PHP submitting a form is destroying my sessions - php

Hello I am trying to make a form in the page where I created a session so when I submit the form the sessions gets destroyed here is my code:
<form method="post">
<h5>Name</h5>
<input type=text name="name" class="insertname">
<br>
<br>
<input type="submit" name="namesearch" class="insertbutton"></input>
</form>';
PHP code to start the session :
<?php
if(isset($_POST['s']))
{
$a=$_POST['uid']; //accessing value from the text field
$enteredpass = $_POST['pwd']; //accessing value from the text field
$client = new MongoDB\Client('xxxx');
$companydb = $client->test;
$jsons = $companydb->jsons;
$ownerid = $jsons->findOne(
['ID' => $a]
);
$idcoded = $ownerid->ID;
if (empty($idcoded)) {
echo "<h1>empty</h1>";
}
if (!empty($idcoded)) {
$passcoded = $ownerid->pass;
if ($passcoded == $enteredpass) {
session_start();
}
}
}
?>


Make sure you have session_start(); at the top of all the PHP scripts
So, put the session_start(); at the top of the script and set say $_SESSION["uid"] when the user has correctly entered the credentials
A normal practice is to set $_SESSION["uid"]=""; (set initial value) before the user logs in the system, and then use this session variable to determine whether the user has successfully logged in.
So
<?php
session_start();
if(isset($_POST['s']))
{
$a=$_POST['uid']; //accessing value from the text field
$enteredpass = $_POST['pwd']; //accessing value from the text field
$client = new MongoDB\Client('xxxx');
$companydb = $client->test;
$jsons = $companydb->jsons;
$ownerid = $jsons->findOne(
['ID' => $a]
);
$idcoded = $ownerid->ID;
if (empty($idcoded)) {
echo "<h1>empty</h1>";
}
if (!empty($idcoded)) {
$passcoded = $ownerid->pass;
if ($passcoded == $enteredpass) {
$_SESSION["uid"]=$_POST['uid'];
} else {
$_SESSION["uid"]="";
}
}
}
?>

Related

How to call a set session without displaying blank

Im filling a selection box with a session, im then attempting to call this selection box to fill another with the same result. However its returning blank.
i know the session is setting because i can see it in the desired selection box, however i cant call it again and pass it to the other without it returning blank.
//my html where im including the external php.
<form class="seed-form" method="POST" action="action/matchup1-action.php">
<label name="round2-team1" class="round2-teams">
<?php include_once "action/winner-script5.php";?>
</label>
//the matchup 1 script that is called.
if (isset($_POST['go5'])) { // MATCHUP 5 SECOND ROUND MATCHUP 1
include_once 'dbcon.php';
$_SESSION['t_team9'] = $_POST['team-9'];
$_SESSION['t_team10'] = $_POST['team-10'];
$_SESSION['s_score9'] = $_POST['score-9'];
$_SESSION['s_score10'] = $_POST['score-10'];
header("Location: ../tables.php?tables=winner5");
}
//the script that is calling the session from its current selection box
<?php
include_once "dbcon.php";
//PERFORMING CHECK IF ALL REQUIRED SESSION VARIABLES ARE SET
if (isset($_SESSION['s_score9'], $_SESSION['s_score10'], $_SESSION['t_team9'], $_SESSION['t_team10'])) {
$team1 = $_SESSION['t_team9'];
$team2 = $_SESSION['t_team10'];
$score1 = $_SESSION['s_score9'];
$score2 = $_SESSION['s_score10'];
if ($score1 == $score2) {
header("Location: tables.php?table=draw"); //CHECKS IF MATCH IS A DRAW, CANNOT BE A DRAW
exit();
}else {
if ($score1 > $score2){
echo $_SESSION['t_team9'];
}else {
echo $_SESSION['t_team10'];
}
}
}else {
echo "-";
}
?>
// where i want the session variable to output
<label name="round2-team1" class="round2-teams">
<?php include_once "action/winner-script5.php";?>
</label>

