I am making a simple PHP login with POST. However, every time I load the page, the function gets fired before I even hit submit on the html form. I have tried the method below and isset($_POST['submit']) but both ways are firing every single time I load the page. How do I stop this from occuring? Thank you.
//PHP CODE ABOVE HTML
<?php
$serverName = "localhost";
$dBUserame = "blake";
$dBPassword = "password";
$dBName = "database";
session_start();
$conn = mysqli_connect($serverName, $dBUserame, $dBPassword, $dBName);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$email = mysqli_real_escape_string($conn, $_POST['email']);
$password = mysqli_real_escape_string($conn ,$_POST['password']);
$sql = "SELECT * FROM users WHERE email = '$email' AND password = '$password'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
$_SESSION['useremail'] = $email;
header('Location: https://allevohealth.com/admin/newsletter/contacts.php');
// output data of each row
while ($row = $result->fetch_assoc()) {
$_SESSION['name'] = $row["fullname"];
$_SESSION['email'] = $row["email"];
$_SESSION['useridid'] = $row["id"];
echo "<br> Full Name: ". $row["fullname"]. " - Email: ". $row["email"]. " " . $row["passsword"] . "<br>";
}
} else {
echo "0 results";
}
$conn->close();
}
?>
//HTML CODE BELOW PHP
<div class="col-lg-12 row justify-content-center">
<div class="col-lg-4 col-md-8 col-sm-9 mb-5">
<div class="p-5" style="border-radius: 20px !important; background-color: #161621">
<form id="myform" method="post">
<h2 class="h4 text-white mb-5">ACCOUNT LOGIN</h2>
<div class="row form-group">
<div class="col-md-9">
<label class="text-white" for="email">EMAIL</label>
<input type="email" id="input-email" name="email" class="form-control rounded-0">
<p id="result" style="padding-top: 2%; font-weight: bold;"></p>
</div>
</div>
<div class="row form-group">
<div class="col-md-7 mb-3 mb-md-0">
<label class="text-white" for="password">PASSWORD</label>
<input type="password" name="password" id="input-password" class="form-control rounded-0">
</div>
</div>
<div class="row form-group">
<div class="col-md-12" style="padding-top: 5%">
</div>
</div>
<input type="submit" name="submit" value="LOGIN" style="width: 150px" class="btn btn-primary mr-4 mb-2">
</form>
</div>
</div>
</div>
Related
I'm trying to make admin panel, but in login page when username and password are submitted it just redirects me to the php where it is checking the data, it won't reconnect to the admin panel.. Here is the code:
This is where you input username and password (connection and session are included in head of the document):
<header>
<div class="body" style="padding-top: 150px;">
<div class="border rounded shadow login-center">
<form action="provjera.php" method="POST" style="padding-top: 32px;">
<div class="form-group text-center"><img class="img-fluid" style="width: 100px;" src="../assets/img/logo.png"></div>
<div class="form-group d-flex justify-content-center"><input class="form-control" type="text" name="ime" style="width: 200px;" placeholder="Korisničko ime"></div>
<div class="form-group d-flex justify-content-center"><input class="form-control" type="password" name="sifra" style="width: 200px;" placeholder="Šifra"></div>
<div class="form-group d-flex justify-content-center"><input class="btn btn-dark" style="width: 200px;" type="submit"></div>
</form>
</div>
</div>
and this is the "provjera.php" that is checking the data:
<?php
session_start();
$konekcija = mysqli_connect('localhost', 'root','' );
if($konekcija){
echo "conenction successful";
}else{
echo "no connection";
}
$baza=mysqli_select_db($konekcija,'hotel');
if(isset($_POST['submit'])){
$username = $_POST['ime'];
$password = $_POST['sifra'];
$sql = " select * from korisnik where ime='$username' and sifra='$password' ";
$query = mysqli_query($konekcija,$sql);
$row = mysqli_num_rows($query);
if($row == 1){
echo "login successful";
$_SESSION['ime'] = $username;
header('location:panel.php');
}else{
echo "login failed";
header('location:odjava.php');
}
}
?>
Every time I opened my php file, a message appeared
"This page isn’t working localhost redirected you too many times.
Try clearing your cookies.
ERR_TOO_MANY_REDIRECTS"
Maybe its something to do with the header's location and all but I just can't seem to locate the error that caused this.
I checked all of my queries and php code a couple of times but I must have overlooked something, or I just don't know how to fix it.
