I am struggling to get values from an HTML form into PHP variables using POST. It used to work but now no matter what I do it isn't working. Here is the php file:
<?php
include "DBConn.php";
session_start();
?>
<html>
<head>
<title>Register</title>
<link rel="stylesheet" href="Register.css" type = "text/css">
</head>
<body>
<div id="container">
<form action="register.php" method = "post">
<label for="name">Name:</label>
<input type="text" id="name" name="txtName" value = <?php if(isset($_POST['txtName'])) echo $_POST['txtName'];?>>
<label for="surname">Surname:</label>
<input type="text" id="surname" name="txtSurname" value = <?php if(isset($_POST['txtSurname'])) echo $_POST['txtSurname'];?>>
<label for="address">Address:</label>
<input type="text" id="address" name="txtAddress" value = <?php if(isset($_POST['txtAddress'])) echo $_POST['txtAddress'];?>>
<label for="email">Email:</label>
<input type="email" id="email" name="txtEmail" value = <?php if(isset($_POST['txtEmail'])) echo $_POST['txtEmail'];?>>
<label for="password">Password:</label>
<input type="password" id="password" name="txtPassword" value = <?php if(isset($_POST['txtPassword'])) echo $_POST['txtPassword'];?>>
<label for="password2">Re-enter Password:</label>
<input type="password" id="password2" name="txtPassword2" value = <?php if(isset($_POST['txtPassword2'])) echo $_POST['txtPassword2'];?>>
<div id="lower">
<input type="submit" value="Register" name = "btnRegister">
</div><!--/ lower-->
</form>
</div>
</body>
</html>
<?php
//Runs if btnRegister is clicked. Registers a user.
if (isset($_POST['btnRegister'])) {
//Assigns form data to variables
$_SESSION["Name"] = $_POST['txtName'];
$_SESSION["Surname"] = $_POST['txtSurname'];
$_SESSION["Email"] = $_POST['txtEmail'];
$_SESSION["Password"] = $_POST['txtPassword'];
$_SESSION["Password2"] = $_POST['txtPassword2'];
$_SESSION["Address"] = $_POST['txtAddress'];
$sqlSelect =
"SELECT *
FROM tbl_Customer
WHERE Email = '{$_SESSION["Email"]}'";
//Runs select query
$result = $conn->query($sqlSelect);
$md5pass = md5($_SESSION["Password"]);
//Checks to see if user exists based on query
if ($result->num_rows == 0) {
//Checks to see if passwords match
if ($_SESSION["Password"] == $_SESSION["Password2"]) {
//Passwords match
echo '<script>alert("Passwords match")</script>';
//Insert statement to insert user into table
$sqlInsert = "INSERT INTO tbl_Customer (Name, Surname, Email, Password, Address)
VALUES ('{$_SESSION["Name"]}','{$_SESSION["Surname"]}','{$_SESSION["Email"]}','$md5pass','{$_SESSION["Address"]}');";
if ($conn->query($sqlInsert) === TRUE) {
echo '<script>alert("Registered successfully")</script>';
}
else {
echo '<script>alert("Registration error: " . $sql . "<br>" . $conn->error)</script>';
}
}
else {
echo '<script>alert("Passwords do not match")</script>';
}
}
else {
//User exists
echo '<script>alert("User already exists, choose a different email.")</script>';
}
header('Location: login.php');
exit();
}
?>
None of the alerts are working indicating that they echos are not working. Also, the second I click the register button I am taken to the login page which means the register button must be working. It doesn't give me any errors or messages.
Remove action="register.php" from <form> tag if your PHP code is on the same page as HTML code. The action attribute specifies where to send the form-data when a form is submitted, since your PHP code is on the same page you should remove action and the form-data will be submitted on that same page.
Or
create a register.php and put PHP code there.
Related
I have 2 pages. I need on "addproduct.php" to check whether the user is logged in as an admin. I have a login script. Apologies if this is a silly question but im brand new to PHP.
I want a user who reaches this page who is not logged in as an admin ('isadmin' is a row in the user database) to be redirected to the login page, and when someone is logged in as an admin for the page to display.