How to save a PHP variable when a page loads twice

A user enters two dates periods on a text-box and a SQL select statement picks mobile numbers from a database entered in between the period. I want to pick and display them on a page. On the same display page, I have a text area where a user can type a message and on submit, it should be sent to these selected numbers and displayed mobile numbers. I am having a challenge on passing the $mobilenumber to the function sendbulk that is to send the message to the mobile numbers displayed by $mobilenumber variable. Everything else is okay apart from passing the $mobilenumber. I think this is because after the page loads to display the contacts selected, on the second load as you submit the $message to bulk function the value of $mobilenumber is already lost. How can I save it.
Check sample code below and please advice. How do I save the $mobilenumber so that by the second load it is still there to be passed to the function sendbulk()? Anyone?
<?php
//Define variable and set to empty values
$message = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$message = test_input($_POST['message']);
echo "$message";
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$time1 = isset($_POST['t1']) ? $_POST['t1'] : 'default something missing';
$time2 = isset($_POST['t2']) ? $_POST['t2'] : 'default something missing';
//connection
$sql = "SELECT DISTINCT msisdn FROM customer WHERE DATE_FORMAT(time_paid, '%Y-%c-%e') BETWEEN ADDDATE('$time1',INTERVAL 0 HOUR) AND ADDDATE('$time2',INTERVAL '23:59' HOUR_MINUTE)";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
echo " Recipients: "; echo "$result->num_rows <br> <br>";
// output data of each row
while($row = $result->fetch_assoc()) {
$mobilenumber = $row['msisdn'];
echo "Mobile : " . "$mobilenumber" . "<br>";
}
} else {
echo "No Contacts to Display";
}
$conn->close();
sendbulk($mobilenumber,$message);
?>
<center></center> <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<textarea name='message' rows="6" cols="60" placeholder="Please Type Your Message Here"></textarea>
<br><br>
<input type="submit" name="submit" value="Send Message">
</form></center>
<?php
function sendbulk($mobilenumber,$message) {
echo "$mobilenumber";
echo "$message";
$serviceArguments = array(
"mobilenumber" => $mobilenumber,
"message" => $message_sent
);
$client = new SoapClient("http://*******");
$result = $client->process($serviceArguments);
return $result;
}

You use sessions.
Here is a sample code:
<?php
session_start();
if (!isset($_SESSION['count'])) {
$_SESSION['count'] = 0;
} else {
$_SESSION['count'] += 1;
}
echo $_SESSION['count'];
?>
Keep reloading this file via your web server. You should see the variable incrementing.
As an alternative, you can also use $_COOKIE. The only difference is that $_SESSION is saved on the server side and not accessible on the client. To identify the client it does store a cookie for that session on the client.
$_COOKIE on the other hand is completely stored on the client and passed by the browsers to the server on every request.
Also note a caveat, don't overload your session variables or cookies as it will hit your response times.
Also note that session_start() is required in every PHP file where you want to access the session.

Query string not passed

I have stored a value in a array and that am passing it to action of form tag via session but sadly in url am getting the thing as it is, no value displayed in url..!!please helpme out of this.pardon me if am wrong..!!
reg.php
<?php
session_start();
?>
<form id = "form" name = "form" class="validate-form" method="POST" action="formprofile.php?vno = $_SESSION['vault_no']" autocomplete = "off" >
reg1.php
at another page
<?php
session_start();
$user = $db->storeUser($salutation, $fname, $lname, $dob, $mobile, $country, $state, $city, $pin);
if ($user) {
// user stored successfully
$response["error"] = false;
$_SESSION['fullname'] = $user['fullname'];
$_SESSION['vault_no'] = $user['vault_no'];
echo json_encode($response);
}
else
{ // user failed to store
$response["error"] = true;
$response["error_msg"] = "Unknown error occurred in registration!";
echo json_encode($response);
?>
}

You need to change your form tag to below:
<form id = "form" name = "form" class="validate-form" method="POST" action="formprofile.php?vno = <?php echo $_SESSION['vault_no']; ?>" autocomplete = "off" >
You are passing $_SESSION['vault_no'] directly without in PHP tag and echo.

