0

I have this line of code and I am trying to send an error message if the username password combination don't match, the thing is the message displays when I access the page, even before i enter a username and password. how do I make the message appear ONLY after login failed? Thanks!!

<?php
$user = $_POST['user'];
$pass = $_POST['pass'];

if(($user == "someusername") && ($pass == "somepassword"))
{
        include("../securedfile.php");
}
else{    
  $message = "Invalid User/Password - Please Try Again";
  echo "<script type='text/javascript'>alert('$message');</script>";
   }   

    if(isset ($_POST))

    {?>

            <div class="secure">
            <form method="POST" action="secure.php">
            username:<input class="user" type="text" name="user"></input><br/><br/>
           password:<input class="pass" type="password" name="pass"></input><br/><br/>


            <button class="submit" type="submit" name="submit">SUBMIT</span></button>
            </form>
            </div>
    <?}
    }    
?>
Improve this question
1
  • I have no idea how any of your code is working, you have a <? instead of a <?php, but one thing that you want to do is put the $username = 'asd' and $password = 'asd' inside of a if (isset($_POST)) statement, so try moving the first 2 lines into the if statement. Commented Apr 11, 2016 at 3:17

1 Answer 1

Reset to default
1

There is the parenthesis problem with the 'else', then the form is calling secure.php instead of calling itself, there's no isset...The rewritten code below would be a better way of doing it. And have checked it, it works. (The name of this whole file - new.php) 

<div class="secure">
        <form method="POST" action="new.php">
        username:<input class="user" type="text" name="user"></input><br/><br/>
        password:<input class="pass" type="password" name="pass"></input><br/><br/>


        <button class="submit" type="submit" name="submit">SUBMIT</span></button>
        </form>
</div>

<?php  
// checking the user
if(isset($_POST['submit']))
{

  $user = $_POST['user'];
  $pass = $_POST['pass'];

if($user == "someusername" && $pass == "somepassword")
  {
    include("../securedfile.php");
  }

else
 {
 $message = "Invalid User/Password - Please Try Again";
 echo "<script type='text/javascript'>alert('$message');</script>";
 }
}  
?>
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thank you so much! It works! Now i need to hide the form, when "securedfile.php" is included.
I just added <script type="text/javascript"> document.getElementById('target').style.display = 'none'; </script> to the top of the "securedfile.php" so it will hide the form. Is workiking. Thakyou!!
No problem. And you gotta accept the answer with the green tick, so the topic is closed/answered.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.