Reputation: 1
Logging in with wrong username and password as well
It is logging in even with the incorrect user name and password, please help me figure out where the problem is. I want it to log in only and only if it matches the user name and password but it is entirely working wrong.
Here's the code:
<form name="login" method="post" action="countries.php">
<p> </p>
<table border=0 width=500px align=center>
<tr>
<td>Enter User Name</td>
</tr>
<tr>
<td><input type=text size=30 value="" name=t1></td>
</tr>
<tr>
<td>Enter Password</td>
</tr>
<tr>
<td><input type=password size=30 value="" name=t2>
</td>
</tr>
<tr>
<td><input type=reset value="Clear Form" name=b2>
</td>
<td><input type=submit value="Login Form" name=b4>
</td>
</td></tr>
<tr>
<td><input type=submit value="Guest User" name=b5>
</td>
</tr>
</table>
<hr />
</center>
<?php
$t1="Maha";
$t2="abc";
if($t1 == "Maha" && $t2 == "abc")
{
header("countries.php");
exit;
echo " We are glad you are visiting us again. Lets plan yout tour together." ;
}
else {
header("final.php");
exit;
echo " User name or password is incorrect. Try again.";
}
?>
</form>
Upvotes: 0
Views: 107
Answers (3)
Reputation: 1364
Your variable is coming by POST.
if($_POST['t1'] == "Maha" && $_POST['t2'] == "abc")
Upvotes: 1
Reputation: 2728
You are posting the form on countries.php
your login code should be in countries.php
Also, you are missing the Location keyword within the header code:
header('Location: http://www.example.com/');
here is your modified php code that should be in countries.php:
<?php
$t1=$_POST['t1'];
$t2=$_POST['t2'];
if($t1 == "Maha" && $t2 == "abc")
{
header("Location: countries.php"); // probably some other page since countries.php has the login verification logic.
exit;
echo " We are glad you are visiting us again. Lets plan yout tour together." ;
}
else {
header("Location: final.php");
exit;
echo " User name or password is incorrect. Try again.";
}
?>
Upvotes: 1
Reputation: 944080
You have some other problems, which will cause this to break in other ways, but it is always hitting the login state because you are comparing these variables (with hard coded values):
$t1="Maha";
$t2="abc";
to the hard coded credentials:
if($t1 == "Maha" && $t2 == "abc")
instead of reading user input through $_POST.
Upvotes: 1
Related Questions
- Username and Password trouble in PHP
- My login screen logs in, even with incorrect input
- PHP login credentials are not being validate even though they are correct
- cannot log in with correct password and username. keep false
- PHP/HTML authentication form issue
- Password different than username/name/email
- Wrong username and password
- PHP Login fail - return with error