Do not receive the POST data

Asked

Viewed 823 times

1

I am trying to generate the login according to the database data and proceed to the page restricted to registered users, but there is incorrect password error.

Front-end:

<div class="login-form">    
        <form action="modulo.php" method="POST">
        <input type="email" placeholder="E-mail" value="email" >
        <input type="password" placeholder="Senha" value="password" >
        <input type="submit" class="btn-submit" value="Login"> 
    </div>

Back-end

 <?php

    session_start();
    // error_reporting('1');
    include 'config.php';

    // username and password sent from form
    $myusername=$_POST['email'];
    $mypassword=$_POST['password'];


    // To protect MySQL injection (more detail about MySQL injection)
    $myusername = stripslashes($myusername);
    $mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
    $mypassword = mysql_real_escape_string($mypassword);

    $sql="SELECT * FROM login WHERE email='$myusername' and password='$mypassword'";
    $result=mysql_query($sql);

    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);


    // If result matched $myusername and $mypassword, table row must be 1 row

    if($count==1){

    // Register $myusername, $mypassword and redirect to file "menu.php"
    $_SESSION['email']=$myusername;
    $_SESSION['password']=$mypassword;
    header("location:menu.php");
    }
    else {
    echo "<b class='error'>Wrong Username or Password</b>";
    }
    ?>
  • Give a print_r($_POST) in the file that receives the data and put here.

3 answers

4


Is missing name="nomeDoCampo" in the inputs of your form...

Try it like this:

<div class="login-form">    
    <form action="modulo.php" method="POST">
    <input type="email" name="email" placeholder="E-mail" value="email" >
    <input type="password" name="password" placeholder="Senha" value="password" >
    <input type="submit" class="btn-submit" value="Login"> 
</div>
  • tried the way you reported, but still does not solve the problem. : ( ai goes an image with the error that is occurring: http://i.imgur.com/laPvt9y.png

  • @theflash, test this in your PHP: var_dump($_POST);, before SQL. Appears what you wrote in HTML?

  • @theflash What happens if you use $result=mysql_query($sql) OR die(mysql_error());?

  • @Segio I tried the suggested way but the error is occurring: array(2) { ["email"]=> string(13) "[email protected]" ["password"]=> string(6) "123456" } No database Selected

  • @bfavaretto only occurs an error.

  • @theflash, okay, this answer tells me that the error is on the server side. Next question: if you check the log in the database the password is hidden (encrypted with md5) or you can read the word?

  • @Sergio The password is in varchar, it is not encrypted.

  • @theflash already got it to work? If not test this string in SQL: "SELECT * FROM login WHERE email='".$myusername."' and password='".$mypassword."'"

  • @Sergio is currently error: No database Selected

  • @theflash add this line at the beginning of your PHP and tell us if an error appears. I don’t think config.php is being read...: error_reporting(E_ALL ^ E_NOTICE);&#xA;ini_set("display_errors", 1);

  • The error you posted above says "No database Selected". That is, failed to use mysql_select_db in config.php.

  • Really it was this @bfavaretto thanks. Thanks also Sergio.

  • @theflash, great. I wanted to get there but took shorter steps, wanted to make sure that the config.php was charging.

  • Problem solved. ;)

Show 9 more comments

1

The problem is the function mysql_* that Voce is using.

It is already obsolete and very vulnerable. use the mysqli_* library or learn PDO.

In case, your code will look like this.

$myusername=mysqli_real_escape_string(stripslashes($_POST['email']));
$mypassword=mysqli_real_escape_string(stripslashes($_POST['password']));

This giving error in mysql_num_rows, because as this function mysql_real_escape_string Easyphp is not processing, then it assigns nothing to its variable, passing no value to SQL.

NOTE: As Voce using the mysqli_* library in the above example, you will have to adapt all your code with this lib, in this case most functions, put the "i" at the end.

  • OK. I will study some experiments with mysqli and Pdo.

  • Problem at least has been solved?

  • Yes, question already solved.

0

Try it like this:

<?php

session_start();
// error_reporting('1');
include 'config.php';

// username and password sent from form
$myusername=mysql_real_escape_string(stripslashes($_POST['email']));
$mypassword=mysql_real_escape_string(stripslashes($_POST['password']));


$sql="SELECT * FROM login WHERE email='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);


// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

// Register $myusername, $mypassword and redirect to file "menu.php"
$_SESSION['email']=$myusername;
$_SESSION['password']=$mypassword;
header("location:menu.php");
}
else {
echo "<b class='error'>Wrong Username or Password</b>";
}
?>
  • thanks for the reply but the error still persists.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.