[SOLVED]: This code is functional, i made a mistake by displaying an old version of my .php page into the browser, which didn't have the updated code below. I would like to echo an error 'error' produced from my php code which is meant to validate a sign in form, into the page of the sign in form, the error appears in the URL only , for example : signin.php?error= User name is incorrect. So i would like the same message to appear within the sign in form itself , i tried to use $_GET['error'] and echo'ed it within my form,
<form method="post" onsubmit=" return formSubmit() " action="signinphp.php">
<div class="userimage">
<img class="userlogo" src="image/userlogo.png" alt="Picture- User Profile picture">
</div><br>
<?php if (isset($_GET['error'])){?>
<p class="error"><?php echo $_GET['error'];?></p>
<?php } ?>
<div class="error" id= "errorMsg"></div> <br>
<div class="error" id= "errorMsg1"></div>
<div class="field">
<label class="stafflabel"> Staff Name </label>
<input class="area" placeholder="staffmember or admin" onclick=" return userValidation()" onchange=" return userValidation()" id="staff" name="staffname" type="text" >
</div> <br>
<div class="error" id= "errorMsg2"></div>
<div class="field">
<label class="passlabel"> Password </label>
<input class="area" placeholder="password" onclick=" return userValidation()" onchange=" return userValidation()" id="pass" name="password" type="password" >
</div><br>
<div class="checkbox">
<input type="checkbox" class="remember-me">
<label class="remember" for="remember-me">Remember me </label>
<a class="pass-link" href="#"> Forgot password?</a>
</div><br><br><br>
<div class="field">
<input class="btn" onclick="check(this.form)" type="submit" value="Sign in">
</div> <br>
<div class="account-link">
Didn't create an account yet? Create Account
</div>
</form>
PHP
<?php
if (isset($_POST['staffname'])&& isset($_POST['password'])){
function validate($data){
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$staffname = validate($_POST['staffname']);
$pass= validate($_POST['password']);
if (empty($staffname)){
header("Location:signin2.php?error=Staff name and password are required!");
exit();
} else if (empty($pass)){
header ("Location:signin2.php?error=Staff name and password are required!");
exit();
} else {
if ($staffname == "staffmember" && $pass== "letmein!123"){
echo "Logged in!";
header("Location: log-it-reportsbeta.php");
exit();
}
else if ($staffname == "admin" && $pass== "heretohelp!456"){
echo "Logged in!";
header("Location: sql_select_updated.php");
exit();
}
}
}
else{
header("Location: signin2.php");
exit();
}
but it did not work , i provided my form code below and the php code for the form validation, please take a look , thank you.
You may wanna use an extra condition to get an error message instead of passing the whole error string in your URL.
In your php script :
if (empty($staffname)){
header("Location:signin2.php?error=1");
exit();
} else if (empty($pass)){
header ("Location:signin2.php?error=2");
exit();
}
In your form :
if (isset($_GET['error'])) {
if ($_GET['error'] == 1) {
$message = "Staff name and password are required!";
}
else if ($_GET['error'] == 2) {
$message = "Another error message";
}
echo '<p class="error">'.$message.'</p>';
}
Related
i have a working login form that shows up via button click, i can log in but it doesnt show the errors
button that shows login form with the function(in a seperate file):
<button type="button" class="btn btn-lg btn-success" name="button" onclick="signin()" id="signin">Login</button>
function signin()
{
jQuery('#login-form').css("display","block");
jQuery('#reg-form').css("display","none");
jQuery('#signin').css("display","none");
jQuery('#signup').css("display","block");
}
the modal with php(included to the file where the button is):
<?php
$email = ((isset($_POST['Email']))?$_POST['Email']:'');
$password = ((isset($_POST['Password']))?$_POST['Password']:'');
$errors = array();
?>
<div class="" id="login-form" style="display:none">
<img class="Lpic" src="img/loginpic.png">
<br>
<div class="fieldtext">
<h2 class="text-center">Login</h2>
</div>
<br>
<div>
<?php
if($_POST)
{
//form validation
if(empty($_POST['Email']) || empty($_POST['Password']))
{
$errors[] = 'Please enter email and password';
}
//check if email exists
$query = $db->query("SELECT * FROM users WHERE Email = '$email'");
$user = mysqli_fetch_assoc($query);
$userCount = mysqli_num_rows($query);
if($userCount < 1)
{
$errors[] = 'Unknown email, pleas verify';
}
if(password_verify($password, $user['Password']))
{
$errors[] = 'Password doesn\'t match, try again';
}
if(!empty($errors))
{
echo display_errors($errors);
}else{
//log user in
$user_id = $user['ID'];
login($user_id);
}
}
?>
</div>
<form action="Login.php" method="post">
<div class="inputfield">
<div class="form-group">
<label for="Email">Email</label>
<input type="email" name="Email" id="Email" value="<?=$email;?>">
</div>
<div class="form-group">
<label for="Password">Password</label>
<input type="password" name="Password" id="Password" value="<?=$password;?>">
</div>
</div>
<div class="form-group">
<input type="submit" value="Login" class="btn btn-success btn-block">
</div>
</form>
</div>
PS: login() is a function that logs in the user, any suggestions on how to show the errors without using alert??? TIA
Well it’s definitely not the prettiest solution, but you can instead of using the display_errors() function render the form validation messages in html whenever the $errorsarray is not empty.
