Click here to Skip to main content
15,885,546 members
Search within:


My multi user login system won't work
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
SQL
PHP
logging
I'm trying to create a multi user login system but when I try to log on it doesn't work and simply stays on the same page.What can I do?

index.php

PHP
<form method="post" class="form-horizontal">

    <div class="form-group">
        <label class="col-sm-3 control-label">Email</label>
        <div class="col-sm-6">
            <input type="text" name="txt_email" class="form-control" placeholder="enter email" />
        </div>
    </div>

    <div class="form-group">
        <label class="col-sm-3 control-label">Password</label>
        <div class="col-sm-6">
            <input type="password" name="txt_password" class="form-control" placeholder="enter password" />
        </div>
    </div>

    <div class="form-group">
        <label class="col-sm-3 control-label">Select Type</label>
        <div class=col-sm-3>
            <select class="form-control" name="txt_role">
                <option value="" selected="selected"> - Which one are you </option>
                <option value="admin"> Admin </option>
                <option value="parent"> Parent </option>
                <option value="swimmer"> Swimmer </option>
            </select>
        </div>
    </div>

    <div class="form-group">
        <div class="col-sm-offset-3 col-sm-9 m-t-15">
            <input type="submit" name="btn_login" class="btn btn-success" value="Login">
        </div>
    </div>

    <div class="form-group">
        <div class="col-sm-offset col-sm-9 m-t-15">
            You don't have an account at Water Tower 2000 <a href="register.php">
                <p class="text-info">Register Water Tower 2000 Account </p>
            </a>
        </div>
    </div>
</form>


index.php php code for login form

PHP
<?php
require_once "connection.php";
session_start();

if (isset($_SESSION["admin_login"])) {
    header("location:admin/admin_home.php");
}

if (isset($_SESSION["parent_login"])) {
    header("location:parent/parent_home.php");
}

if (isset($_SESSION["swimmer_login"])) {
    header("location:swimmer/swimmer_home.php");
}

if (isset($_GET["btn_login"])) {
    $email = $_GET["txt_email"];

    $password = $_GET["txt_password"];

    $email = $_GET["txt_role"];

    if (empty($email)) {
        $errorMsg[] = "please enter your water tower email";
    } elseif (empty($password)) {
        $errorMsg[] = "please enter yout water tower email";
    } elseif (empty($role)) {
        $errorMsg[] = "please enter yout water tower email";
    } elseif ($email and $password and $role) {
        


try {
            
$select_stmt = $db->prepare("SELECT email,password,role FROM masterlogin WHERE email=:uemail AND password=:upassword AND role=:urole");

            
            $select_stmt->bindParam(":uemail", $email);

            $select_stmt->bindParam(":upassword", $password);

            $select_stmt->bindParam(":urole", $role);

            $select_stmt->excute();

            
while ($row = $select_stmt->fetch(PDO::FETCH_ASSOC)) {
       $dbemail = $row["email"];

       $dbpassword = $row["password"];

       $dbrole = $row["role"];
 }

if ($email != null and $password != null and $role != null) {
                    
if ($select_stmt->rowCount() > 0) {
        
if ($email !== $dbemail and $password == $dbpassword and $role == $dbro) {
                        
switch ($dbrole) {
case "admin":
$_SESSION["admin_login"] = $email;
$loginMsg = "Admin...Your in Water Tower...";
header("refresh:3;admin/admin_home.php");
break;

case "parent":
$_SESSION["parent_login"] = $email;
$loginMsg =n"Parent...Welcome To Water Tower...";
header("refresh:3;parent/parent_home.php");
break;

case "swimmer":
$_SESSION["swimmer_login"] = $email;
$loginMsg =
"Fellow swimmer...Your in Water Tower...";
header("refresh:3;swimmer/swimmer_home.php");
break;

default:
$errorMsg[] =
"Sorry but either the email/password/role is wrong";
   }
 
} 


else {

 $errorMsg="Sorry but either the email/password/role is wrong";
 
 }

 }

 else {

 $errorMsg="Sorry but either the email/password/role is wrong";

