Ray P Posted September 10, 2014 Share Posted September 10, 2014 I'm having a heck of a time getting my login.php script to work. The form fails to submit whenever I enter the correct 'uname' and 'pass' combo. My Chrome dev / network watcher reports - in red no less - that the post was"cancelled" when that happens. Any bad combination of 'uname' and 'pass' will submit correctly using the 'post' method - but echoes the user error message that they don't match - as it should. What can "cancel" a form submit post after I hit the submit button? Is there some conditional test going on behind the scenes? I have turned off autofill from my password app. The Chrome dev window says the initiator of the submitted post 'cancellation' was "other" (than the script I assume). It only took 9 ms to do it. If I change the password/uname test if (@mysqli_num_rows($r) == 1) { . . . to always test true, the form submit always gets cancelled. And so the code in login.php never gets to test the pass-uname combo itself. That's the strange part. The form never submits and the page does not reload. It's as if some unseen code is triggered by the form submit button to look ahead to see if the uname and pass combo is in the db - and then cancels the submit 'post' if that is the case.. Any help is appreciated. Here's the code but I suspect there's something else going on. <?php // This is the login page for the site. require ('includes/header.html'); require ('config/config.inc.php'); $page_title = 'Login'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { require (MYSQL); echo "MYSQL loaded<br>"; // Validate the user name: if (!empty($_POST['uname'])) { echo "uname passed<br>"; $u = mysqli_real_escape_string ($dbc, $_POST['uname']); echo "var u = $u <br>"; } else { $u = FALSE; echo '<p class="error">You forgot to enter your username!</p>'; } // Validate the password: if (!empty($_POST['pass'])) { echo "pass passed<br>"; $p = mysqli_real_escape_string ($dbc, $_POST['pass']); echo "var p = $p <br>"; } else { $p = FALSE; echo '<p class="error">You forgot to enter your password!</p>'; } if ($u && $p) { echo "everything's OK<br>"; // Query the database: $q = "SELECT ID, ulevel FROM members WHERE (uname='$u' AND pass=('$p')) AND active IS NULL"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); if (@mysqli_num_rows($r) == 1) { echo " A match was made<br>"; // Register the values: $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); mysqli_free_result($r); mysqli_close($dbc); echo "Got here<br>"; // Redirect the user: $url = BASE_URL . 'php-main/memLibrary.php'; echo "url= $url <br>";// Define the URL. ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } else { echo "No pass:uname match!"; // No match was made. echo '<p class="error">Either the username and password entered do not match those on file or you have not yet activated your account.</p>'; } } // end of if (everthing == OK) else // If everything wasn't OK. echo '<p class="error">Please try again.</p>'; mysqli_close($dbc); // In any case } // End of if(srm=='post') conditional ?> <!-- html started in header.html --> <body> <h1>Login</h1> <p>Your browser must allow cookies in order to log in.</p> <form action="login.php" method="post"> <fieldset> <p><b>User Name:</b> <input type="text" name="uname" size="20" autocomplete="off" /></p> <p><b>Password:</b> <input type="password" name="pass" size="20" autocomplete="off" /></p> <div align="center"><input type="submit" name="submit" value="Login" /></div> </fieldset> </form> </body> </html> Link to comment Share on other sites More sharing options...
Larry Posted September 11, 2014 Share Posted September 11, 2014 That kind of doesn't make much sense. My best guess would be that caching is involved, which you could test by disabling caching of all the pages. I'd also clear cookies (for the site) and the browser cache. Link to comment Share on other sites More sharing options...
Ray P Posted September 11, 2014 Author Share Posted September 11, 2014 That kind of doesn't make much sense. My best guess would be that caching is involved, which you could test by disabling caching of all the pages. I'd also clear cookies (for the site) and the browser cache. Thanks for the hints. I got it working. As you could see from the code I posted that I started from your script and edited it to fit the planned pages on my site. I had the form action set to login.php as shown on the code above - which was correct for your sample site. But I had changed mine to use index php as the login page URI - and I failed to change the action target to match. I don't think I had a 'login.php' in the domain. Not sure if that was the only problem but changing it to index.php fixed it. What an ordeal. I was looking too many levels down. Regards, Ray Link to comment Share on other sites More sharing options...
Larry Posted September 12, 2014 Share Posted September 12, 2014 Ah...that would do it! Kudos for figuring it out and thanks for letting me know. Sounds like a tough one to figure out. Link to comment Share on other sites More sharing options...
Recommended Posts