I already searched here on stackoverflow and on google but couldn’t solve the problem.
For my login page I used the code here https://github.com/Tutorialwork/Tutorials/tree/ac1ee61c5b43bde9b811759eaabcbed027b56385
With all respect to the developer who originally wrote this code.
When I click on the submit button (named as “Einloggen”) it is not redirecting to the “geheim.php”. This is not working on my server only. If I use XAMPP and put in the database credentials it is working without any problem.
On the server it looks like it is just refreshing the index.php page. There is no error in the Chrome console. I tried it with Chrome and Safari. Both on the Mac.
In the mysql.php the credentials I used are the credentials for the server. I put in the real credentials and not the credentials as in the code. This anyhow is not the problem.
When I echo the variable $count then it gives me value of 1 which means that the connection is working. I used the code like I posted it here. So, the echo I just used for testing purposes. Because I read that echo’s causing problems with “Location”.
When I type in wrong password or wrong user it shows me the echo as expected and written in the code (“Der Login ist fehlgeschlagen”). Means that database is really not the problem.
This line is not working:
header("Location: geheim.php");
I didn’t post the register.php here because it shouldn’t be the cause of the problem.
But you can use it to create a user.
In sql or in PhpMyAdmin I created the database table.
CREATE TABLE accounts (USERNAME varchar(255), PASSWORD varchar(255));
index.php:Main page where I can login.
mysql.php: Contains database credentials.
logout.php: Is doing the logout on the geheim.php page by clicking on the button
geheim.php: The page which should be displayed after I click the submit Button on the index.php
Like I said, the credentials are fine and it is working locally on my computer. It is redirecting, login logout. But when I upload it on the server it is not redirecting.
index.php
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8">
<title>Login</title>
</head>
<body>
<?php
if(isset($_POST["submit"])){
require("mysql.php");
$stmt = $mysql->prepare("SELECT * FROM accounts WHERE USERNAME = :user"); //Username überprüfen
$stmt->bindParam(":user", $_POST["username"]);
$stmt->execute();
$count = $stmt->rowCount();
if($count == 1){
//Username ist frei
$row = $stmt->fetch();
if(password_verify($_POST["pw"], $row["PASSWORD"])){
session_start();
$_SESSION["username"] = $row["USERNAME"];
header("Location: geheim.php");
} else {
echo "Der Login ist fehlgeschlagen";
}
} else {
echo "Der Login ist fehlgeschlagen";
}
}
?>
<h1>Anmelden</h1>
<form action="index.php" method="post">
<input type="text" name="username" placeholder="Username" required><br>
<input type="password" name="pw" placeholder="Passwort" required><br>
<button type="submit" name="submit">Einloggen</button>
</form>
<br>
<a href="register.php">Noch keinen Account?</a>
</body>
</html>
mysql.php
<?php
$host = "localhost";
$name = "test";
$user = "root";
$passwort = "";
try{
$mysql = new PDO("mysql:host=$host;dbname=$name", $user, $passwort);
} catch (PDOException $e){
echo "SQL Error: ".$e->getMessage();
}
?>
logout.php
<?php
session_start();
session_destroy();
header("Location: index.php");
?>
geheim.php
<?php
session_start();
if(!isset($_SESSION["username"])){
header("Location: index.php");
exit;
}
?>
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<h1>Top Secret</h1>
<a href="logout.php">Abmelden</a>
</body>
</html>