search

seblucas / cops

Calibre OPDS (and HTML) PHP Server : web-based light alternative to Calibre content server / Calibre2OPDS to serve ebooks (epub, mobi, pdf, ...)
http://blog.slucas.fr/en/oss/calibre-opds-php-server
GNU General Public License v2.0
1.43k stars 229 forks source link

login page error in php #428

Closed ravishanth closed 5 years ago

ravishanth commented 5 years ago

<?php include('conn.php'); session_start(); function check_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; }

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $username=check_input($_POST['username']);

    if (!preg_match("/^[a-zA-Z0-9_]*$/",$username)) {
        $_SESSION['msg'] = "Username should not contain space and special characters!"; 
        header('location: index.php');
    }
    else{

    $fusername=$username;

    $password = check_input($_POST["password"]);
    $fpassword=md5($password);

    $query=mysqli_query($conn,"select * from `user` where username='$fusername' and password='$fpassword'");

    if(mysqli_num_rows($query)==0){
        $_SESSION['msg'] = "Login Failed, Invalid Input!";
        header('location: index.php');
    }
    else{

        $row=mysqli_fetch_array($query);
        if ($row['access']==1){
            $_SESSION['id']=$row['userid'];
            ?>
            <script>
                window.alert('Login Success, Welcome Admin!');
                window.location.href='admin/';
            </script>
            <?php
        }
        else{
            $_SESSION['id']=$row['userid'];
            ?>
            <script>
                window.alert('Login Success, Welcome User!');
                window.location.href='user/';
            </script>
            <?php
        }
    }

    }
}

?>

ravishanth commented 5 years ago

The above mentioned is the code that i am using for login page created in php.. when i give the login details as saved in the database but also it returns me back a message "Login Failed , Invalid input".. i don't why it is showing that message.

ravishanth commented 5 years ago

else{

    $fusername=$username;

    $password = check_input($_POST["password"]);
    $fpassword=md5($password);

    $query=mysqli_query($conn,"select * from `user` where username='$fusername' and password='$fpassword'");

    if(mysqli_num_rows($query)==0){
        $_SESSION['msg'] = "Login Failed, Invalid Input!";
        header('location: index.php');
    }

and what does this part of the code do??

please kindly help me out... thank you.