Click here to Skip to main content
15,446,232 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I'm trying to create a multi user login system but when I try to log on it doesn't work and simply stays on the same page.What can I do?

index.php

PHP
<form method="post" class="form-horizontal">

    <div class="form-group">
        <label class="col-sm-3 control-label">Email</label>
        <div class="col-sm-6">
            <input type="text" name="txt_email" class="form-control" placeholder="enter email" />
        </div>
    </div>

    <div class="form-group">
        <label class="col-sm-3 control-label">Password</label>
        <div class="col-sm-6">
            <input type="password" name="txt_password" class="form-control" placeholder="enter password" />
        </div>
    </div>

    <div class="form-group">
        <label class="col-sm-3 control-label">Select Type</label>
        <div class=col-sm-3>
            <select class="form-control" name="txt_role">
                <option value="" selected="selected"> - Which one are you </option>
                <option value="admin"> Admin </option>
                <option value="parent"> Parent </option>
                <option value="swimmer"> Swimmer </option>
            </select>
        </div>
    </div>

    <div class="form-group">
        <div class="col-sm-offset-3 col-sm-9 m-t-15">
            <input type="submit" name="btn_login" class="btn btn-success" value="Login">
        </div>
    </div>

    <div class="form-group">
        <div class="col-sm-offset col-sm-9 m-t-15">
            You don't have an account at Water Tower 2000 <a href="register.php">
                <p class="text-info">Register Water Tower 2000 Account </p>
            </a>
        </div>
    </div>
</form>


index.php php code for login form

PHP
<?php
require_once "connection.php";
session_start();

if (isset($_SESSION["admin_login"])) {
    header("location:admin/admin_home.php");
}

if (isset($_SESSION["parent_login"])) {
    header("location:parent/parent_home.php");
}

if (isset($_SESSION["swimmer_login"])) {
    header("location:swimmer/swimmer_home.php");
}

if (isset($_GET["btn_login"])) {
    $email = $_GET["txt_email"];

    $password = $_GET["txt_password"];

    $email = $_GET["txt_role"];

    if (empty($email)) {
        $errorMsg[] = "please enter your water tower email";
    } elseif (empty($password)) {
        $errorMsg[] = "please enter yout water tower email";
    } elseif (empty($role)) {
        $errorMsg[] = "please enter yout water tower email";
    } elseif ($email and $password and $role) {
        


try {
            
$select_stmt = $db->prepare("SELECT email,password,role FROM masterlogin WHERE email=:uemail AND password=:upassword AND role=:urole");

            
            $select_stmt->bindParam(":uemail", $email);

            $select_stmt->bindParam(":upassword", $password);

            $select_stmt->bindParam(":urole", $role);

            $select_stmt->excute();

            
while ($row = $select_stmt->fetch(PDO::FETCH_ASSOC)) {
       $dbemail = $row["email"];

       $dbpassword = $row["password"];

       $dbrole = $row["role"];
 }

if ($email != null and $password != null and $role != null) {
                    
if ($select_stmt->rowCount() > 0) {
        
if ($email !== $dbemail and $password == $dbpassword and $role == $dbro) {
                        
switch ($dbrole) {
case "admin":
$_SESSION["admin_login"] = $email;
$loginMsg = "Admin...Your in Water Tower...";
header("refresh:3;admin/admin_home.php");
break;

case "parent":
$_SESSION["parent_login"] = $email;
$loginMsg =n"Parent...Welcome To Water Tower...";
header("refresh:3;parent/parent_home.php");
break;

case "swimmer":
$_SESSION["swimmer_login"] = $email;
$loginMsg =
"Fellow swimmer...Your in Water Tower...";
header("refresh:3;swimmer/swimmer_home.php");
break;

default:
$errorMsg[] =
"Sorry but either the email/password/role is wrong";
   }
 
} 


else {

 $errorMsg="Sorry but either the email/password/role is wrong";
 
