) and should really use [Prepared Statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) instead of concatenating your queries, which can be used if you use the above mentioned MySQLi or PDO. – Milan Chheda Sep 24 '17 at 14:11
  • 1
    Have you enabled error reporting? – The Codesee Sep 24 '17 at 14:13
  • 1
    Please see especially: https://stackoverflow.com/a/12772851/367456 – hakre Sep 24 '17 at 14:24
  • Thanks for the help.The error is Fatal error: Uncaught Error: Call to undefined function mysql_connect() in /var/www/html/login.php:16 Stack trace: #0 /var/www/html/index.php(2): include() #1 {main} thrown in /var/www/html/login.php on line 16 – Alex Sep 24 '17 at 14:35
  • Thank you everyone for your help.It is working now:) – Alex Sep 24 '17 at 14:53

0 Answers0