-2

I am having great problem fixing this issue here and i am not very familiar with php. I don't see any problem missing in the code. I have searched and spent a really long time on this. However, it just keeps changing from one to another issue. the error that appears looks like this,

Undefined variable: password in /home2/abdi/public_html/phpinfo.php/login files/login.php on line 19

here is the actual code

<?php  error_reporting(E_ALL); ini_set('display_errors', 1);  session_start(); //connect to database $db=mysqli_connect("localhost","abdi_yae","abdi_yae123","abdi_ya");   if(isset($_POST['login_btn']))  {     addslashes(trim($_POST['username']));     addslashes(trim($_POST['password']));     //$username=mysqli_real_escape_string($_POST['username']);    // $password=mysqli_real_escape_string($_POST['password']);             $password=md5($password); //Remember we hashed password before storing last time     $sql="SELECT * FROM users WHERE username='$username' AND password='$password'";          $result=mysqli_query($db,$sql);     if(mysqli_num_rows($result)==1)                         {        $_SESSION['message']="You are now Logged In";        $_SESSION['username']= $username;         header("location:home.php");     }    else    {                $_SESSION['message']="Username and Password combiation incorrect";     } } ?>
johndue
  • 9
  • 1
  • where is the code?? – rahul patel Apr 15 '17 at 08:24
  • My initial instinct is that "password" should probably be "$password" but without seeing any code it's hard to know. – aidanharris Apr 15 '17 at 08:24
  • 1
    can you edit your code section? which part is commented out and which is actual code? – Suraj Rao Apr 15 '17 at 08:26
  • Check the syntax for mysqli_real_escape_string. You need to send the connection string as a first parameter. – rahul patel Apr 15 '17 at 08:39
  • Please, make new lines in your code, it is highly unreadable. What I see (might be wrong), that first definition of your `$password` is commented out, while the second uses `$password`. –  Apr 15 '17 at 08:53

2 Answers2

0

You need to set password variable for this.

$password = $_REQUEST['pass_text_name'];
Divyesh Tailor
  • 59
  • 5
0
<?php  error_reporting(E_ALL);
ini_set('display_errors', 1);
session_start(); //connect to database   
$db=mysqli_connect("localhost","abdi_yae","abdi_yae123","abdi_ya");
if(isset($_POST['login_btn']))  {
$username = addslashes(trim($_POST['username']));  
//addslashes(trim($_POST['password']));    
//$username=mysqli_real_escape_string($_POST['username']);    
// $password=mysqli_real_escape_string($_POST['password']);
$password=md5($_POST['password']); //Remember we hashed password before storing last time 
$sql="SELECT * FROM users WHERE username='$username' AND password='$password'";
$result=mysqli_query($db,$sql);
if(mysqli_num_rows($result)==1)
    {
        $_SESSION['message']="You are now Logged In";
        $_SESSION['username']= $username;
        header("location:home.php");
    }
    else
    {   
        $_SESSION['message']="Username and Password combiation incorrect";
    } 
} 
?>

Check Now Buddy. It's Done

Suraj Rao
  • 28,186
  • 10
  • 88
  • 94
Divyesh Tailor
  • 59
  • 5
  • Can you explain? $username and $password are both commented out.. – Suraj Rao Apr 15 '17 at 08:37
  • This is already commented by in question and addslashes(trim($_POST['username'])); addslashes(trim($_POST['password'])); this both variable is here so no need to declare again. – Divyesh Tailor Apr 15 '17 at 08:40
  • `$password` is set but `$username` is not..even the sql query will have issues.. I was not sure how you got to an answer..the code in the question is not clear – Suraj Rao Apr 15 '17 at 08:42
  • Sorry i have edited my answear. i forgot to declare $username in that you are right it will gave sql error. – Divyesh Tailor Apr 15 '17 at 08:48