 }

 }

 else{

 $errorMsg="Sorry but either the email/password/role is wrong";

 }

 }



 catch (PDOException $e){

 $e->getMassage();

 }

 }

 else {

 $errorMsg="Sorry but either the email/password/role is wrong";

 }

 }

 ?>


register.php

<form method ="post" class="form-horizontal">

<div class ="form-group">
<label class = "col-sm-3 control-label">Username</label>  
<div class = "col-sm-6">  
<input type = "text" name="txt_username" class="form-control" placeholder = "enter username" />
</div>
</div>

<div class ="form-group">
<label class = "col-sm-3 control-label">Password</label>  
<div class = "col-sm-6">  
<input type = "password" name="txt_password" class="form-control" placeholder = "enter password" />
</div>
</div>

<div class ="form-group">
<label class = "col-sm-3 control-label">Username</label>  
<div class = "col-sm-6">
<select class = "" name="txt_role">
<option value = "" selected = "selected"> - select role - </option>
<option value = "swimmer">Swimmer</option>         
<option value = "parent">Parent</option>
</select>   
</div>
</div>

<div class = "form-group">
<div class = "col-sm-offset-3 col-sm-9- m-t-15">    
<input type = "submit" name="btn_register" class="btn btn-primary" value = "Register">
</div>
</div>

<div class = "form-group">
<div class ="col-sm-offset-3 col-sm-9 m-t-15">
You have an account at Water Tower? <a href = "index.php"><p class = "text-info">Login Account </p></a>        
</div>
</div>

</form>


php code for registration form

<?php

require_once 'connection.php';

if(isset ($_GET["btn_register"])) 

{

if (isset ($_GET['btn_login'])) {
    $username = $_GET ["txt_username"];
    $email = $_GET ["txt_email"];
    $password = $_GET ["txt_password"];
    $role = $_GET ["txt_role"]


if(empty($username)){
    $errorMsg[]="please enter your usernmae";
}

else if(empty($email)){
    $errorMsg[]="please enter your email";
}

else if(!filter_var($email,FILTER_VALIDATE_EMAIL)){
    $errorMsg[]="please enter a valid email address ";
}

else if(empty($password)){
    $errorMsg[]="please enter password";
}    

else if (strlen ($password) < 6) {
    $errorMsg[]="It needs to be more than 6 characters";
}

else if (empty($role)) < 6) {
    $errorMsg[]="Please select a role";
}


try{
$select_stmt=$db->prepare("SELECT username,email FROM masterlogin WHERE username=:uname OR
email=:uemail");

$select_stmt->bindParam(":uname",$username);
$select_stmt->bindParam(":uemail",$email);
$select_stmt->excute();
$row=$select_stmt->fetch(PDO::FETCH_ASSOC);


if ($row["username"]==$username){
    $errorMsg[]="Sorry but username already exsit";
}

else if ($row["email"]==$email){
    $errorMsg[]="Sorry but email already exsit";
}

else if($isset($errorMsg))

{

$insert_stmt=$db->prepare ("INSERT INTO masterlogin (username,email,password,root) VALUES(:uname,:uemail,:upassword,:urole)");
$insert_stmt->bindParam(":uname",$username);
$insert_stmt->bindParam("uemail",$uemail);
$insert_stmt->bindParam("upassword",$upassword);
$insert_stmt->bindParam("urole",$role);

if($insert_stmt->excute())

{

$registerMsg = "Register Succesfully...Wait Login Page";    
header("refresh:4;index.php");

       }

   }

 }

 catch (PDOException $e) {

    echo $e->getMassage();

 }

}

}

?>


admin_home.php

<style type = "text/css">

body {
    padding:0;
    margin:0;
    background:
}
    
h1 {

    font-size:5em;
    margin:0;
    padding:0;
    text-align:center;
    font-family: 'arial';
    position:absolute;
    top:50%;
    left:50%;
    transform: translateX(-50%);

