Click here to Skip to main content
15,611,626 members
Please Sign up or sign in to vote.
1.00/5 (2 votes)
See more:
I HAVE CREATED ALOGIN FORM AND CONNECTED IT TO DATABASE SUCCESSFULLY BUT WHEN I I TRY TO LOGIN WITH CORRECT CREDENTIALS BUT ITS REDIRECTING TO A PAGE AND SHOWING


Fatal error: Uncaught Error: Call to undefined function validate() in C:\xampp\htdocs\project\logtest.php:18


HOW DO I SOLVE IT?

What I have tried:

/* MY CODE*/


<?php
session_start();
include "db_conn.php";

if(isset($_POST['uname']) && isset($_POST['password']))
{
    function validate($data)
    {
        $data = trim($data);
        $data = stripslashes($data);
        $data = htmlspecialchars($data);
        return $data;

    }

}

$uname = validate($_POST['uname']);
$pass = validate($_POST['password']);

if(empty($uname))
{
    header("location: loghome.php?error=User Name is Required");
    exit();
}
else if(empty($pass))
{
    header("location: loghome.php?error=password is Required");
    exit();
}
$sql = "SELECT * FROM users WHERE user_name='$uname' AND password='$pass'";
$result = mysqli_query($conn, $sql);

if(mysqli_num_rows($result)===1)
{
    $row = mysqli_fetch_assoc($result);
    if($row['user_name'] === $uname && $row['password'] === $pass)
    {
        echo "Logged IN";
        $_SESSION['user_name'] = $row['user_name'];
        $_SESSION['name'] = $row['name'];
        $_SESSION['id'] = $row['id'];
        header("location:home1.php");
        exit();


    }

    else {
        header("location:loghome.php?error= Incorrect Username or password");
        exit();

    }

}
else {
    header("location: loghome.php");
    exit();
}
PHP
<pre lang="PHP">
Posted
Updated 8-Jan-23 23:55pm
Comments
Richard Deeming 9-Jan-23 6:27am    
Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation/interpolation to build a SQL query. ALWAYS use a parameterized query.
PHP: SQL Injection - Manual[^]
Richard Deeming 9-Jan-23 6:28am    
Also, you are storing your users' passwords in plain text. Don't do that!
Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]

PHP provides built-in functions to help you do the right thing:
PHP: password_hash[^]
PHP: password_verify[^]

PHP is an interpreted language: it only does anything when it runs code.

If you define a function inside an if block, it only gets defined if the condition is true.

So when your test fails, the code defining validate never gets executed and it fails when you try to use it.

What did you think that if block was going to do?
 
Share this answer
 
Your validate function only exists inside the block that starts at the line:
PHP
if(isset($_POST['uname']) && isset($_POST['password']))

but you are trying to call it from outside of the block. So move it outside of that block so it is accessible from other parts of the code, something like:
PHP
function validate($data)
{
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    return $data;

}
$uname = '';
$pass = '';
if(isset($_POST['uname']) && isset($_POST['password']))
{
    $uname = validate($_POST['uname']);
    $pass = validate($_POST['password']);
}

You should read up on the subject of "scope of variables and functions in PHP".
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900