1
Good night!
I’m making a simple website, in which appears a user box and password that will be sent by form through the method post for the page valida.php. When comparing the user and password typed by the user, with the default user and password in an if/Else, the page redirects to main.html, which is correct. However, when I change the code to get directly into the database, when the user enters the credentials and presses the button, it is sent to the same page.. I can’t understand what’s wrong...
Follows the codes:
index php.
<form class="login100-form validate-form" method="POST" action="valida.php">
<div class="wrap-input100 validate-input">
<input class="input100" type="password" id="inputSenha" name="senha" placeholder="Digite a Senha" required>
<span class="focus-input100" data-placeholder=""></span>
</div>
<div id="botao">
<input type="submit" value="ENTRAR" name="botao" id="entrar" class="btn efeito efeito-1 botaoEnviar" style="color: black; font-weight: bold" autofocus>
</div>
valida.php
<?php
include_once("conexao.php");
if((isset($_POST['user'])) && isset($_POST['senha']))
{
$usuario = mysqli_real_escape_string($conn, $_POST['user']);
$senha = mysqli_real_escape_string($conn, $_POST['senha']);
$senha = md5($senha);
$sql = "SELECT * FROM tb_login WHERE user = '$usuario' && senha = '$senha' LIMIT 1";
$result = mysqli_query($conn, $sql);
$resultado = mysqli_fetch_assoc($result);
if(empty($resultado))
{
$_SESSION['loginErro'] = "Usuario ou senha incorretos.";
header("Location: index.php");
}
elseif(isset($resultado))
{
header("Location: main.html");
}
else
{
$_SESSION['loginErro'] = "Usuario ou senha incorretos.";
}
}
else
{
$_SESSION['loginErro'] = "Usuario ou senha incorretos.";
header("Location: index.php");
}
?>
php connection.
<?php
$servidor = "localhost";
$usuario = "root";
$senha = "";
$dbname = "bd_otica";
$conn = mysqli_connect($servidor, $usuario, $senha, $dbname);
if(!$conn)
{
die("Falha na conexão: " . mysqli_connect_error());
}else
{}
?>
Thanks for any help!
"arrive directly in the database"... what does that mean? I don’t understand...
– Sam
That one
LIMIT 1
also strange. May have more than 1 user with the same username and the same password?– Sam
as to arrive directly, he meant to search in the database the password and the administrator’s user.. You can not have more than one user with the same name and password, I must take out this LIMIT 1?
– Cayo Eduardo Silveira
Of course, it’s no use at all
– Sam
I made the change.. nothing has changed, keeps going to index.php independent of password/user
– Cayo Eduardo Silveira
For a simple login your code is extremely complicated. I suggest a search in mysql and php login, have better ready examples on the site. If you are going to insist on the current solution change your && by AND in select, take this lot of IF and ELSE and simply check if the number of rows returned is greater than one, instead of that fetch. Ideal sera to use password_verify https://answall.com/a/17005/70
– Bacco