Something like this:
if(!empty($errors)) {
echo ‘<div id=“errors”>’;
foreach ($error in $errors) {
echo $error . “<br>”;
}
echo ‘</div>‘;
}
Sorry that i couldn’t comletely write the code, its hard to code on the phone...
I hope you get the idea.
try setting the following at the top of your php file
ini_set('display_errors', 1);
error_reporting(E_ALL);
hope this helps.
You might also want to look at this answer
I can't understand how can I show a bootstrap alert whenever a user successfully logs in, I've tried it but it is already showing the success or fail message and also it is showing undefined index of $_SESSION['user_id'] which is id in my database.
</div></header>
<section class="clear" id="login-form"><center>
<h1 style="font-size: 30px;">Login</h1><br>
<?php
if ($_SESSION[''] == false) {
echo '<center><div class="alert alert-success">Login Successful!!</div></center>';
}
else{
echo '<center><div class="alert alert-warning">Login Error!!</div></center>';
}
?>
<form action="includes/login.inc.php" method="POST">
<input type="text" name="username" placeholder="Username/E-mail" required><br>
<input type="password" name="password" placeholder="Password" required><br>
<button name="submit">Login</button>
</form></center></section>
</body>
First you need to check the user_in from $_SESSION weather it is exist or not. If you set session after authentication, you can use the following:
if (isset($_SESSION['user_id']) && $_SESSION['user_id']) {
echo '<center><div class="alert alert-success">Login Successful!!</div></center>';
} else {
echo '<center><div class="alert alert-warning">Login Error!!</div></center>';
}
Use isset: whatever you set for the user during successful login in the session
<?php
if (isset($_SESSION['user_id'])) {
echo '<center><div class="alert alert-success">Login Successfull!!</div></center>';
}
else{
echo '<center><div class="alert alert-warning">Login Error!!</div></center>';
}
?>
I have a simple login page, and the idea is that if user input incorrect passowrd/login, then he or she will see error message on the same page. I have code in 3 different files - one is simple html, another has the functions, and last one runs all the logic:
<div id="content">
<div class="logo-container"><img src="images/logo2.png" alt=""></div>
<div class="container-fluid">
<!-- All login logic is in login.php file -->
<form action='/login-logic.php' method="post" class="form-1">
<p>
<label for="username" class="sr-only">Username</label>
<input type="text" class="form-control" id="username"
name="username" placeholder="What's your username?" required />
</p>
<p>
<label for="password" class="sr-only">Password</label>
<input type="password" class="form-control" id="password"
name="password" placeholder="What's your password?" required/>
<?php
if($isValid === false) {
echo "<div id='alert-message' class='alert alert-danger'>SCRUB</div>";
}
?>
</p>
<p class="submit">
<button id="submit-button" type="submit" name="submit" value="submit"><i class="fa fa-arrow-right"></i></button>
</p>
</form>
</div>
// Check match of the credentials in database
function loginValidation($query) {
global $isValid;
$isValid = true;
$count = mysqli_num_rows($query);
if($count == 1) {
header('Location: pages/signup.php'); /* Redirect browser */
} else {
$isValid = false;
header('Location: index.php');
/* Redirect browser */
}
}
Thank you!
You declare a variable just before to force browser to reload the page. So the variable is no more defined in the next request.
Here is a possible way.
Instead of :
{
$isValid = false;
header('Location: index.php');
/* Redirect browser */
}
Do :
{
/* Redirect browser */
header('Location: index.php?error');
exit();
}
Then, in HTML :
if (isset($_GET['error'])) {
echo "<div id='alert-message' class='alert alert-danger'>SCRUB</div>";
}
I'm making an event management system. I dont know what's wrong, it just keeps reloading after I click submit button.