Set php session as html input value

I really can't figure out why this isn't working. I want to show the content stored in a php session variable as the value in an input field.
<?php
if($_SESSION['id'])
echo ' <input type="text" value="'.$_SESSION['friday'].'"></input>'; ?>
Thanks in advance!
Update:
At my login page, index.php, I'm starting the sessions and assigning them values.
$row = mysql_fetch_assoc(mysql_query("
SELECT *
FROM knine_settings_login, knine_school_db, knine_class_db
WHERE usr='{$_POST['username']}' AND pass='".md5($_POST['password'])."' AND knine_settings_login.School = knine_school_db.School AND knine_settings_login.ClassID = knine_class_db.ClassID AND knine_class_db.week = 0
"));
if($row['usr'])
{
// If everything is OK login
$_SESSION['usr']=$row['usr'];
$_SESSION['id'] = $row['id'];
$_SESSION['homework'] = $row['homework'];
$_SESSION['pe'] = $row['pe'];
$_SESSION['pm'] = $row['pm'];
$_SESSION['pc'] = $row['pc'];
$_SESSION['School'] = $row['School'];
$_SESSION['Class'] = $row['Class'];
$_SESSION['level'] = $row['level'];
$_SESSION['rememberMe'] = $_POST['rememberMe'];
$_SESSION['schoolurl'] = $row['schoolurl'];
$_SESSION['monday']=$row['monday'];
$_SESSION['tuesday'] = $row['tuesday'];
$_SESSION['wednesday'] = $row['wednesday'];
$_SESSION['thursday'] = $row['thursday'];
$_SESSION['friday'] = $row['friday'];
$_SESSION['peone'] = $row['peone'];
$_SESSION['petwo'] = $row['petwo'];

Session Needs to be start before using it.Try It.
<?php
session_start();
if(isset($_SESSION['id']))
echo '<input type="text" value="'.$_SESSION['friday'].'"></input>';
?>

Make sure you have called session_start() before echoing out any $_SESSION data.
<?php
session_start();
if ($_SESSION['id']) {
echo ' <input type="text" value="'.$_SESSION['friday'].'"></input>';
}
?>

<?php
// Start the session on every page at the top first
session_start();
?>
<!DOCTYPE html>
<html>
<body>
<?php
// Set session variables
$_SESSION["animals"] = "dog";
$_SESSION["cars"] = "ford";
echo ' <input type="text" value="'.$_SESSION['animals'].'"></input>';
?>

php $_POST var clearing itself when i check it

i have a crazy problem that i just can't figure out. my form has two fields and a submit button. when i submit the vars get passed into $_POST just fine...
print('<div class=error>');
print_r($_POST);
print('</div>');
that gives me the two fields with the expected values along with the value of the submit button.
HOWEVER! when i add the following line of code so i can process based on the submit button, it clears all of the data. the post array shows up empty.
if ($_POST['submit'] == 'Submit') {
that clears the data. if i change the value from 'Submit' to anything else, the vars still show up in $_POST, they just get cleared when i try to check them.
any ideas what i'm doing wrong here?
here's the form:
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<?
if (isset($msg)) {
echo "$msg";
}
?>
<input type=text name='email'><br>
<br><input type=password name='password'>
<br>
<input type="submit" name="submit" value=Submit>
</form>
and here's the processing code:
if ($_POST['submit'] == 'Submit') {
echo "<div class=error>made it here</div>";
$u = $_POST['email'];
$p = $_POST['password'];
$auth = mysql_query("Select * from member where email='$u' and password='$p'");
$auth = mysql_fetch_array($auth);
if ($auth) {
$pid = $auth[id];
echo "aa";
sess_register("sess_msg");
$sess_msg = null;
global $auth, $pid;
}
}
if i change the value when i check to see if the submit button has a value to something other than the actual value of the submit button, which is 'Submit' - it clears all variables sent to $_POST

If you want to check which submit button was clicked, you just have to look for its name as a key in the array $_POST.
So you should do:
if (array_key_exists('submit', $_POST)) {
// your code
}
Little advice: you'd better escape your $_POST data before putting it into a query!
Check this out: http://php.net/manual/en/function.mysql-real-escape-string.php

From your post, it doesn't look your code should be emptying the $_POST array. The only thing that I can think of at the moment is that maybe in the code you actually only put one '=' sign.
var_dump( $_POST );
if ( isset( $_POST['submit'] ) ) {
var_dump( $_POST );
echo "<div class=error>made it here</div>";
$u = $_POST['email'];
$p = $_POST['password'];
$auth = mysql_query("Select * from member where email='$u' and password='$p'");
$auth = mysql_fetch_array($auth);
if ($auth) {
$pid = $auth[id];
echo "aa";
sess_register("sess_msg");
$sess_msg = null;
global $auth, $pid;
}
}
var_dump( $_POST );

Categories