0

I have created a signup form successfully and it is working fine. But my login system is showing error and I am unable to figure it out. Whenever I use to sign in it shows login==empty in URL even when I use exactly same user and password.

<?php
session_start();
include 'conn.php';
 if (isset($_POST['submit'])) {

      $uid=mysqli_real_escape_string($conn,'$_POST["firstname"]');
      $pwd=mysqli_real_escape_string($conn,'$_POST["password"]');
      if ($uid==""||$pwd=="") {
         header("Location:../triallogin.php?login=empty");
            exit();
      } else{
        $sql="SELECT * FROM comments WHERE first='$uid'";
        $result=mysqli_query($conn,$sql);
        $resultcheck=mysqli_num_rows($result);
         if ($resultcheck<1) {
            header("Location:../triallogin.php?login=empty");
            exit();
         } else{
            if ($row=mysqli_fetch_assoc($result)) {
                //De-hasing of password
                $hashedpassowrd=password_verify($pwd,$row['pwd']);
                if ($hashedpassowrd==false) {
                    header("Location:../triallogin?login=wrongpassword");
                } elseif ($hashedpassowrd==true) {
                    $_SESSION['first']=$row['first'];
                    $_SESSION['last']=$row['last'];
                    header('Location:../triallogin.php?login=success');
                    exit();
                }
            }


         }  
      }
 } else {
    header('Location:../triallogin.php?login=hit');
    exit();
 }
halfer
  • 19,824
  • 17
  • 99
  • 186
ayush bhambore
  • 25
  • 4
  • remove `'` from these two lines `$uid=mysqli_real_escape_string($conn,'$_POST["firstname"]');$pwd=mysqli_real_escape_string($conn,'$_POST["password"]');` – Ankit Singh Jun 07 '18 at 09:47
  • 1
    It is useful if you tell us ___what error is being shown___ rather than just saying you get an error – RiggsFolly Jun 07 '18 at 09:52
  • ok I am trying bro – ayush bhambore Jun 07 '18 at 09:53
  • I will show you what type of error I am getting – ayush bhambore Jun 07 '18 at 09:53
  • ayush check my answer – delboy1978uk Jun 07 '18 at 09:54
  • Your script is wide open to [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) in either the `MYSQLI_` or `PDO` API's – RiggsFolly Jun 07 '18 at 09:54
  • That ^ I recommend pdo instead of mysqli too https://phpdelusions.net/pdo – delboy1978uk Jun 07 '18 at 09:55
  • http://localhost/comment%20section/triallogin.php?login=empty – ayush bhambore Jun 07 '18 at 09:56
  • You do realise that `localhost` means basically ___this PC___ So that link will try and find My Webserver and run code that does not exist on my server ?!?!?!?!??!??! – RiggsFolly Jun 07 '18 at 09:59
  • I am new to PHP and somehow I found, to create a signup and login page so ........................ :( – ayush bhambore Jun 07 '18 at 10:06

1 Answers1

-1

Three things.

You have put the post vars as a string:

$uid=mysqli_real_escape_string($conn,'$_POST["firstname"]');
$pwd=mysqli_real_escape_string($conn,'$_POST["password"]');

Change that to this:

$uid = mysqli_real_escape_string($conn, $_POST["firstname"]);
$pwd = mysqli_real_escape_string($conn, $_POST["password"]);

Secondly, you are trying to fetch your user login details from the comments table? That can't be right.

$sql="SELECT * FROM comments WHERE first='$uid'";

Possibly change that to the users table, or whatever you called it.

Finally, your SQL is vulnerable to an SQL Injection attack. The way around that is to to use a prepared statement and bind the parameters.

I recommend using PDO over mysqli, this is probably one of the best articles explaining why, have a read! https://phpdelusions.net/pdo

delboy1978uk
  • 12,118
  • 2
  • 21
  • 39