2021-12-11

Tech Programing

程式人小天地

Why is my login form not working properly

1 min read


i am trying to create a basic login form for a page of mine, i haven’t been coding a website for a long time so i just tried to change a bit a ready code from before, connected it to my database and the right table etc… but when i try to login it keeps failing the verify password if function saying “incorrect password”

login.php

<?php include 'includes/session.php'; ?>
<?php include 'includes/header.php'; ?>
<body class="bg-gradient-primary hold-transition login-page">

    
    
      <section class="login-dark">
      <?php
      if(isset($_SESSION['error'])){
        echo "
          <div class="callout callout-danger text-center">
            <p>".$_SESSION['error']."</p> 
          </div>
        ";
        unset($_SESSION['error']);
      }
      if(isset($_SESSION['success'])){
        echo "
          <div class="callout callout-success text-center">
            <p>".$_SESSION['success']."</p> 
          </div>
        ";
        unset($_SESSION['success']);
      }
    ?>
        <form action="verify.php" method="POST">
            <h2 class="visually-hidden">Login Form</h2>
            <div class="illustration"><i class="icon ion-ios-locked-outline"></i></div>
            <div class="mb-3"><input class="form-control" type="username" name="username" placeholder="Username" required></div>
            <div class="mb-3"><input class="form-control" type="password" name="password" placeholder="Password" required></div>
            <div class="mb-3"><button class="btn btn-primary d-block w-100" type="submit" name="login">Log In</button></div><a class="forgot" href="#">Forgot your email or password?</a>
        </form>
    </section>
    

    
<?php include 'includes/scripts.php' ?>
</body>
</html>

session.php

<?php
    include 'includes/conn.php';
    session_start();

    if(isset($_SESSION['admin'])){
        header('location: admin/home.php');
    }

    
?>

verify.php

<?php
    include 'includes/session.php';
    $conn = $pdo->open();

    if(isset($_POST['login'])){
        
        $username = $_POST['username'];
        $password = $_POST['password'];

        try{

            $stmt = $conn->prepare("SELECT *, COUNT(*) AS numrows FROM users WHERE username = :username");
            $stmt->execute(['username'=>$username]);
            $row = $stmt->fetch();
            if($row['numrows'] > 0){
                if($row['status']){
                    if(password_verify($password, $row['password'])){
                        if($row['type']){
                            $_SESSION['admin'] = $row['id'];
                        }
                        
                    }
                    else{
                        $_SESSION['error'] = 'Incorrect Password';
                    }
                }
                else{
                    $_SESSION['error'] = 'Account not activated.';
                }
            }
            else{
                $_SESSION['error'] = 'username not found';
            }
        }
        catch(PDOException $e){
            echo "There is some problem in connection: " . $e->getMessage();
        }

    }
    else{
        $_SESSION['error'] = 'Input login credentails first';
    }

    $pdo->close();

    header('location: login.php');

?>



Source link

資料來源:Stackoverflow

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *