vaidoshia

Hello, I am trying to make a code for admin login, however, when I upload a page and try to enter password and username, I cannot go to another page. Please let me know what is the problem with my code. Thank u. This is the actual login page code: <?php require_once("includes/session.php"); ?> <?php require_once("includes/connection.php"); ?> <?php if (logged_in()) { redirect_to("staff.php"); } include_once("includes/form_functions.php"); // START FORM PROCESSING if (isset($_POST['submit'])) { // Form has been submitted. $errors = array(); // perform validations on the form data if(empty($_POST['username'])) {$errors[]='FORGOT';} else {$username = mysqli_real_escape_string($connection, trim(stripslashes($_POST['username']))); ;} if(empty($_POST['hashed_password'])) {$errors[]='FORGOT';} else {$hashed_password = mysqli_real_escape_string($connection, trim(stripslashes($_POST['hashed_password']))); ;} if ( empty($errors) ) { // Check database to see if username and the hashed password exist there. if(empty($errors)) { $query = "SELECT * FROM users WHERE (username = '$username' AND hashed_password = '$hashed_password')"; $query = @mysqli_query ($connection, $query); if(@mysqli_num_rows($query) == 1) { $row = mysqli_fetch_array ($query, MYSQLI_ASSOC); return array (true, $row);} // username/password authenticated // and only 1 match $found_user = mysqli_fetch_array($result_set); $_SESSION['user_id'] = $found_user['id']; $_SESSION['username'] = $found_user['username']; redirect_to("staff.php"); } else { // username/password combo was not found in the database $message = "Username/password combination incorrect.<br /> Please make sure your caps lock key is off and try again."; } } else { if (count($errors) == 1) { $message = "There was 1 error in the form."; } else { $message = "There were " . count($errors) . " errors in the form."; } } } else { // Form has not been submitted. $username = ""; $password = ""; } ?> <?php include("includes/header.php"); ?> <table id="structure"> <tr> <td id="navigation"> <a href="index.php">Return to public site</a> </td> <td id="page"> <h2>Staff Login</h2> <?php if (!empty($message)) {echo "<p class=\"message\">" . $message . "</p>";} ?> <?php if (!empty($errors)) { display_errors($errors); } ?> <form action="admin.php" method="post"> <table> <tr> <td>Username:</td> <td><input type="text" name="username" maxlength="30" /></td> </tr> <tr> <td>Password:</td> <td><input type="password" name="hashed_password" maxlength="30"/></td> </tr> <tr> <td colspan="2"><input type="submit" name="submit" value="Login" /></td> </tr> </table> </form> </td> </tr> </table> <?php include("includes/footer.php"); ?> This is my session include file: <?php session_start(); function logged_in() { return isset($_SESSION['user_id']); } function confirm_logged_in() { if (!logged_in()) { redirect_to("admin.php"); } } ?> This is my function include file: <?php // This file is the place to store all basic functions function mysqli_rum_rows($result_set) { if (!$result_set) { die("Database query failed: " . mysqli_error()); } } ?> Thank you in advance!

Thank you, it really helped me to understand and change errors :]

