Display login errors on same page

Monday, May 12, 2014

I am trying to display my login errors on the same page when the user hits submit. My code works when i have the PHP and HTML code on separate files but when i merge both files and use <?php echo $_SERVER['PHP_SELF']; ?> in the action attribute instead of giving the file location it just displays the die("Incorrect Username or Password entered"); error. I have absolutely no clue as to why this is happening.



<?php
ob_start();
include ("cn.php");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$date = date("Y-m-d H:i:s");

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM spineless.Users WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$user_info = mysql_fetch_assoc($result)
or die ("Incorrect Username or Password entered");
extract ($user_info);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{

// Register $myusername, $mypassword and redirect to file "loginsuccess.php"
session_register("myusername");
session_register("mypassword");
$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;
$_SESSION['userid'] = $User_ID;

$user_record = "INSERT INTO Login_Record (User_ID, Username, Login_Time)
VALUES
('$User_ID','$Username','$date')";
$recordresult = mysql_query($user_record)
or die ("unable to add record");

header("location:../views/joblist.php");

//echo "yes";

}

else
{
echo "Wrong Username or Password";
}
ob_end_flush();
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://ift.tt/kkyg93">
<html xmlns="http://ift.tt/lH0Osb">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Spineless Classics</title>
<link rel="stylesheet" type="text/css" href="http://ift.tt/MtAvUF" />
</head>
<body id="loginPage">
<div class="loginContainer">

<div class="loginHolder">
<div class="block">


<div style="text-align:center; padding-bottom: 20px;"><a href="http://ift.tt/10wiVPH" title=""><img src="img/spinelessclassics.png" ></a></div>
<!--<div class="login-error">
Please enter your username and password</a> // HIDE AND DISPLAY
</div>-->
<!-- /error_holder -->
<form name="login_form" id="login_form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="myusername" name="myusername" placeholder="Username" class="login-input" mouseev="true" keyev="true" clickev="true" >
<input type="password" name="mypassword" placeholder="Password" class="login-input" mouseev="true" keyev="true" clickev="true">
<button type="submit" name="Submit" class="login-submit">Login</button>
</form>


</div>
</div>



</div>








</body>
</html>






http://ift.tt/1ja3lbv