I am using the following html form to get a login:
<!DOCTYPE html>
<!-- This is a html file for logging in to the virtual adviser -->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8">
<title> Pet Tracker Login</title>
<link rel="stylesheet" type="text/css" media='screen' href="css/login.screen.css">
</head>
<body>
<!-- The div that displays the login form-->
<div class="login">
<h1><strong>Welcome to the Pet Tracker System</strong></h1>
<form action="validateLogin.php" method="POST">
<fieldset>
<label for="user">Username</label>
<p><input type="text" required id = "user" name = "Username" value=""></p>
<label for="pass">Password</label>
<p><input type="password" required id = "pass" name = "Password" value=""></p>
<!-- <p><a href="#">Forgot Password?</a></p> -->
<p><input type="submit" value="Login"></p>
</fieldset>
</form>
<!-- include the logo with green background -->
<img src="images/threeDeePawPrint.png" alt="paw Logo" style="width:194px;height:97px" class = "center">
</div>
</body>
</html>
but apparently this is not posting because I get an undefined index error on the validateLogin.php page:
<?php
// start the session for this page and create the array to hold error messages
session_start();
$errmsg_arr = array();
$errflag = false;
$username = 'root';
$password = '';
$url = 'localhost';
$database = 'pet_tracker';
/* Note that above variables are using single quote for string. When they
get replaced in the connection statement below, single quotes within
single quotes will fail, therefore, the string argument in $conn= statement
must be double quotes
*/
try
{
$conn = new PDO("mysql:host=$url; dbname=$database",$username,$password); //create PDO object (PHP Data Objects = PDO)
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); /*set the attribute that controls the error mode once the database
has been connected to, so that it throws exceptions (PDO switches to
"silent failure" mode after establishing a successful connection) */
$conn->exec('SET NAMES "utf8"'); /* PDO has a method exec that runs SQL scripts. Configure the character
encoding to UTF-8 for special characters like smart quotes */
}
catch (PDOException $e)
{
echo $e;
$output = 'Unable to connect to the database server.'. //the '.' is the concatenation operator for a string
$e->getMessage(); //the '->' is the equivalent of the dot operator in Java
include 'error.html.php';
exit();
}
//get the username and password posted from the login page (index.php)
if(isset($_POST['user'])) echo 'index user has value'.$_POST['user'];
if(isset($_POST['pass'])) echo 'index user has value'.$_POST['pass'];
$user = $_POST['user'];
$pass = $_POST['pass'];
//query the database for the posted data from form
$result = $conn->prepare("SELECT * FROM client WHERE username= :un AND password= :pw");
$result->bindParam(':un', $user);
$result->bindParam(':pw', $pass);
$result->execute();
$rows = $result->fetch(PDO::FETCH_NUM);
if($rows > 0)
{
$result = $conn->prepare("SELECT * FROM client WHERE username = :un"); //PDO can only handle a row of data at a time?? Cannot select first_name from students, etc.??
$result->bindParam(':un',$user);
$result->execute();
$name = $result->fetchColumn(1);
$_SESSION['name'] = $name;
$_SESSION['user'] = $user; //the next page employee.php will need the username to get information from the database
header("location: employee.php");
}
else{
$errmsg_arr[] = 'Username and Password are not found';
$errflag = true;
}
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: index.php");
exit();
}
?>
The errors I get are in the lines where I set the $user and $pass variables. The errors I get are:
Notice: Undefined index: user in C:\xampp\htdocs\PetTracker\validateLogin.php on line 41
Notice: Undefined index: pass in C:\xampp\htdocs\PetTracker\validateLogin.php on line 42