Hello everybody, I would like to ask for help, I made a form, it is validated before submitting it, however when I check it on the browser, it shows errors without even submitting a form, please help me to solve this problem. This is the code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Reservation Form</title> <link href="stylesheet/form.css" rel="stylesheet" type="text/css" /> </head> <?php require_once('includes/connection.php') ?> <body> <?php //Validation //Validating name: // testing if form data has been sent - $_POST['submit'] = submit button name if(isset($_POST['submitted'])){ $errors = array(); } if(!empty($_REQUEST['name']) && (!is_numeric($_POST['name']))) { $name = $_REQUEST['name']; } else { $errors[] = "You forgot to type a name <br />"; } if(!empty($_REQUEST['last_name']) && (!is_numeric($_POST['last_name']))) { $name = $_REQUEST['last_name']; } else { $errors[] = "You forgot to type your last name <br />"; } if(!empty($_REQUEST['phone']) && (!is_numeric($_POST['phone'])) &&(preg_match('/^[0-9+$/i', $phone))) { $name = $_REQUEST['phone']; } else { $errors[] = "You forgot to type your phone <br />"; } if(!empty($_REQUEST['email']) && (is_numeric($_POST['email'])) &&(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-]) ↪*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $email))) { $name = $_REQUEST['email']; } else { $errors[] = "You forgot to type your email <br />"; } if(isset($_REQUEST['months'])) { $months = $_REQUEST['months']; } else { $errors[] = "You forgot to select a date <br />"; } if(isset($_REQUEST['day'])) { $day = $_REQUEST['day']; } else { $errors[] = "You forgot to select a date <br />"; } if(isset($_REQUEST['years'])) { $years = $_REQUEST['years']; } else { $errors[] = "You forgot to select a date <br />"; } if(isset($_REQUEST['hour'])) { $hour = $_REQUEST['hour']; } else { $errors[] = "You forgot to select hour <br />"; } if(!empty($_REQUEST['guests']) && (is_numeric($_POST['guests']))) { $guests = $_REQUEST['guests']; } else { $errors[] = "You forgot to type number of guests<br />"; } //Validating not obligatory data if(!empty($_REQUEST['comments']) && (!is_numeric($_POST['comments']))) { $comments = $_REQUEST['comments']; } else { $comments = NULL ; } if(empty($errors)){ echo "SUCCESS – thank you for making a reservation<br /><br />"; } else{ echo "<p style=\"color:#F00\">"; foreach($errors as $errormessages){ echo "$errormessages <br /><br />"; } echo "</p>"; } ?> <form name ="Reservation" method ="POST" action = "reservation.php" id="form"> <fieldset> <label>Name</label><input type="text" id="name" name="name" value="<?php if(isset($_POST['name'])){ echo $_POST['name']; } ?>" /><br /> <label>Last name</label><input type="text" id="last_name" name="last_name" value="<?php if(isset($_POST['last_name'])){ echo $_POST['last_name']; } ?>" /><br /> <label>Phone</label><input type="text" id="lastname" name="phone" value="<?php if(isset($_POST['phone'])){ echo $_POST['phone']; } ?>" /><br /> <label>Email</label><input type="text" id="email" name="email" value="<?php if(isset($_POST['email'])){ echo $_POST['email']; } ?>" /><br /> <label>Select Date </label> <?php //make month array $months = array (1 => 'January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December'); //month pull down menu: echo '<select name="months">'; foreach ($months as $key => $value) { echo "<option value=\"$key\">$value</option>\n"; } echo '</select>'; //Make the days pull-down menu: echo '<select name ="day">'; for ($day = 1; $day <= 31; $day++) { echo "<option value=\"$day\">$day</option>\n"; } echo '</select>'; //Make years pull down menu: echo '<select name="year">'; for($year = 2008; $year<= 2018; $year++) { echo "<option value=\"$year\">$year</option>\n"; } echo '</select>'; ?> <br /> <label>Hour</label> <?php //Make hours pull-down menu: echo '<select name ="hour">'; for ($hour = 10; $hour <= 23; $hour++) { echo "<option value=\"$hour\">$hour</option>\n"; } echo '</select>'; ?> <br /> <label>Guests</label><input type="text" id="guests" name="guests" value="<?php if(isset($_POST['guests'])){ echo $_POST['guests']; } ?>" /><br /> <label>Comments</label><textarea name="comments" id="comments" cols="30" rows="5"><?php if(isset($_POST['comments'])){ echo $_POST['comments']; } ?></textarea><br /> <input class="submit" type="submit" id="submit" name="submit" value="Send reservation" /> </fieldset> </form> <?php mysqli_close($connection); ?> </body> </html>