I am creating an admin area for my site but I have 3 php errors that are appearing and I can't find a fix.
Login.php
<?php
include_once("includes/config.php");
$username = $password = "";
$username_err = $password_err = "";
if($_SERVER["REQUEST_METHOD"] == "POST") {
if(empty(trim($_POST["username"]))){
$username_err = 'Please enter your admin username.';
} else{
$username = trim($_POST["username"]);
}
if(empty(trim($_POST['password']))){
$password_err = 'Please enter your admin password.';
} else{
$password = trim($_POST['password']);
}
if(empty($username_err) && empty($password_err)){
// Prepare a select statement
$sql = "SELECT username, password FROM members WHERE username = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = $username;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store result
mysqli_stmt_store_result($stmt);
// Check if username exists, if yes then verify password
if(mysqli_stmt_num_rows($stmt) == 1){
// Bind result variables
mysqli_stmt_bind_result($stmt, $username, $hashed_password);
if(mysqli_stmt_fetch($stmt)){
if(password_verify($password, $hashed_password)){
/* Password is correct, so start a new session and
save the username to the session */
session_start();
$_SESSION['username'] = $username;
header("location: main.php");
} else{
// Display an error message if password is not valid
$password_err = 'The password you entered was not valid.';
}
}
} else{
// Display an error message if username doesn't exist
$username_err = 'No account found with that username.';
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
}
// Close statement
mysqli_stmt_close($stmt);
}
// Close connection
mysqli_close($link);
}
?>
The issues that are showing are
[04-Dec-2017 20:21:01 Europe/London] PHP Warning: mysqli_prepare() expects parameter 1 to be mysqli, null given in /home/drugcraf/public_html/admin/login.php on line 25
[04-Dec-2017 20:21:01 Europe/London] PHP Warning: mysqli_stmt_close() expects parameter 1 to be mysqli_stmt, null given in /home/drugcraf/public_html/admin/login.php on line 63
[04-Dec-2017 20:21:01 Europe/London] PHP Warning: mysqli_close() expects parameter 1 to be mysqli, null given in /home/drugcraf/public_html/admin/login.php on line 67
The page loads but when you click login it does not log you in
ob_start();
session_start();
date_default_timezone_set('Europe/London');
$DB_IP = "localhost";
$DB_USER = "jenkinsdesigns_a";
$DB_PASSWORD = "PASSWORD HIDDEN";
$DB_NAME = "jenkinsdesigns_admin";
$link = mysqli_connect($DB_IP,$DB_USER,$DB_PASSWORD,$DB_NAME);
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
include("functions.php");