<?php
function console_log( $data ){
echo '<script>';
echo 'alert('. json_encode( $data ) .')';
echo '</script>';
}
include("includes/dbh.inc.php");
if(isset($_GET['user_email']) && !empty($_GET['user_email'])){
$event_id=$_GET['event_id'];
$query = "SELECT * FROM user_details WHERE user_email = '$user_email'";
$statement = $connect->prepare($query);
$statement->execute();
$result = $statement->fetchAll();
$number_of_rows = $statement->rowCount();
foreach($result as $row){
$email = $row["user_email"];
$name = $row["username"];
$profpic = $row["user_profile"];
$phone = $row["phone_no"];
$address = $row["user_address"];
$events = $row["events_no"];
$company = $row["company_name"];
$companyloc = $row["company_location"];
}
}else{
header("Location: edit-profile.php");
}
if(isset($_POST['update']))
{
include("includes/dbh.inc.php");
// get values form input text and number
// $id = $_POST['id'];
$email = $_POST['email'];
$name = $_POST['name'];
$profpic = $_FILES['logo']['name'];
$phone = $_POST['phone'];
$address = $_POST['address'];
$events = $_POST['events'];
$company = $_POST['company'];
$companyloc = $_POST['companyloc'];
// mysql query to Update data
$query = "UPDATE `user_details` SET `user_email`='".$email."',`username`='".$name."',`user_profile`='".$profpic."',`phone_no`='".$phone_no."',`user_address`='".$address."',`company_name`='".$company."',`company_location`='".$companyloc."' WHERE user_email =".$email."";
if (move_uploaded_file($_FILES['logo']['tmp_name'], $target)) {
$msg = "Image uploaded successfully";
}else{
$msg = "Failed to upload image";
}
$result = mysqli_query($connect, $query);
if($result)
{
echo 'Data Updated';
}else{
echo 'Data Not Updated';
}
mysqli_close($connect);
}
?>
The expected output should show the UI layout of this page and can do some editing, but instead the error too many direct appears
Here is the code:
<body>
<?php
function console_log( $data ){
echo '<script>';
echo 'alert('. json_encode( $data ) .')';
echo '</script>';
}
include("includes/dbh.inc.php");
if(isset($_GET['user_email']) && !empty($_GET['user_email'])){
$event_id=$_GET['event_id'];
$query = "SELECT * FROM user_details WHERE user_email = '$user_email'";
$statement = $connect->prepare($query);
$statement->execute();
$result = $statement->fetchAll();
$number_of_rows = $statement->rowCount();
foreach($result as $row){
$email = $row["user_email"];
$name = $row["username"];
$profpic = $row["user_profile"];
$phone = $row["phone_no"];
$address = $row["user_address"];
$events = $row["events_no"];
$company = $row["company_name"];
$companyloc = $row["company_location"];
}
}else{
header("Location: edit-profile.php");
}
if(isset($_POST['update']))
{
include("includes/dbh.inc.php");
// get values form input text and number
// $id = $_POST['id'];
$email = $_POST['email'];
$name = $_POST['name'];
$profpic = $_FILES['logo']['name'];
$phone = $_POST['phone'];
$address = $_POST['address'];
$events = $_POST['events'];
$company = $_POST['company'];
$companyloc = $_POST['companyloc'];
// mysql query to Update data
$query = "UPDATE `user_details` SET `user_email`='".$email."',`username`='".$name."',`user_profile`='".$profpic."',`phone_no`='".$phone_no."',`user_address`='".$address."',`company_name`='".$company."',`company_location`='".$companyloc."' WHERE user_email =".$email."";
if (move_uploaded_file($_FILES['logo']['tmp_name'], $target)) {
$msg = "Image uploaded successfully";
}else{
$msg = "Failed to upload image";
}
$result = mysqli_query($connect, $query);
if($result)
{
echo 'Data Updated';
}else{
echo 'Data Not Updated';
}
mysqli_close($connect);
}
?>
<div class="wrapper">
<div class="page-header page-header-xs" data-parallax="true" style="background-image: url('assets/img/fabio-mangione.jpg');">
<div class="filter"></div>
</div>
<div class="section profile-content">
<div class="container">
<div class="tim-title text-center " >
<h2 style="font-size: 3em;">Edit Profile Details</h2>
</div>
<div class="container-fluid" style="margin-left: 120px;">
<div class="form">
<form method="post" enctype="multipart/form-data" action="eventus-addevent.php">
<div class="container" style="margin-top: 50px;">
<div class="row">
<div class="col-sm-3">
<label><h3>Profile Picture</h3></label>
</div>
<div class="col-sm-4" style="margin-left: 90px;">
<div class="input-group" >
<img name="pp"src="<?php echo images/$user_profile?>" alt="Circle Image" class="img-circle img-no-padding img-responsive">
</div>
<div>
<input type="file" name="logo" >
</div>
</div>
<div class="col-sm">
