I am trying to get a form to submit and check a login but it's not going from A to B, can anyone see any problems with the code please?

Here is to Form part:

<form action="check_login.php" name="form1" method="post">
        <ul data-role="listview" data-inset="true">
            <li data-role="list-divider" role="heading" tabindex="0">Member login</li>
            <li><input type="text" name="myusername" id="myusername" value="Email" /></li>
            <li><input type="password" name="mypassword" id="mypassword" value="Password" /></li>
            <li><button type="submit" name="login-submit" id="login-submit" data-icon="arrow-r" data-iconpos="right">LOG ON</button></li>
        </ul>
    </form>

And here is part 2 (checks the login ... doesn't seem to get here.

<?php
$host="localhost"; // Host name
$username="usernamehere"; // Mysql username
$password="passwordhere"; // Mysql password
$db_name="dbnamehere"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or

die("cannot connect");

mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and 

password='$mypassword'";

$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){
session_register("myusername");
session_register("mypassword");
//header("lo开发者_开发技巧cation:login_success.php");
echo 'login success';
}
else {
echo "Wrong Username or Password";
}
?>

For more information on the login part of the code, please look here:

http://devlup.com/programming/php/toa-simple-php-login-form-mysql/200/

Any questions, please ask.

Thanks.

Final Update

For future visitors, I assume this is the answer that eventually solved the problem:

Relative paths, like the one used in the form action, always start looking in the current directory. In the original question, the form was submitting to action="check_login.php" This means that the browser will submit the data to http://www.domain.tl/wherever/theform/was/check_login.php.

If you need to submit forms to other locations, you need to either specify absolute paths (http://www.domain.tl/handler.php) or you need to understand directory traversal, and indicate the correct path (../../handler.php).

Update

What is your file structure? Is the form html in the same place as the handler php?

To be clear it should be /{parent}/form.html and /{parent}/check_login.php. Is that the case? You said you are not getting any data in $_POST. Does this mean it is getting TO check_login.php but not working, or not getting to it at all?

Original

I'll update this with an answer to your real question after we get more info about what is happening here, but I wanted to post this so you would make sure to see it.

It seems like you have a few poor coding practices and, while I'm certainly not a pro, I feel like I can offer some improvements. See the revised code block below.

<?php
$host="localhost"; // Host name
$username="usernamehere"; // Mysql username
$password="passwordhere"; // Mysql password
$db_name="dbnamehere"; // Database name
$tbl_name="members"; // Table name

//Ideally, your database information is stored in another file, and you include it here.
//Mostly, it's just so you're not having to change it in multiple places if it changes
//but there could be a small security benefit, too

// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or

die("cannot connect");

mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form

//What if the $_POST vars don't exist?
//$myusername=$_POST['myusername'];
//$mypassword=$_POST['mypassword'];
//Try:
$myusername = isset($_POST['myusername']) ? $_POST['myusername'] : null;
$mypassword= isset($_POST['mypassword']) ? $_POST['mypassword'] : null;

//then you should check if the variables exist
if( $myusername == null || $myusername == "" || $mypassword == null || $mypassword == "" )
{
    echo "You need to fill in both fields.";
}


// To protect MySQL injection (more detail about MySQL injection)

//why are you forcing php to write to that variable twice?
//$myusername = stripslashes($myusername);
//$mypassword = stripslashes($mypassword);
//$myusername = mysql_real_escape_string($myusername);
//$mypassword = mysql_real_escape_string($mypassword);
//Try:
$myusername = mysql_real_escape_string(stripslashes($myusername));
$mypassword = mysql_real_escape_string(stripslashes($mypassword));

//As another person said, you desperately need to store hashed passwords
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
//This is a terrible idea.

$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){
    //from @Jimmy Sawczuk
    //This is deprecated, since a while ago.
    //session_register("myusername");
    //session_register("mypassword");
    //Try:
    $_SESSION['myusername'] = $myusername;
    $_SESSION['mypassword'] = $mypassword;
    //header("location:login_success.php");
    echo 'login success';
}
else {
    echo "Wrong Username or Password";
}
?>

In the $_SESSION edit right at the end there, the larger question is: why are you saving those variables. If you're needing the password in the Session at a later time, you're doing your app security wrong.

Not sure if this is related but the button element causes problems in IE:

http://www.sitepoint.com/forums/html-xhtml-52/button-submit-input-submit-better-598656.html

Also, try

print_r($_POST);

before you do anything else to see if you're getting anything.