I was going through your "Private Message System Tutorial", everything was going smoothly, until I reached near the end of Video 04.
For some reason, I can't seem to login to the inbox. I type in a correct username, and password from my database into the login fields, and I get the "Login Failed" error.
I'm new to PHP, and a novice at coding, but I have had some experience here and there with coding. As far as I can tell, I entered everything in correctly.
NOTE: My database has the fields id, username, and password. Not user_id, user_name, and user_password. My Database is named "seas".
index.php:
<?php include("core/init.inc.php"); ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" type="text/css" href="ext/css/main.css" /> <title>Really Good Message Thingy</title> </head> <body> <div id="wrap"> <?php include($include_file); ?> </div> </body>init.inc.php:
<?php $core_path = dirname(__FILE__); if (empty($_GET['page']) || in_array("{$_GET['page']}.page.inc.php", scandir("{$core_path}/pages")) == false){ header('HTTP/1.1 404 Not Found'); header('Location: index.php?page=inbox'); die(); } session_start(); mysql_connect("localhost", "root", ""); mysql_select_db("seas"); include("{$core_path}/inc/users.inc.php"); if (isset($_POST['username'], $_POST['password'])){ if (($user_id = validate_credentials($_POST['username'], $_POST['password'])) !== false){ $_SESSION['id'] = $user_id; header('Location: index.php?page=inbox'); die(); } } if (empty($_SESSION['id']) && $_GET['page'] !== 'login'){ header('HTTP/1.1 403 Forbidden'); header('Location: index.php?page=login'); die(); } $include_file = "{$core_path}/pages/{$_GET['page']}.page.inc.php"; ?>Login.page.inc.php:
<h1>Login</h1> <?php if (isset($_POST['username'], $_POST['password'])){ echo '<div class="msg error">Login Failed.</div>'; } ?> <form action="index.php?page=login" method="post"> <div> <label for="username"> Name</label> <input type="text" name="username" id="username" /> </div> <div> <label for="password">Password</label> <input type="password" name="password" id="password" /> </div> <div> <input type="submit" value="Login" /> </div> </form>users.inc.php:
<?php // Checks a given username and password combination, returning the users ID function validate_credentials($username, $password){ $username = mysql_real_escape_string($username); $password = sha1($password); $result = mysql_query("SELECT id FROM users WHERE username = '$username' AND password = '$password'"); if (mysql_num_rows($result) != 1){ return false; } return mysql_result($result, 0); } ?>