[dudu.r.oliveira]

I'm building an UCP, using some old tutorials of the forum, but the PHP show a problem, always show the message: There was no values for username or password posted!, even typing values in both fields, code below:

Код HTML:

<form name="input" action="login.php" method="post">
Username: <input type="text" name="user" /> <br />
Password: <input type="password" name="password" /> <br />
<input type="submit" value="Submit" />

PHP код:

<?php
session_start();
if ((!isset($_POST["user"]) || !isset($_POST["password"])) && !isset($_SESSION["username"]))
{
    echo "There was no values for username or password posted!!";
}
else
{
    include ("variables.php");
    $connection = mysql_connect ($dbservername, $dbusername, $dbpassword);
    mysql_select_db($dbname, $connection);
    
    if (!isset($_SESSION["username"]))
    {
        $username = mysql_escape_string($_POST["user"]);
        $password = mysql_escape_string($_POST["password"]);
    }
    else $username = mysql_escape_string($_SESSION["username"]);
....

[FplayerGR]

This?

Код:

 <?php
session_start();
if(isset($_POST['login'])){
	if($_POST['user'] && $_POST['password']){
 	    include ("variables.php");
    	    $connection = mysql_connect ($dbservername, $dbusername, $dbpassword);
    	    mysql_select_db($dbname, $connection);

    	    if (!isset($_SESSION["username"]))
    	    {
        	$username = mysql_escape_string($_POST["user"]);
        	$password = mysql_escape_string($_POST["password"]);
    	     }
	     else $username = mysql_escape_string($_SESSION["username"]);

		....
	}
       else{
             echo "There was no values for username or password posted!!";
       }

}

....

?>

You can also use it hash("sha512"..) or MD5 to have your peace of mind from hacks accounts.

[mamorunl]

this part makes it false: && !isset($_SESSION["username"])

I take it that the SESSION superglobal does not have a username yet at the moment of posting.