-3

I have just started using mysqli I'm trying to connect to a database and login, I'm getting the error messages,

Notice: Undefined index: ___mysqli_ston in E:\EasyPHP-DevServer-14.1VC11\data\localweb\my portable files\course work\login.php on line 14

I'm also trying to display error messages on the page of the form rather than creating a new page which it's currently doing. I forget does the PHP have to be on the same page for the errors to be displayed?

Warning: mysqli_query() expects parameter 1 to be mysqli, null given in E:\EasyPHP-DevServer-14.1VC11\data\localweb\my portable files\course work\login.php on line 14

Could not find database

<?php

session_start();

$username = $_POST['username'];
$password = $_POST['password'];
$errors = array();


if ($username&&$password)
{

$connect = mysqli_connect("localhost","root","") or die ("Could not connect");
((bool)mysqli_query($GLOBALS["___mysqli_ston"], "USE login")) or die ("Could not find database");

$query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username ='$username'");

$numrows = mysqli_num_rows($query);
if ($numrows !=0)
{
    while ($row =mysqli_fetch_assoc($query))
    {
        $dbusername = $row['username'];
        $dbpassword = $row['password'];
    }
        
    if ($username==$dbusername&&$password==$dbpassword)
    {
        echo header( 'Location: member.php' ) ;
        $_SESSION['username']=$dbusername;
        $_SESSION['userid']=$userid;
    }
    else 
        echo "Inncorrect password";
    
}
else
    die("That user dosen't exist");
}

else
    die("Please enter a username and a password");

?>
Community
  • 1
  • 1
JavaScriptHatesMe
  • 5
  • 3
  • Don't take the manuals *literally*. – Funk Forty Niner Dec 04 '14 at 20:07
  • What is `___mysqli_ston`? Where did you find that? Do you ever set this? You need to replace `$GLOBALS["___mysqli_ston"]` in your code with `$connect`. – gen_Eric Dec 04 '14 at 20:10
  • P.S. Instead of trying to call `USE login` from your page, use `mysqli_select_db($connect, 'login');`. – gen_Eric Dec 04 '14 at 20:11
  • P.P.S. This code is *very* unsafe. What if I tried to login with a username of `admin' UNION SELECT 'admin' as username, 1 AS password; -- ` (or something like that) and a password of `1`? You want to be using prepared statements: http://php.net/manual/en/mysqli.prepare.php – gen_Eric Dec 04 '14 at 20:15
  • P.P.P.S. You can actually just pass the db name to `mysqli_connect`: `mysqli_connect('localhost','root','','login');`. No need for `mysqli_select_db` (or `USE login`). – gen_Eric Dec 04 '14 at 20:17
  • Thanks, I will read over this in the morning, to be honest I was taking wild caffeine fuelled stabs in the dark, I think they all missed the spot – JavaScriptHatesMe Dec 04 '14 at 22:12

1 Answers1

0

You should have a database name for mysqli_connect. So, go like this:

$connect=mysqli_connect('localhost','root','','databse_name');

and why are you using __mysqli_ston for?Use this instead

$query = mysqli_query($connect, "SELECT * FROM users WHERE username='$username'");

Do not use __mysqli_ston.

This should work.If doesn't work,get back to me.

Coder
  • 237
  • 4
  • 21