</div>
</div>
<div class="row">
<div class="col-sm">
<label><h3>Profile name</h3></label>
</div>
<div class="col-sm-4">
<div class="mui-textfield" style="margin-top: 25px;">
<input type="text" name="title1" placeholder="Enter Event name here" value="<?php echo $title1;?>">
</div>
</div>
<div class="col-sm">
</div>
</div>
<div class="row">
<div class="col-sm">
<label><h3>Company Address</h3></label>
</div>
<div class="col-sm-4">
<div class="mui-textfield" style="margin-top: 25px;">
<input type="text" name="title1" placeholder="Enter Event name here" value="<?php echo $title1;?>">
</div>
</div>
<div class="col-sm">
</div>
</div>
<div class="row">
<div class="col-sm">
<label><h3>My Address</h3></label>
</div>
<div class="col-sm-4">
<div class="mui-textfield" style="margin-top: 25px;">
<input type="text" name="title1" placeholder="Enter Event name here" value="<?php echo $title1;?>">
</div>
</div>
<div class="col-sm">
</div>
</div>
<div class="row">
<div class="col-sm">
<label><h3>Contact Number</h3></label>
</div>
<div class="col-sm-4">
<div class="mui-textfield" style="margin-top: 25px;">
<input type="text" name="title1" placeholder="Enter Event name here" value="<?php echo $title1;?>">
</div>
</div>
<div class="col-sm">
</div>
</div>
<div class="row">
<div class="col-sm">
<label><h3>Email Adress</h3></label>
</div>
<div class="col-sm-4">
<div class="mui-textfield" style="margin-top: 25px;">
<input type="text" name="title1" placeholder="Enter Event name here" value="<?php echo $title1;?>">
</div>
</div>
<div class="col-sm">
</div>
</div>
<br/><br/>
<div class="row">
<div class="col-sm-8">
<button type="submit" name="update" class="btn btn-primary">SAVE EDIT</button>
</div>
<div class="col-sm-4">
</div>
</div>
<br/>
</div>
</div>
</div>
Don't redirect to the same page.
After using header just add die() or exit().
The form is meant to capture a new user and store user data in the database, except that it does not store any data though the form still returns a successful message.
Form page:
<?php
$servername = "*****";
$username = "*****";
$password = "*****";
$database = "*****";
// Create connection
$conn = new mysqli($servername, $username, $password, $database);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
?>
<div class="row">
<div class="col-xs-12">
<section class="panel">
<header class="panel-heading">
<h2 class="panel-title">Laai Nuwe Lid</h2>
</header>
<div class="panel-body">
<form class="form-horizontal form-bordered" action=""
method="post">
<p><strong>ID:</strong> Nuwe lid</p>
<div class="form-group">
<label class="col-md-3 control-label"
for="FirstName">Naam:</label>
<div class="col-md-6">
<input type="text" class="form-control"
name="FirstName" id="FirstName" value="<?php echo $firstname; ?>">
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label"
for="LastName">Van:</label>
<div class="col-md-6">
<input type="text" class="form-control"
name="LastName" id="LastName" value="<?php echo $lastname; ?>"'>
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label"
for="Cell">Selfoon:</label>
<div class="col-md-6">
<input type="text" class="form-control"
name="Cell" id="Cell" value="<?php echo $cell; ?>">
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label"
for="Address">Addres:</label>
<div class="col-md-6">
<input type="text" class="form-control"
name="Address" id="Address" value="<?php echo $adress; ?>">
</div>
</div>
<div class="row">
<div class="col-sm-9 col-sm-offset-3">
<button value="submit" type="submit"
name="submit" class="btn btn-primary">Stoor nuwe lid</button>
<button type="reset" class="btn btn-
default">Kanselleer</button>
</div>
</div>
</form>
</div>
</section>
</div>
</div>
<?php
// check if the form has been submitted. If it has, start to process the
form and save it to the database
if (isset($_POST['submit'])) {
// get form data, making sure it is valid
$firstname =
mysql_real_escape_string(htmlspecialchars($_POST['firstname']));
$lastname =
mysql_real_escape_string(htmlspecialchars($_POST['lastname']));
$cell = mysql_real_escape_string(htmlspecialchars($_POST['cell']));
$address = mysql_real_escape_string(htmlspecialchars($_POST['address']));
$sql = "INSERT INTO `tblusers` (FirstName, LastName, Cell, Address) VALUES
('$firstname','$lastname', '$cell','$address')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
// once saved, redirect back to the view page
header("Location: index.php");
}
?>
I am not sure if the problem is with PHP or the SQL code as I get no error messages.
