How to Submit a Login Form to itself (.PHP with HTML Codes)

Question

i made a .php file with HTML code inline. i try to make things smaller as much as possible so i made it this way. this is my code:

<!DOCTYPE HTML>
<html lang="en">
    <head>
        <meta charset="UTF-8">
        <title> Bambino Web Panel 1.0 </title>

        <link rel="stylesheet" href="assets/stylesheets/reset.css" type"text/css" />
        <link rel="stylesheet" href="assets/stylesheets/index.css" type"text/css" />
        <link rel="icon" href="assets/imgs/favicon.ico" type="image/x-icon"/>
    </head>

    <body>
        <div class="wrap">
            <form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="POST">
                <div class="avatar">
                    <img src="assets/imgs/bambino_logo.png">
                </div>

                <input type="text" placeholder="username" name="username" required>

                <div class="bar">
                    <i>

                    </i>
                </div>

                <input type="password" placeholder="password" name="password" required>
                <a href="" class="forgot_link"> forgot ? </a>
                <button> Sign in </button>
            </form>
        </div>
    </body>
</html>

<?php

session_start();

$username = $_POST['username'];
$password = $_POST['password'];

if ($username&&$password)
{   
    $connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect to the database");
    mysql_select_db("bambinodb") or die ("Couldn't find database");

    $query = mysql_query("SELECT * FROM admin_accounts WHERE username = '$username'");

    $numrows = mysql_num_rows($query);

    if ($numrows)
    { 
        while ($row = mysql_fetch_assoc($query))
        {
            $dbusername = $row['username'];
            $dbpassword = $row['password'];
        }

        if ($username==$dbusername && $password==$dbpassword)
        {
            echo "Admin  has logged in";
            header("Location: /soon/index.php");
            die();
        }
        else
        {
            echo "Your Password is incorrect.";
        }
    }
    else
    {
        echo "Your Username is incorrect.";
    }

}
else
{
    echo "Please enter Username and Password";
}

?>

the problem i am facing is that i get two errors when i open my file:

Notice: Undefined index: username in C:\xampp\htdocs\skyenginedevelopers.org\index.php on line 40

Notice: Undefined index: password in C:\xampp\htdocs\skyenginedevelopers.org\index.php on line 41

Please enter Username and Password

i named the inputboxes respectively. i hope someone can help me. thanks

Danny Broadbent · Answer 1 · 2015-07-09T08:33:38.333

1

Wrap your PHP part in an if statement to check if POST exists

<?php

session_start();

if (isset($_POST) && count($_POST)>0) {
    $username = $_POST['username'];
    $password = $_POST['password'];

    if ($username&&$password)
    {   
        $connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect to the database");
        mysql_select_db("bambinodb") or die ("Couldn't find database");

        $query = mysql_query("SELECT * FROM admin_accounts WHERE username = '$username'");

        $numrows = mysql_num_rows($query);

        if ($numrows)
        { 
            while ($row = mysql_fetch_assoc($query))
            {
                $dbusername = $row['username'];
                $dbpassword = $row['password'];
            }

            if ($username==$dbusername && $password==$dbpassword)
            {
                echo "Admin  has logged in";
                header("Location: /soon/index.php");
                die();
            }
            else
            {
                echo "Your Password is incorrect.";
            }
        }
        else
        {
            echo "Your Username is incorrect.";
        }

    }
    else
    {
        echo "Please enter Username and Password";
    }
}
?>

I would also advise you to use mysqli or PDO as mysql is deprecated

edited Jul 09 '15 at 08:33

answered Jul 09 '15 at 07:58

Danny Broadbent

1,199
1
9
21

thanks. i've also read most about mysqli and is trying to convert my code into it. thank you sir. i'll check back later – TheDarkKnight Jul 09 '15 at 08:01
1

Also don't store passwords as plain text. Use PHP's built in [password functions](http://php.net/password) or the [compability library](https://github.com/ircmaxell/password_compat) for older versions of PHP. – OIS Jul 09 '15 at 08:02
i still have undefined index appearing. does this have something to do with my form ? or should the php codes come first before the html codes ?. – TheDarkKnight Jul 09 '15 at 08:18
Is it error before you post the form (if so you probably haven't wrapped the if statement around all of your PHP code as shown in my example), if you have already done same as my example are you getting a different error to the one you originally posted. – Danny Broadbent Jul 09 '15 at 08:21
the error appears after i open the page. as seen here: http://i.imgur.com/6ayGHLQ.png – TheDarkKnight Jul 09 '15 at 08:31
Updated answer, add && count($_POST)>0 within the if statement – Danny Broadbent Jul 09 '15 at 08:33
Did this help resolve the issue? – Danny Broadbent Jul 09 '15 at 09:26
still converting my code to mysqli sir. i am having a little problem – TheDarkKnight Jul 09 '15 at 09:55
whats the issue you are having – Danny Broadbent Jul 09 '15 at 12:33

How to Submit a Login Form to itself (.PHP with HTML Codes)

1 Answers1