Here's my HTML codes
<?php
session_start();
if (!isset($_SESSION['username'])) {
$_SESSION['msg'] = "You must log in first";
header('location: login.php');
}
if (isset($_GET['logout'])) {
session_destroy();
unset($_SESSION['username']);
header("location: login.php");
}
<div class="header">
<h2>Create Event</h2>
</div>
<form method="post" action="create_event.php">
<div class="input-group">
<label>Event Title</label>
<input type="text" name="event_title" >
</div>
<div class="input-group">
<label>Pick Location</label>
<select name="location">
<option>Alabang</option>
<option>South City</option>
<option>Batangas</option>
<option>Cavite</option>
<option>Laguna</option>
</select>
<div class="input-group">
<label>Address</label>
<textarea rows="4" cols="50" name="address"></textarea>
</div>
<div class="date">
<label>Pick date and time</label>
<input type="date" name="date"></br>
<input type="time" name="time">
</div>
<div class="event_info">
<label>Event Information</label>
<textarea rows="4" cols="50" name="event_info"></textarea>
</div>
<div class="input-group">
<button type="submit" class="btn" name="create_event">Create Event</button>
</div>
</form>
PHP code:
// Create Event
if (isset($_POST['create_event'])) {
// receive all input values from the form
$event_title = mysql_real_escape_string($_POST['event_title']);
$location = mysql_real_escape_string($_POST['location']);
$address = mysql_real_escape_string($_POST['address']);
$date = mysql_real_escape_string($_POST['date']);
$time = mysql_real_escape_string($_POST['time']);
$event_info = mysql_real_escape_string($_POST['event_info']);
$query="select * from `event` where event_title='$_POST[event_title]' or time='$_POST[time]' or date='$_POST[date]'";
$result=mysql_query($query);
$count=mysql_num_rows($result);
if($count>0)
{
array_push($errors, "Already used");
}
// form validation: ensure that the form is correctly filled
if (empty($event_title)) { array_push($errors, "Please input title"); }
if (empty($location)) { array_push($errors, "Location is required"); }
if (empty($address)) { array_push($errors, "Location is required"); }
if (empty($time)) { array_push($errors, "Time is required"); }
if (empty($date)) { array_push($errors, "Date is required"); }
if (empty($event_info)) { array_push($errors, "Date is required"); }
// register user if there are no errors in the form
if (count($errors) == 0) {
$query = "INSERT INTO `event` (event_title,location,address,time,date,event_info) VALUES ('$event_title', '$location','$address','$time','$date','$event_info')";
$result = mysql_query($query);
echo("success");
}
}
I don't think there is anything wrong because if I click the submit button, no errors popup. It just reloads but no data is sent to my database.
Amend in form your submit button like this:
<input type = "submit" name = "create_event" value="create event"/>
Also in action use $_SERVER['PHP_SELF'] variable. Like this...
<form action ="<?php echo
htmlspecialchars($_SERVER['PHP_SELF']);
?>" method = "post">
In database query please use PDO statement it's easy and safe. And also sanitize user input before using it.
I am currently working on PHP forgot password reset, which partially doing the job but seeking some assistance to improve it further.
1st issue: It is not displaying the correct email address on the
submission form. It updates the password correctly but doesn't
display correct email address.
2nd issue: Also if the user makes an error while submitting the form on reloading the page doesn't update the password hence the user has to go back to his email to click back on the link.
<?php
include('../config/connection.php');
if(isset($_POST['submit'])){
$password = mysqli_real_escape_string($dbc,$_POST['password']);
$Rpassword = mysqli_real_escape_string($dbc,$_POST['Rpassword']);
$acode=$_POST['encrypt'];
$passmd = md5(SHA1($password));
if (empty($password) OR empty($Rpassword)) {
$error = 'One or either field is missing';
} if ($password != $Rpassword) {
$error = 'Passwords don\'t match';
} if(strlen($password)<6 OR strlen($Rpassword)>20) {
$error = 'Password must be between 6 to 20 characters';
}
else {
$query = mysqli_query($dbc,"select * from users where passreset='$acode'") or die(mysqli_error($dbc));
if (mysqli_num_rows ($query)==1)
{
$query3 = mysqli_query($dbc,"UPDATE users SET password='$passmd',passreset=0 WHERE passreset='$acode'")
or die(mysqli_error($dbc));
$sent = 'Password has been Changed successfully, Please sign in for loging in.';
}
else
{
$error = 'Please click back on the Forgot password link to reset your password ';
}
}
}
?>
<body>
<?php if(!isset($_POST['submit']) OR $error != '' OR isset($error)) { ?>
<?php if(isset($error) AND $error !='')
{
echo '<p style="color:#c43235">'.$error.'</p>';
}
?>
<form action="reset.php" method="post" role="form">
<div class="form-group">
<label for="password">Email</label>
<input type="text" class="form-control" id="email" name="email" value="
<?php
$acode=$_POST['encrypt'];
$query5 = mysqli_query($dbc,"SELECT * FROM users where passreset='$acode'") or die(mysqli_error($dbc));
$list = mysqli_fetch_array($query5); /* Error-----*/
$val = $list['email'];
echo $val;?>" >
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" class="form-control" id="password" name="password" placeholder="Password" >
</div>
<div class="form-group">
<label for="password">Re-enter Password</label>
<input type="password" class="form-control" id="password" name="Rpassword" placeholder="Password" >
</div>
<input type="hidden" class="form-control" name="encrypt" value="<?php echo $_GET['encrypt'];?>" >
<button class="btn btn-success" type="submit" name="submit" />Submit</button>
</form>