The database connects fine. The query works in mysql directly, but when I combine the PHP with the HTML form it stores blank rows.
The code does not work because when you tried to comment out the validation part 'if condition' you forgot to comment out its 'else condition'.
I am talking about this line:
//if ($firstname == '' || $lastname == '' || $cell == '' || $address == '') {
The reason it was not working is because the variables were not the same, PHP is case sensitive. E.G lastname while HTML was LastName.
$firstname =
mysql_real_escape_string(htmlspecialchars($_REQUEST['FirstNameirstname']));
$lastname = mysql_real_escape_string(htmlspecialchars($_REQUEST['LastName']));
$cell = mysql_real_escape_string(htmlspecialchars($_REQUEST['Cell']));
$address = mysql_real_escape_string(htmlspecialchars($_REQUEST['Address']));
Kindly use the following function :
$con->mysqli_real_escape_string ( $_POST['...'])
in place of
mysql_real_escape_string(htmlspecialchars($_POST['...']))
I have been trying to make a form where I can update two fields one field is going be admin_welcomebox and admin_author and I'm trying update it by the id so here go my code
<div class="col-lg-6">
<div class="panel panel-color panel-inverse">
<div class="panel-heading">
<h3 class="panel-title">Welcome Box Update</h3>
</div>
<?php
if(isset($_POST["submit"])){
$servername = "localhost";
$username = "trres";
$password = "sss";
$dbname = "txxxs";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "UPDATE admin_news SET welcomebox = '{$admin_news}' SET author = {$admin_author} id='{$id}'";
if ($conn->query($sql) === TRUE) {
echo "<h4 class='bg-success'>You have updated admin welcome box.</h4>";
} else {
echo "<script type= 'text/javascript'>alert('Error: " . $sql . "<br>" . $conn->error."');</script>";
}
$conn->close();
}
?>
<div class="panel-body">
<form method="post" action="">
<div class="form-group">
<label for="welcomebox">Welcome Box</label>
<textarea type="text" name="welcomebox" id="welcomebox" placeholder="Enter Your Message" class="form-control"></textarea>
</div>
<div class="form-group">
<label for="author">Author Name</label>
<input type="text" name="author" id="author" placeholder="Author Name" class="form-control" / >
</div>
<div class="form-group text-right m-b-0">
<button class="btn btn-primary waves-effect waves-light" type="submit" name="submit" id="submit">
Update Info
</button>
</div>
</form>
</div>
</div>
</div>
When I try update it just refresh the page nothing else.
Your query has invalid syntax. This is wrong:
UPDATE admin_news SET welcomebox = '{$admin_news}' SET author = {$admin_author} id='{$id}'
The right MySQL syntax for UPDATE is
UPDATE admin_news SET welcomebox = 'value', author = 'value' WHERE id='id'
More in the MySQL manual
Moreover, where do you define $admin_news, $admin_author and $id? I do not see any variable definition in your code.
You didn't define $admin_news ,$admin_author and $id as well. define first.
Try this code :-
<div class="col-lg-6">
<div class="panel panel-color panel-inverse">
<div class="panel-heading">
<h3 class="panel-title">Welcome Box Update</h3>
</div>
<?php
if(isset($_POST["submit"])){
$servername = "localhost";
$username = "trres";
$password = "sss";
$dbname = "txxxs";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$id=$_POST['id'];
$admin_news=$_POST['welcomebox'];
$admin_author=$_POST['author'];
$sql = "UPDATE admin_news SET welcomebox = '$admin_news', author = $admin_author where id=$id";
if ($conn->query($sql) === TRUE) {
echo "<h4 class='bg-success'>You have updated admin welcome box.</h4>";
} else {
echo "<script type= 'text/javascript'>alert('Error: " . $sql . "<br>" . $conn->error."');</script>";
}
$conn->close();
}
?>
<div class="panel-body">
<form method="post" action="">
<input type="hidden" name="id" value="<?php echo $id; ?>" /> <!-- put here your id -->
<div class="form-group">
<label for="welcomebox">Welcome Box</label>
<textarea type="text" name="welcomebox" id="welcomebox" placeholder="Enter Your Message" class="form-control"></textarea>
</div>
<div class="form-group">
<label for="author">Author Name</label>
<input type="text" name="author" id="author" placeholder="Author Name" class="form-control" / >
</div>
<div class="form-group text-right m-b-0">
<button class="btn btn-primary waves-effect waves-light" type="submit" name="submit" id="submit">
Update Info
</button>
</div>
</form>
</div>
</div>
</div>
I have created a signup form for my php website using Bootstrap but nothing happens when I click on register. Signup form is made in Bootstrap and it is not working.
