PHP doesn't seem to be working in a html line

Question

I have this php file for a login form, I'm trying to show a message for the username after they log in but the name doesnt appear.

This is the original one:

<?php

$conectar=mysqli_connect('localhost:3306','root','','forms');
if(!$conectar){
echo"Se conectó la base al servidor";}

$user = $_POST['usuario'];  
$contra = $_POST['contrasena'];  
global $contra;
      
//to prevent from mysqli injection  
$user = stripcslashes($user);  
$contra = stripcslashes($contra);  
$user = mysqli_real_escape_string($conectar, $user);  
$contra = mysqli_real_escape_string($conectar, $contra);  
      
$sql = "select *from registro where Usuario = '$user' and Contraseña = '$contra'";  
$result = mysqli_query($conectar, $sql);  
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);  
$count = mysqli_num_rows($result);  
          
if($count == 1){  
// echo 'inicio de sesion exitoso';    
   header('Location: ../PHP/usuario.php');

   }  
   else{  
       echo "<h1> Inicio de sesión fallido. Usuario o contraseña incorrectos.</h1>";  
   }     
?>

This is the page that's supposed to show the code

     <?php
//include auth_session.php file on all user panel pages
include("../PHP/login.php");
?>

<!DOCTYPE html>
<html>
    
    <head>
        <meta charset="utf-8">
        <title>Home Page</title>
        <link href="../css/inicio.css" rel="stylesheet" type="text/css">
        <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.7.1/css/all.css">
    </head>
    <body class="loggedin">
        <nav class="navtop">
            <div>
                <h1>Website Title</h1>
                <a href="profile.php"><i class="fas fa-user-circle"></i>Profile</a>
                <a href="logout.php"><i class="fas fa-sign-out-alt"></i>Logout</a>
            </div>
        </nav>
        <div class="content">
            <h2>Home Page</h2>
                        <p>Hey, <?php echo $_SESSION['usuario']; ?>!</p>

        </div>
    </body>
</html>

And yes, it's a php file, I can't seem to find a solution. The web says that there's a undefined variable where I'm trying to call the variable. More of the code here: https://dpaste.com/EJCLHRD25

Where does `$count` come from? Are you sure `$_SESSION['usuario']` exists? — Sebastian Simon, Mar 12 '21 at 03:46
The code: https://dpaste.com/EJCLHRD25 File names are: login.php and usuario.php, they're both in a carpet called PHP. — user14804502, Mar 12 '21 at 04:00
@user14804502 Please, [edit] your question and provide a [mre] (this means, your _code must be in the question itself_). — Sebastian Simon, Mar 12 '21 at 04:00
You appear to be storing user passwords in `plain text` in the database- you should always hash them using `password_hash` and check the password at login using `password_verify` Your code is potentially open to SQL injection - use `prepared statements` rather than embedding variables in the sql. You do not start a session variable on the login script - you should create the session variable when the login is successful — Professor Abronsius, Mar 12 '21 at 08:03
_"The web says that there's a undefined variable where I'm trying to call the variable."_ - Share the exact error message and point out the line where it happens. Also, read [this](https://stackoverflow.com/questions/4261133/notice-undefined-variable-notice-undefined-index-and-notice-undefined) and [this](https://stackoverflow.com/questions/16959576/reference-what-is-variable-scope-which-variables-are-accessible-from-where-and). — El_Vanja, Mar 12 '21 at 10:44
Probably you need to add `session_start()` at the beginning of your code (or in login.php, depending of your logic) for $_SESSION variable to be initialized — dmikam, Mar 12 '21 at 12:13

PHP doesn't seem to be working in a html line

0 Answers0