-2

So here is my form I use to get the email and password, don't mind all the tabs xD.

<form method="post" action="">
            <ul>
                <label for='usermail'>email &nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</label>
                <input type='text' name='email' placeholder="jouwnaam@mail.nl" required>
            </ul>
            <ul>
                <label for="password">Wachtwoord</label>
                <input type="password" name="wachtwoord" placeholder="wachtwoord" required>
            </ul>
            <ul>
                <div class='login-btn btn btn-default btn-lg'><input name="submit" type="submit" value="Inloggen"></div>
            </ul>
        </form>

And this is my PHP code:

<?php
    if (isset($_POST['inloggen']))
    {           
        mysql_connect("localhost","root","usbw") or die('error');
        mysql_select_db("sportschool") or die('error');

        $k_email = $_POST['email'];
        $wachtwoord = $_POST['wachtwoord'];
        echo $k_email;

        if (mysql_query("SELECT * FROM klant;") == false)
        {
            echo mysql_error();
        }
        else
        {           
            $resultaat = mysql_query("SELECT wachtwoord FROM klanten WHERE email='".$k_code."';");
            $data = mysql_fetch_assoc($resultaat);
            echo "<br />";
            echo "<br />";          
            $k_wachtwoord = $data["wachtwoord"];
            echo $k_wachtwoord;

            if ($wachtwoord==$k_wachtwoord)
            {
                echo "U are logged in";
                session_start();
                $_SESSION['ingelogd'] = true;
                $_SESSION['klantemail'] = $k_email;
            }
            else
            {
                echo "Username or Password is not right try again.";
            }
            echo "<br />";
            mysql_close();
        }
    }
?>

Every time I login with the correct email and password the page is refreshed but I don't get the echo for logged in or the error for not logging in.

I have this PHP code which checks if the user is logged in, and that one stays on not logged in:

<?php
                    if ((isset($_SESSION['ingelogd'])) && ($_SESSION['ingelogd'] == true))
                    {
                        echo $_SESSION['klantemail']." is ingelogd";
                    }
                    else
                    {
                        echo "Nog niet ingelogd.";
                    }
                ?>

I don't use PHP a lot, so there may be a lot of mistakes.

jarlh
  • 42,561
  • 8
  • 45
  • 63
Thidal
  • 109
  • 1
  • 1
  • 11
  • 1
    [Your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – Jay Blanchard Jan 25 '16 at 12:58
  • 3
    Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Jan 25 '16 at 12:58
  • 3
    Please use PHP's [built-in functions](http://jayblanchard.net/proper_password_hashing_with_PHP.html) to handle password security. If you're using a PHP version less than 5.5 you can use the `password_hash()` [compatibility pack](https://github.com/ircmaxell/password_compat). – Jay Blanchard Jan 25 '16 at 12:58
  • 3
    `if (isset($_POST['inloggen']))` I don't see it defined. – Daan Jan 25 '16 at 12:59
  • 2
    You have to have `session_start();` at the top of all pages using sessions. – Jay Blanchard Jan 25 '16 at 12:59
  • 1
    `if(isset($_POST['inloggen']))` should be `if(isset($_POST['submit']))` – Jay Blanchard Jan 25 '16 at 13:02
  • 2
    all answers given below so far, are not 100% and have missed quite a few problems with their code. – Funk Forty Niner Jan 25 '16 at 13:08
  • 2
    thanks guys, it already got me some steps further. And i come to the conclusion that i still need to learn a lot. xD – Thidal Jan 25 '16 at 13:08

3 Answers3

1

Your are not checking the correct value.

Try:

 if (isset($_POST['submit']) && $_POST['submit'] == "Inloggen")
RST
  • 3,899
  • 2
  • 20
  • 33
1

Replace this code 

if (isset($_POST['inloggen']))

with 

if (isset($_POST['submit']))
Kiritkumar
  • 476
  • 2
  • 12
0

The key to the post variable is the name attribute of the submit button while its value would be inloggen.

So it should be:

if (isset($_POST['submit']))
P. Jairaj
  • 1,033
  • 1
  • 6
  • 8
  • always wonder why people feel the urge to post what is already there. – RST Jan 25 '16 at 13:07
  • 1
    @RST and miss a lot more problems, along with other answers given. You also missed something ;-) – Funk Forty Niner Jan 25 '16 at 13:10
  • @Fred-ii- seems to me everyone is basically telling him to use `submit` instead of `Inloggen`. The thing he asked about is not being able to login. The other issues would only show up after checking the `$_POST` value correctly. I think it helps a lot to see where things go wrong, understand the errormessage, try to solve them yourself and then if you can't you come back to SO and ask help again on your adjusted code. But that is just me. – RST Jan 25 '16 at 13:16
  • @RST Go over their code again and *very carefully* and with a *fine toothed comb* ;-) You'll see what I mean; *hopefully*. – Funk Forty Niner Jan 25 '16 at 13:19