creating a login form using php,mysql and html but not able to sign in

Question

when I enter no data in password and username field then it is working correct it says that "enter data" which is correct but when i enter the data and press sign in it just goes to a blank page no error nothing.After pressing sign in it just shows me a blank page.

php code:-

<?php
$conn_error= 'could not connect to the databse';
$mysql_host= 'localhost';
$mysql_user= 'root';
$mysql_pass= '';
$mysql_db='shubhamyadav';
mysql_connect($mysql_host, $mysql_user, $mysql_pass) or die($conn_error);
mysql_select_db($mysql_db) or die($conn_error);

if(isset($_POST['userName'])&& isset($_POST['pass'])) {

    $userName = $_POST['userName'];
    $pass = $_POST['pass'];

    if (!empty($userName) && !empty($pass)){
        $query = "SELECT 'id' FROM 'users' WHERE 'userName' = '$userName' AND 'pass' = '$pass'";
     if ($query_run = mysql_query($query)){
         $query_num_rows = mysql_num_rows($query_run);
         if($query_num_rows == 0){
          echo'invalid data';   
         }elseif($query_num_rows==1){
             echo'ok';
         }
     }

    }else{
        echo'enter data';
    }


}
   ?>

?>

html code on which i am displaying form:-

<form method="POST" action="connect.inc.php">
  UserName<input type="text" name="userName" size="40">
    <br>
<br>
 Password<input type="password" name="pass" size="40">
<br>
<br>
 <input id="button" type="submit" name="submit" value="Sign-In">
</form>

Turn on error reporting. Include the following code in the beginning of your scripts: `error_reporting(E_ALL|E_STRICT); ini_set('display_errors', true);` — Rajdeep Paul, Dec 19 '15 at 06:30
Even if it works, you should not learn things this way. MySQL extension is deprecated and you should either opt for PDO or MySQLi — Rehmat, Dec 19 '15 at 07:05
Please don't use the `mysql_` database extensions, they were deprecated in PHP 5.5.0 and were removed in PHP 7.0.0. Use `mysqli` or `PDO` extensions instead. And this is [why you shouldn't use `mysql_` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). — Rajdeep Paul, Dec 19 '15 at 07:09

score 1 · Answer 1 · answered Dec 19 '15 at 06:44

The error is because your MySQL query is wrong. Your query should be like this,

$query = "SELECT `id` FROM `users` WHERE `userName` = '$userName' AND `pass` = '$pass'";

You should use backticks (`) for table and column names, single quotes (') for strings. Backticks are only needed when your table name or column name is a MySQL reserved word, but it's a best practice is to avoid reserved words.

Sidenote: Switch to PDO and using prepared statements, or at least to mysqli rather than mysql.

score 0 · Answer 2 · edited May 23 '17 at 12:07

0

What is happenning is that a php error occurs, but because it seems your php configuration does not show errors you get that blank page.

Check this link to show errors: Getting php errors to display

edited May 23 '17 at 12:07

Community

1
1

answered Dec 19 '15 at 06:18

Yazid Erman

1,166
1
13
24

score 0 · Answer 3 · answered Dec 19 '15 at 06:57

0

Following Standards will always keep you away from small problems, Replace and try:

$query = "SELECT id FROM users WHERE userName = '".$userName."' AND pass = '".$pass."'";

answered Dec 19 '15 at 06:57

Gaurav Rai

900
10
23

score 0 · Answer 4 · answered Dec 21 '15 at 11:24

                FOR LOGIN USE THIS TYPE OF QUERY 
         //DB CONNECTION


      <?php
    $con = mysqli_connect("localhost","root","","Testify");

    if(mysqli_connect_errno()){
        echo mysqli_connect_error();
    }
?>

              <?php
              //login script
               if(isset($_POST['login'])){
              $username = trim(htmlspecialchars($_POST['username']));
            $password = trim(htmlspecialchars($_POST['password']));

               //if username or password is empty
               if(empty($username) || empty($password)){
echo "<div class='alert alert-danger'>Fill in all the   fields</div>";
                exit();
            }

               //check username and password match the db record
    $q = mysqli_query($con,"SELECT id FROM `user` WHERE    username='$username' AND password='$password'");
            if(mysqli_num_rows($q) != 1){
    echo "<div class='alert alert-danger'>Invalid username or password</div>";
                exit(); 
            }

            //fetch the if of the logged in user start the session
            $row = mysqli_fetch_assoc($q);
            //set the session with logged in user id
            $_SESSION['id'] = $row['id'];
            $_SESSION['username'] = $username;
            header("Location: index.php");
            exit();
        }

creating a login form using php,mysql and html but not able to sign in

4 Answers4