 }

 }

 else {

 $errorMsg="Sorry but either the email/password/role is wrong";

 }

 }

 else{

 $errorMsg="Sorry but either the email/password/role is wrong";

 }

 }



 catch (PDOException $e){

 $e->getMassage();

 }

 }

 else {

 $errorMsg="Sorry but either the email/password/role is wrong";

 }

 }

 ?> 


register.php

<form method ="post" class="form-horizontal">

<div class ="form-group">
<label class = "col-sm-3 control-label">Username</label>  
<div class = "col-sm-6">  
<input type = "text" name="txt_username" class="form-control" placeholder = "enter username" />
</div>
</div>

<div class ="form-group">
<label class = "col-sm-3 control-label">Password</label>  
<div class = "col-sm-6">  
<input type = "password" name="txt_password" class="form-control" placeholder = "enter password" />
</div>
</div>

<div class ="form-group">
<label class = "col-sm-3 control-label">Username</label>  
<div class = "col-sm-6">
<select class = "" name="txt_role">
<option value = "" selected = "selected"> - select role - </option>
<option value = "swimmer">Swimmer</option>         
<option value = "parent">Parent</option>
</select>   
</div>
</div>

<div class = "form-group">
<div class = "col-sm-offset-3 col-sm-9- m-t-15">    
<input type = "submit" name="btn_register" class="btn btn-primary" value = "Register">
</div>
</div>

<div class = "form-group">
<div class ="col-sm-offset-3 col-sm-9 m-t-15">
You have an account at Water Tower? <a href = "index.php"><p class = "text-info">Login Account </p></a>        
</div>
</div>

</form>


php code for registration form

<?php

require_once 'connection.php';

if(isset ($_GET["btn_register"])) 

{

if (isset ($_GET['btn_login'])) {
    $username = $_GET ["txt_username"];
    $email = $_GET ["txt_email"];
    $password = $_GET ["txt_password"];
    $role = $_GET ["txt_role"]


if(empty($username)){
    $errorMsg[]="please enter your usernmae";
}

else if(empty($email)){
    $errorMsg[]="please enter your email";
}

else if(!filter_var($email,FILTER_VALIDATE_EMAIL)){
    $errorMsg[]="please enter a valid email address ";
}

else if(empty($password)){
    $errorMsg[]="please enter password";
}    

else if (strlen ($password) < 6) {
    $errorMsg[]="It needs to be more than 6 characters";
}

else if (empty($role)) < 6) {
    $errorMsg[]="Please select a role";
}


try{
$select_stmt=$db->prepare("SELECT username,email FROM masterlogin WHERE username=:uname OR
email=:uemail");

$select_stmt->bindParam(":uname",$username);
$select_stmt->bindParam(":uemail",$email);
$select_stmt->excute();
$row=$select_stmt->fetch(PDO::FETCH_ASSOC);


if ($row["username"]==$username){
    $errorMsg[]="Sorry but username already exsit";
}

else if ($row["email"]==$email){
    $errorMsg[]="Sorry but email already exsit";
}

else if($isset($errorMsg))

{

$insert_stmt=$db->prepare ("INSERT INTO masterlogin (username,email,password,root) VALUES(:uname,:uemail,:upassword,:urole)");
$insert_stmt->bindParam(":uname",$username);
$insert_stmt->bindParam("uemail",$uemail);
$insert_stmt->bindParam("upassword",$upassword);
$insert_stmt->bindParam("urole",$role);

if($insert_stmt->excute())

{

$registerMsg = "Register Succesfully...Wait Login Page";    
header("refresh:4;index.php");

       }

   }

 }

 catch (PDOException $e) {

    echo $e->getMassage();

 }

}

}

?>


admin_home.php

<style type = "text/css">

body {
    padding:0;
    margin:0;
    background:
}
    
h1 {

    font-size:5em;
    margin:0;
    padding:0;
    text-align:center;
    font-family: 'arial';
    position:absolute;
    top:50%;
    left:50%;
    transform: translateX(-50%);

