-1

so I was trying to do a login with php and mysqli and this is how its going at the moment:

$DBServer = 'X'; // ip o lo que sea
$DBUser   = 'X';
$DBPass   = 'X';
$DBName   = 'X';
$conn = new mysqli($DBServer, $DBUser, $DBPass, $DBName);

if ($_POST['login']) {
    $usuario = (isset($_POST['usuario'])) ? $_POST['usuario'] : '';
    $pass = (isset($_POST['pass'])) ? $_POST['pass'] : '';
if ($usuario == "" or $pass == "") {
    echo 'Rellena todos los campos';
} else {
$query = "SELECT * FROM users WHERE user = ? AND password = ? LIMIT 1";
    $stmt=$conn->prepare($query);

    $stmt->bind_param("ss",$usuario,$pass);

    $stmt->execute(); 

    $stmt->bind_result($nombre_db,$pass_db);

    while ($stmt->fetch()) {
    if ($nombre_db != $usuario) {
            echo'No existe el usuario';
        } else { 
        if ($pass_db !== $pass) { 
            echo'Contraseña incorrecta';
        } else { //pass correcto
        session_start();
            $_SESSION["nombre"]=$usuario;
            echo'<META HTTP-EQUIV="REFRESH" CONTENT="0";URL="home.php">';
    }
    }
}

However, when I try log in nothing happens. Any idea what am I doing wrong? The table users has two columns: user and password.Futhermore, where should this code go?

$stmt->close();

$mysqli->close();

Thanks! EDIT: The errors displayed when running this code:

error_reporting(E_ALL);
ini_set('display_errors', '1');

are the following

Notice: Undefined index: login in /home/u949068087/public_html/web/admin/login.php on line 39

Line 39 is the following: if($_POST['login']){ The actual form is the following:

<form method="post">
  <p>Usuario:
 <input type="text" name="usuario"  />
  </p>
  <p>
    Contraseña:
    <input type="password" name="pass"  />
    </p>
  <p>
    <input type="submit" value="login" name="login"  />
  </p>
</form>

What I pass through it is the following:

Array ( [usuario] => exampleuser [pass] => examplepassword [login] => login ) EDIT 2: As far as I am concerned, the error is in this part of the code which is not execu

while($stmt->fetch()){}

Any ideas? Thanks again!

Daniel Antón García
  • 183
  • 7

2 Answers2

0

There is one bracket missing in the end of your code, but I suppose you missed it when you copied your code here. Make sure if it is OK.

Second thing. Do you show PHP errors? You can put this code in the beggining of your PHP file.

error_reporting(E_ALL);
ini_set('display_errors', '1');
Michal Cichon
  • 1,369
  • 13
  • 18
  • What you're passing in $_POST['login']? You're code works on my Server just fine. Maybe you don't pass something correctly. You can debug this simply printing your $_POST array: print_r($_POST);exit(); – Michal Cichon Jul 13 '13 at 20:15
  • Thanks! Please refer to the main post, I edited adding some extra information – Daniel Antón García Jul 13 '13 at 20:29
-1

<META HTTP-EQUIV="REFRESH" CONTENT="0";URL="home.php">

Your refresh meta has the content value set to 0 i.e the page will refresh immediately. I assume that you are coming from the home.php file to start with, meaning that you won't even notice the refresh.

Try setting the content value to something more user friendly, say 3 (seconds)

<META HTTP-EQUIV="REFRESH" CONTENT="3";URL="home.php">

As for $stmt->close(); and $mysqli->close();, put them immediately after your while loop:

while($stmt->fetch()){
    if($nombre_db != $usuario){echo'No existe el usuario';}else{ //user existe
    if($pass_db != $pass){echo'Contraseña incorrecta';}else{ //pass correcto
    }
Dolchio
  • 459
  • 2
  • 11