-1

I have edited the code from the answers so far but I am getting these errors

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\Test\index.php on line 18

Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\Test\index.php on line 28

Line 18 - $checkuser= mysqli_num_rows($query);

Line 28 - while ($row = mysqli_fetch_array($query)) {

 <?php



require_once('config.php');  


if(isset($_POST['Login']) && isset($_POST['uname']) && isset($_POST['pass1'])) {
// Here check if all input are sent 

$uname = $sql-> real_escape_string($_POST['uname']);
$pass1 = $sql-> real_escape_string($_POST['pass1']);


 if ( !empty($uname) && !empty($pass1)) {
  // Check if you input are not empty

  $query= mysqli_query($sql, "SELECT uname, pass1 FROM login WHERE uname='$uname'");
  $checkuser= mysqli_num_rows($query);


  if($checkuser != 1) {


   $error = "Username doesn't exist in our database!";
  }

  // Change $login with $query
  while ($row = mysqli_fetch_array($query)) {
   $checkpass= $row['pass1'];
    

   // here i changed $pass1 to $checkpass
   if ($pass1 == $checkpass) {


    setcookie("user", $uname, time()+7200);
    $_SESSION['user'] = $uname;
    $_SESSION['start'] = time();
    $_SESSION['expire'] = $_SESSION['start'] + (60 * 60 * 60);
    header("Location: main.html");
    exit();
   } else {


    $error = "Incorrect password!";
   }
  }
 } else {

 $error = "Please enter a username and password.";
 }
}



?>
Community
  • 1
  • 1
user2644017
  • 9
  • 4
  • You don't seem to echo the $error anywhere. – vidario Aug 13 '13 at 19:38
  • Are you making a database connection somewhere? In `config.php`? – andrewsi Aug 13 '13 at 19:39
  • Whoever upvoted this too localized offtopic question, care to explain? – Your Common Sense Aug 13 '13 at 19:42
  • Who is downvoting the answers without leaving a comment? –  Aug 13 '13 at 19:45
  • *"This basic login form is not doing anything"* - It's doing something, just not what you want it to do. – Funk Forty Niner Aug 13 '13 at 19:54
  • We are not "testers" but "helpers". If you have any error messages to show us, then by all means share it with us. – Funk Forty Niner Aug 13 '13 at 19:55
  • Ok `OP`, **here's the scoop**. You're running sessions yet there is no mention of, or inclusion of `session_start();` anywhere in your question/code. Start by including it as your 2nd line of code; i.e. ` – Funk Forty Niner Aug 13 '13 at 20:00
  • We are not "helpers" either. Stack Overflow is not for help but for answering questions. – Your Common Sense Aug 13 '13 at 20:01
  • @YourCommonSense [**as per...**](http://stackoverflow.com/questions/18217661/this-basic-login-form-is-not-doing-anything#comment26704867_18217661) ;-) – Funk Forty Niner Aug 13 '13 at 20:02
  • Does this answer your question? [mysqli\_fetch\_assoc() expects parameter / Call to a member function bind\_param() errors. How to get the actual mysql error and fix it?](https://stackoverflow.com/questions/22662488/mysqli-fetch-assoc-expects-parameter-call-to-a-member-function-bind-param) – Dharman Oct 30 '19 at 21:22

2 Answers2

0
<input type="button" value="Login" name="Login" />

needs to be 

<input type="submit" value="Login" name="Login" />

or

<button type="submit" name="Login">Login</button>

The way you had it would require Javascript in order to have the form submit upon clicking the button.

Unless you have some other mechanism of submitting the form, that is most likely why your form is not submitting. Other than that, you need to be more specific about any issues you have.

  • [**same applies**](http://stackoverflow.com/questions/18217661/this-basic-login-form-is-not-doing-anything#comment26705247_18217852) – Funk Forty Niner Aug 13 '13 at 20:07
-2

try this and tell us if there is some message:

require_once('config.php');  


if (isset($_POST['Login']) && isset($_POST['uname']) isset($_POST['pass1'])) {
// Here check if all input are sent 

$uname = mysqli_real_escape_string($_POST['uname']);
$pass1 = mysqli_real_escape_string($_POST['pass1']);


 if ( !empty($uname) && !empty($pass1)) {
  // Check if you input are not empty

  $query= mysqli_query("SELECT uname FROM login WHERE uname='$uname'");
  $checkuser= mysqli_num_rows($query);


  if($checkuser != 1) {


   $error = "Username doesn't exist in our database!";
  }

  // Change $login with $query
  while ($row = mysqli_fetch_array($query)) {
   $checkpass= $row['pass1'];


   // here i changed $pass1 to $checkpass
   if ($pass1 == $checkpass) {


    setcookie("user", $uname, time()+7200);
    $_SESSION['user'] = $uname;
    $_SESSION['start'] = time();
    $_SESSION['expire'] = $_SESSION['start'] + (60 * 60 * 60);
    header("Location: main.html");
    exit();
   } else {


    $error = "Incorrect password!";
   }
  }
 } else {

 $error = "Please enter a username and password.";
 }
}


?>
Momo1987
  • 544
  • 6
  • 16
  • this is not an answer by any means – Your Common Sense Aug 13 '13 at 19:46
  • If you click the edit button you can edit your answer. However, remyabel has identified the problem. – cssyphus Aug 13 '13 at 19:47
  • @Momo1987 - could you add an explanation of what changes you've made, and why? – andrewsi Aug 13 '13 at 19:48
  • This is the same non-working code with same silly errors from someone who never wrote a single mysqli operator. – Your Common Sense Aug 13 '13 at 19:48
  • *For the record*, I did NOT downvote you. However, we don't know what's hiding behind **"door #3"**, so it's hard to pinpoint the problem without knowing if `session_start();` is even included. Being omitted/not used, is grounds to make (the OP's) code ultimately fail. – Funk Forty Niner Aug 13 '13 at 20:06
  • The config.ini is () When using Momo1987's code it gives Parse error: syntax error, unexpected T_ISSET in C:\xampp\htdocs\Test\index.php on line 7 – user2644017 Aug 13 '13 at 20:59
  • add && before the last isset – Momo1987 Aug 13 '13 at 21:08
  • As I have ($sql = new mysqli("localhost", "root", "****", "test") in my config and the escape string requires 2 parameters, should I be doing this - $uname = mysqli_real_escape_string($sql, $_POST['uname']);? – user2644017 Aug 13 '13 at 21:20
  • I added $uname = $sql-> mysqli_real_escape_string($_POST['uname']); $pass1 = $sql-> mysqli_real_escape_string($_POST['pass1']); but I am getting this error - Fatal error: Call to undefined method mysqli::mysqli_real_escape_string() in C:\xampp\htdocs\Test\index.php on line 10. Line 10 being the $uname = – user2644017 Aug 13 '13 at 21:26
  • try this real_escape_string($_POST['pass1']) – Momo1987 Aug 13 '13 at 21:28
  • Why am I getting this error (Notice: Undefined index: pass1 in C:\xampp\htdocs\Test\index.php on line 29) for the following line - $checkpass= $row['pass1']; – user2644017 Aug 13 '13 at 21:39
  • Getting Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\Test\index.php on line 18. Line 18 corresponds to $checkuser= mysqli_num_rows($query) is this because I changed ($sql, "SELECT uname, pass1 FROM login WHERE uname='$uname'") and it is getting 2 rows now? – user2644017 Aug 13 '13 at 22:05