}

</style>
</body>

<body>
<h1> This is the Admin Page </h1>
</body>


<?php

session_start();

if(isset ($_SESSION["admin_login"])) 
{
    header ("location:.../index.php");
}

if(isset ($_SESSION["parent_login"])) 
{
    header ("location:parent/parent_home.php");
}

if(isset ($_SESSION["swimmer_login"])) 
{
    header ("location:swimmer/swimmer_home.php");
}

if(isset ($_SESSION["admin_login"])) 
{
 ?>
Welcome,
<?php
echo $_SESSION ['admin_login'];

}
?>

<a href = "../logout.php">Logout</a>


parent_home.php

<style type = "text/css">

body {
    padding:0;
    margin:0;
    background:
}
    
h1 {

    font-size:5em;
    margin:0;
    padding:0;
    text-align:center;
    font-family: 'arial';
    position:absolute;
    top:50%;
    left:50%;
    transform: translateX(-50%);

}

</style>
</body>

<body>
<h1> This is the Parent Page </h1>
</body>

<?php

session_start();

if(isset ($_SESSION["parent_login"])) 
{
    header ("location:.../index.php");
}

if(isset ($_SESSION["admin_login"])) 
{
    header ("location:.../admin/admin_home.php");
}

if(isset ($_SESSION["swimmer_login"])) 
{
    header ("location:.../swimmer/swimmer_home.php");
}

if(isset ($_SESSION["parent_login"])) 
{
 ?>
Welcome,
<?php
echo $_SESSION ['parent_login'];

}
?>

<a href = "../logout.php">Logout</a>


swimmer_home.php
<style type = "text/css">

body {
    padding:0;
    margin:0;
    background:
}
    
h1 {

    font-size:5em;
    margin:0;
    padding:0;
    text-align:center;
    font-family: 'arial';
    position:absolute;
    top:50%;
    left:50%;
    transform: translateX(-50%);

}

</style>
</body>

<body>
<h1> This is the Swimmer Page </h1>
</body>

<?php

session_start();

if(isset ($_SESSION["swimmer_login"])) 
{
    header ("location:.../index.php");
}

if(isset ($_SESSION["admin_login"])) 
{
    header ("location:.../admin/admin_home.php");
}

if(isset ($_SESSION["parent_login"])) 
{
    header ("location:.../parent/parent_home.php");
}

if(isset ($_SESSION["swimmer_login"])) 
{
 ?>
Welcome,
<?php
echo $_SESSION ['swimmer_login'];

}
?>

<a href = "../logout.php">Logout</a>


logout.php

<?php
session_start();

header ("location:index.php");

session_destroy ();

?>


connection.php

<?php

$db_host="localhost";
$db_user="root";
$db_password= "";
$db_name="php_water tower 2000";

try {

    $db=new PDO ("mysql:host={$db_host};dbname={$db_name}",$db_user,$db_password);
    $db->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);

}

catch (PDOEXCEPTION $e) {
    $e->getMessage();
}

?>


What I have tried:

- Looking for errors and I found none
- Looking at my SQL Queries to see if there was an issue it was this:
SELECT * FROM 'masterlogin' WHERE 1
(Not sure if there's a problem)
- Looked for spelling mistake (solved some of them)
Posted
Comments
CHill60 10-May-22 4:17am     CRLF
"SELECT * FROM 'masterlogin' WHERE 1" - This SQL does not appear in the code you posted. Also, do not store passwords as plain text, see Password Storage: How to do it.[^] Some of this code is about registration - if that is not where the problem is then remove that code, it is not relevant to your problem and is distracting (not many members will be prepared to go through that much code with such a vague description of the problem)
Richard Deeming 12-May-22 11:47am     CRLF
Use PHP's built-in functions to handle password storage safely: PHP: password_hash[^] PHP: password_verify[^]

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900