I Have this code shown below processing my login form:
// process the script only if the form has been submitted
if (isset($_POST['action']) && $_POST['action'] == 'login')
{
// start the session
session_start();
// clean the $_POST array and assign to shorter variables
$userName = trim($_POST['userName']);
$passWord = trim($_POST['passWord']);
// connect to the database
$conn = DatabaseManager::getConnection();
// get the username's details from the database
$sql = "SELECT * FROM user WHERE userName = ?";
$stmt = $conn->prepare($sql);
$stmt->execute(array($userName));
$row = $stmt->fetch();
if (md5($passWord . 'mysecret@#$mysecret') == $row['passWord']) {
$_SESSION['loggedIn'] = TRUE;
$_SESSION['userName'] = $_POST['userName'];
$_SESSION['passWord'] = $passWord;
}
// if no match, destroy the session and prepare error message
else {
$_SESSION = array();
session_destroy();
$error = 'Invalid username or password';
}
// if the session variable has been set, redirect
if (isset($_SESSION['loggedIn'])) {
// get the time the session started
$_SESSION['start'] = time();
$login = TRUE;
header('Location: homepage.php');
exit();
}
else
{
$GLOBALS['loginError'] = 'Please fill in both fields';
header('Location: index.php');
}
}
else{
require $_SERVER['DOCUMENT_ROOT'] . 'mysite/login.php';
exit();
}
This is my login form
<form action="" method="post">
<tr>
<td colspan="2" align="center" valign="middle"><p id="p_header2"><strong> Please Login</strong></p></td>
</tr>
<tr>
<td width="35%" align="right" valign="middle"><label for="username">Username:</label></td>
<td width="65%"><input type="text" name="userName" placeholder="Your username" required="required" autofocus="autofocus" maxlength="30"/></td>
</tr>
<tr>
<td width="35%" align="right"><label for="password">Password:</label></td>
<td width="65%"><input type="password" name="passWord" placeholder="Your password" required="required" autofocus="autofocus" maxlength="30"/></td>
</tr>
<tr>
<td colspan="2" align="center" valign="middle">Forgot your password ? <a href="forget_pwd.html.php">Click here</a></td>
</tr>
<tr>
<td colspan="2" align="center" valign="middle"><input type="hidden" name="action" value="login" />
<input type="reset" name="reset" value="Reset" />
<input type="submit" value="Log in" /></td>
</tr>
</form>
Everything works fine but the challenge I’m having here is that, the when I tried to use this code below in homepage.php
<?php if ($_POST['action'] == 'login')
{
echo 'I am logged in';
}
?>
It gave me this error message: Notice: Undefined index: action in C:\wamp\www\mysite\homepage.php on line 33
The major effect this is having on my project is that, as far as $_POST[‘action’] == ‘login’ doesn’t work, my Access Control List too won’t work because it depends on it entirely. I have my $_SESSION variables up and running and the only problem I couldn’t figure out is how to get $_POST[‘action’] == ‘login’ from the login page to work on other pages. Please note, immediately after the login, it leads straight to homepage.php from where users can select the area they want to go. Thanks in advance.