}

</style>
</body>

<body>
<h1> This is the Admin Page </h1>
</body>


<?php

session_start();

if(isset ($_SESSION["admin_login"])) 
{
    header ("location:.../index.php");
}

if(isset ($_SESSION["parent_login"])) 
{
    header ("location:parent/parent_home.php");
}

if(isset ($_SESSION["swimmer_login"])) 
{
    header ("location:swimmer/swimmer_home.php");
}

if(isset ($_SESSION["admin_login"])) 
{
 ?>
Welcome,
<?php
echo $_SESSION ['admin_login'];

}
?>

<a href = "../logout.php">Logout</a>


parent_home.php

<style type = "text/css">

body {
    padding:0;
    margin:0;
    background:
}
    
h1 {

    font-size:5em;
    margin:0;
    padding:0;
    text-align:center;
    font-family: 'arial';
    position:absolute;
    top:50%;
    left:50%;
    transform: translateX(-50%);

}

</style>
</body>

<body>
<h1> This is the Parent Page </h1>
</body>

<?php

session_start();

if(isset ($_SESSION["parent_login"])) 
{
    header ("location:.../index.php");
}

if(isset ($_SESSION["admin_login"])) 
{
    header ("location:.../admin/admin_home.php");
}

if(isset ($_SESSION["swimmer_login"])) 
{
    header ("location:.../swimmer/swimmer_home.php");
}

if(isset ($_SESSION["parent_login"])) 
{
 ?>
Welcome,
<?php
echo $_SESSION ['parent_login'];

}
?>

<a href = "../logout.php">Logout</a>


swimmer_home.php
<style type = "text/css">

body {
    padding:0;
    margin:0;
    background:
}
    
h1 {

    font-size:5em;
    margin:0;
    padding:0;
    text-align:center;
    font-family: 'arial';
    position:absolute;
    top:50%;
    left:50%;
    transform: translateX(-50%);

}

</style>
</body>

<body>
<h1> This is the Swimmer Page </h1>
</body>

<?php

session_start();

if(isset ($_SESSION["swimmer_login"])) 
{
    header ("location:.../index.php");
}

if(isset ($_SESSION["admin_login"])) 
{
    header ("location:.../admin/admin_home.php");
}

if(isset ($_SESSION["parent_login"])) 
{
    header ("location:.../parent/parent_home.php");
}

if(isset ($_SESSION["swimmer_login"])) 
{
 ?>
Welcome,
<?php
echo $_SESSION ['swimmer_login'];

}
?>

<a href = "../logout.php">Logout</a>


logout.php

<?php
session_start();

header ("location:index.php");

session_destroy ();

?>


connection.php

<?php

$db_host="localhost";
$db_user="root";
$db_password= "";
$db_name="php_water tower 2000";

try {

    $db=new PDO ("mysql:host={$db_host};dbname={$db_name}",$db_user,$db_password);
    $db->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);

}

catch (PDOEXCEPTION $e) {
    $e->getMessage();
}

?>


What I have tried:

- Looking for errors and I found none
- Looking at my SQL Queries to see if there was an issue it was this: 
SELECT * FROM 'masterlogin' WHERE 1
(Not sure if there's a problem)
- Looked for spelling mistake (solved some of them)
Posted
Add a Solution
Comments
CHill60 10-May-22 4:17am    
"SELECT * FROM 'masterlogin' WHERE 1" - This SQL does not appear in the code you posted.
Also, do not store passwords as plain text, see Password Storage: How to do it.[^]
Some of this code is about registration - if that is not where the problem is then remove that code, it is not relevant to your problem and is distracting (not many members will be prepared to go through that much code with such a vague description of the problem)
Richard Deeming 12-May-22 11:47am    
Use PHP's built-in functions to handle password storage safely:
PHP: password_hash[^]
PHP: password_verify[^]

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Login system won't work any ideas?
Timer Problem in multi user online exam system
Make a working login system for this piece of library management system in Python
Multi level login access
Login System in VB.net
Multi user access level login
Login failed. Login failed for user 'NT AUTHORITY\SYSTEM'
create multi user software
How to deny or redirect to login page if user not make login to my web application ?
Login failed for user

Advertise
Privacy
Cookies
Terms of Use
Last Updated 9 May 2022
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web03 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900