[PHP] Form Validation

[brsy]

So, I am trying to create a "submit.php" for a form that I created. I am trying to get it to work, but it just isn't working.

submit.php

<?php
include('/class/global.php');
$username = $_POST['username'];
$password = $tCore->tHash($_POST['password']);
 
$select = "SELECT * FROM `users` WHERE `username` = '$username'";
$selectArray = $select->fetch_array();
 
if(isset($_POST['submit'])) {
    if(isset($username) && isset($password)) {
      /*  if($selectArray['password'] != $password) {
            echo "y u no put right password?!";
        }
        else { */
            echo $password;
        }
}
?>

Here is the error I am receiving:

I am aware that the "Undefined index" is because the values aren't posted.

 

[Kryptos]

Check if the values are set before using them? Wow.

 

[brsy]

Check if the values are set before using them? Wow.

I really don't get your 1337 talk.

 

[Kryptos]

There's this thing called the isset() function, you use it to check if a variable is set.

You should know this stuff... It's PHP 101

 

[brsy]

There's this thing called the isset() function, you use it to check if a variable is set.

You should know this stuff... It's PHP 101

I guess I have to catch back up on PHP. Well here it is so far, and it is still showing errors...

<?php
include('/class/global.php');
$username = $_POST['username'];
$password = $tCore->tHash($_POST['password']);
 
$select = "SELECT * FROM `users` WHERE `username` = '$username'";
$selectArray = $select->fetch_array();
 
if(isset($_POST['submit'])) {
    if(isset($username) && isset($password)) {
        if(isset($selectArray['password'] != $password)) {
            echo "y u no put right password?!";
        }
    }
        else {
            echo $password;
        }
    }
}
?>

Still getting errors...

You must be registered for see links

 

[Kryptos]

<?php
include('/class/global.php');
$username = $_POST['username'];
$password = $tCore->tHash($_POST['password']);
 
$select = "SELECT * FROM `users` WHERE `username` = '$username'";
$selectArray = $select->fetch_array();
 
if(isset($_POST['submit'])) {
    if(isset($username) && isset($password)) {
        if(isset($selectArray['password']) != $password) {
            echo "y u no put right password?!";
        }
    }
        else {
            echo $password;
        }
    }
}
?>

You're doing your MySQL query wrong, you're not querying it lmao. It's just a string. Also, fixed other error.

 

[Markshall]

When doing MySQL queries, don't just jump straight into the fetch_array or whatever, always do a mysql_num_rows() check because if the row doesn't exist and you try doing a fetch_array command on it, you're going to get an error thrown at you.

And as Kryptos said, it's because you haven't executed the query.

 

[Livar]

First of all, he's connected to MySQLi, so don't use MySQLi, use MySQL.

second here's a simple login, and don't make another file just for login, on your index do:

if(isset($_POST['password']))
{
$username = $Core->tFilter($_POST['username']);
$password = $Core->tHash($-POST['password']);
 
if(mysql_num_rows(mysql_query("SELECT null FROM users WHERE username = '$username' AND password = '$password'")) == 1)
{
// code here when login succesful
}
 
else {
// die shizzle or error output
}
 
}