<div class="container">
<div class="row">
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
<?php
require_once("company-db.php");
if (!isset($_POST['submit'])) {
?>
<form role="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
<h2>Please Sign Up <small>It's free and always will be.</small></h2>
<hr class="colorgraph">
<div class="row">
<div class="col-xs-12 col-sm-6 col-md-6">
<div class="form-group">
<input type="text" name="username" id="username" class="form-control input-lg" placeholder="Username" tabindex="1">
</div>
</div>
<div class="col-xs-12 col-sm-6 col-md-6">
<div class="form-group">
<input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="2">
</div>
</div>
</div>
<div class="form-group">
<input type="text" name="company_name" id="company_name" class="form-control input-lg" placeholder="Company Name" tabindex="3">
</div>
<div class="form-group">
<input type="text" name="description" id="description" class="form-control input-lg" placeholder="Company Description" tabindex="4">
</div>
<div class="form-group">
<input type="email" name="email" id="email" class="form-control input-lg" placeholder="Email Address" tabindex="4">
</div>
<div class="row">
<div class="col-xs-4 col-sm-3 col-md-3">
<span class="button-checkbox">
<button type="button" class="btn" data-color="info" tabindex="7">I Agree</button>
<input type="checkbox" name="t_and_c" id="t_and_c" class="hidden" value="1">
</span>
</div>
<div class="col-xs-8 col-sm-9 col-md-9">
By clicking <strong class="label label-primary">Register</strong>, you agree to the Terms and Conditions set out by this site, including our Cookie Use.
</div>
</div>
<hr class="colorgraph">
<div class="row">
<div class="col-xs-12 col-md-6"><input type="submit" value="submit" class="btn btn-primary btn-block btn-lg" tabindex="7"></div>
<div class="col-xs-12 col-md-6">Sign In</div>
</div>
</form>
<?php
} else {
## connect mysql server
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
# check connection
if ($mysqli->connect_errno) {
echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
exit();
}
## query database
# prepare data for insertion
$username = $_POST['username'];
$password = $_POST['password'];
$company_name = $_POST['company_name'];
$description = $_POST['description'];
$email = $_POST['email'];
# check if username and email exist else insert
$exists = 0;
$result = $mysqli->query("SELECT username from companies WHERE username = '{$username}' LIMIT 1");
if ($result->num_rows == 1) {
$exists = 1;
$result = $mysqli->query("SELECT email from companies WHERE email = '{$email}' LIMIT 1");
if ($result->num_rows == 1) $exists = 2;
} else {
$result = $mysqli->query("SELECT email from companies WHERE email = '{$email}' LIMIT 1");
if ($result->num_rows == 1) $exists = 3;
}
if ($exists == 1) echo "<p>Username already exists!</p>";
else if ($exists == 2) echo "<p>Username and Email already exists!</p>";
else if ($exists == 3) echo "<p>Email already exists!</p>";
else {
# insert data into mysql database
$sql = "INSERT INTO `companies` (`id`, `username`, `password`, `company_name`, `description`, `email`)
VALUES (NULL, '{$username}', '{$password}', '{$company_name}', '{$description}', '{$email}')";
if ($mysqli->query($sql)) {
//echo "New Record has id ".$mysqli->insert_id;
echo "<p>Registred successfully!</p>";
} else {
echo "<p>MySQL error no {$mysqli->errno} : {$mysqli->error}</p>";
exit();
}
}
}
?>
</div>
</div>
You don't have a name for your submit button, so this won't get posted.
<input type="submit" value="submit" name="submit"
class="btn btn-primary btn-block btn-lg" tabindex="7">
Give the name attribute and make it set.
Note: You must never rely on Submit button's attribute!
The (!isset($_POST['submit'])) conditional statement depends on the execution of your code.