0

I have created a page with an image slide showing jQuery. I also have a search that that a user can search for a house from a database and this code works find. When I added php code in so that the user is allowed to log in and tried to run it the page comes up blank, why is this?

Here is my code

session_start();

  include "connect.php";

  if (isset($_POST['username']) and isset($_POST['password'])){

$username = $_POST['username'];

$password = $_POST['password'];

$query = ($con "SELECT * FROM login WHERE username='$username' and password= '$password'");

$result = mysqli_query($query) or die(mysqli_error());

$count = mysqli_num_rows($result);

if ($count == 1){

$_SESSION['username'] = $username;

}else {

echo "Invalid Login Credentials.";

}


if (isset($_SESSION['username'])){

$username = $_SESSION['username'];

echo "Hello " . $username . "";
echo "This is the Members Area";

echo "<a href='logout.php'>Logout</a>";

}
?>

Improve this question
6
  • You should limit the code to the sections related to your problem. Commented Mar 30, 2015 at 16:23
  • sorry I thought that it was everything within the page the was making it not work Commented Mar 30, 2015 at 16:24
  • I think that was a error when I copied over the code Commented Mar 30, 2015 at 16:26
  • 1
    You're doing the same thing as your other question earlier, one that I answered. Not passing DB connection to your query $result = mysqli_query($query) --- $result = mysqli_query($con, $query) Commented Mar 30, 2015 at 16:30
  • I noticed that but it doesn't seem to fix the problem Commented Mar 30, 2015 at 16:33

1 Answer 1

Reset to default
1

Firstly, you're not passing your connection to your query and you have one missing brace.

The one for if (isset($_POST['username']) and isset($_POST['password'])) which should encapsulate your entire PHP.

Sidenote: Using $con as the connection variable's parameter.

<?php
session_start();

  include "connect.php";

  if (isset($_POST['username']) and isset($_POST['password'])){

$username = $_POST['username'];

$password = $_POST['password'];

$query = "SELECT * FROM login WHERE username='$username' and password='$password'";

$result = mysqli_query($con, $query) or die(mysqli_error());

$count = mysqli_num_rows($result);

if ($count == 1){

$_SESSION['username'] = $username;

}else {

echo "Invalid Login Credentials.";

}


if (isset($_SESSION['username'])){

$username = $_SESSION['username'];

echo "Hello " . $username . "";
echo "This is the Members Area";

}

} // closing brace for if (isset($_POST['username']) and isset($_POST['password']))

echo "<a href='logout.php'>Logout</a>";

?>

I noticed you may be storing passwords in plain text. If this is the case, it is highly discouraged.

I recommend you use CRYPT_BLOWFISH or PHP 5.5's password_hash() function. For PHP < 5.5 use the password_hash() compatibility pack.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.