Login.php;
<?php
session_start();
$un = $_POST["username"];
$pw = $_POST["password"];
$conn = new PDO ("mysql:host=localhost;dbname=assign026;", "assign026",
"ziSietiu");
$results = $conn->query("select * from users where username='$un' and
password='$pw'");
$row = $results->fetch();
if($row == false)
{
echo "Incorrect password!";// There were matching rows
}
else
{
$_SESSION["gatekeeper"] = $un;
$_SESSION["isadmin"] = $row["isadmin"];
header ("Location: index.php");
}
?>
And addproduct.php
<?php
session_start();
?>
<?php
// Test that the authentication session variable exists
if(!isset($_SESSION["isadmin"]) || $row["isadmin"] == 1)
{
header('Location: login.html');
exit();
}
else
{
echo ($_SESSION["isadmin"]);
}
?>
<div>
<h2>Add new product</h2>
<form method="post" action="addproductscript.php">
<p>Insert product here</p>
<input type="text" name="name" placeholder="name">
<input type="text" name="manufacturer" placeholder="manufacturer">
<input type="text" name="description" placeholder="description">
<input type="text" name="price" placeholder="price">
<input type="text" name="stocklevel" placeholder="stocklevel">
<input type="text" name="agelimit" placeholder="agelimit">
<input type="submit" value="Submit">
</form>
</div>
Based on your code if(!isset($_SESSION["isadmin"]) || $row["isadmin"] == 1), the $row["isadmin"] is not defined thus it don't have any value.
What you can do is if(!isset($_SESSION["isadmin"]) || $_SESSION["isadmin"] == 1)
I have 2 problems.
Basic story: I have created a SIMPLE registration and login system.
Problem1: If I try to register a new account then it says "user registration failed". At the moment it should say that because mysql can't get right information from forms. But problem is that I don't know why. Everything seems correct...
Problem2: If I try to login with existent account then it seems that browser is only refreshing the page and nothing else...
Registration with php code:
<?php
require ('insert.php');
// If values posted, insert into the database.
if (isset($_POST['username']) && isset($_POST['password'])){
$name = $_POST['name'];
$email = $_POST['email'];
$username = $_POST['username'];
$password = $_POST['password'];
// nimi refers to name, it's correct
$query = "INSERT INTO `user` (nimi, email, username, password)
VALUES('$name', '$email', '$username', '$password')";
//POST retrieves the data.
$result = mysqli_query($connection, $query);
if($result){
$smsg = "User Created Successfully.";
} else {
$fmsg = "User Registration Failed";
}
}
mysqli_close($connection);
?>
<html>
...
<body>
...
<div>
<form method="POST" class="form-horizontal" role="form">
<!-- Status, how registering went -->
<?php if(isset($smsg)){ ?><div class="alert alert-success" role="alert"> <?php echo $smsg; ?> </div><?php } ?>
<?php if(isset($fmsg)){ ?><div class="alert alert-danger" role="alert"> <?php echo $fmsg; ?> </div><?php } ?>
<!-- Registration form starts -->
<h2>Form</h2><br>
<label for="Name"></label>
<input name="name" type="text" id="name" maxlength="40" placeholder="Ees- ja perenimi" class="form-control" autofocus> <!-- lopp -->
<label for="email"></label>
<input name="email" type="email" id="email" maxlength="65" placeholder="Email" class="form-control"> <!-- lopp -->
<label for="Username"></label>
<input name="username" type="text" id="userName" maxlength="12" placeholder="Kasutajatunnus/kasutajanimi" class="form-control" required> <!-- lopp -->
<label for="Password"></label>
<input name="password" type="password" id="password" maxlength="12" placeholder="Parool" class="form-control" required>
<button type="submit" class="btn btn-primary btn-block">Join</button>
</form> <!-- /form -->
</div> <!-- ./container -->
...
</body>
</html>
Login:
<?php
session_start();
require ('insert.php');
//Is username and password typed?
if (isset($_POST['username']) and isset($_POST['password'])){
//Making vars from inputs
$username = $_POST['username'];
$password = $_POST['password'];
//Checking existent of values.
$query = "SELECT * FROM `liikmed`
WHERE username='$username'
and password='$password'";
$result = mysqli_query($connection, $query)
or die(mysqli_error($connection));
$count = mysqli_num_rows($result);
//3.1.2 If values equal, create session.
if ($count == 1){
$_SESSION['username'] = $username;
} else {
//If credentials doesn't match.
$fmsg = "Invalid Login Credentials.";
}
}
//if user logged in, welcome with message
if (isset($_SESSION['username'])){
$username = $_SESSION['username'];
echo "Hai " . $username . "";
echo "This is the Members Area";
echo "<a href='logout.php'>Logout</a>";
}else{}
?>
<html>
...
<body>
...
<div id="bg"></div>
<form method="POST" class="form-horizontal">
<h2>Login</h2><br>
<label for="User"></label>
<input name="username" type="text" maxlength="15" placeholder="Username" class="form-control" required autofocus>
<label for="Password"></label>
<input name="password" type="password" maxlength="50" placeholder="Password" class="form-control" required autofocus>
<button type="submit" class="btn btn-primary btn-block">Enter</button>
</form>
</div>
...
</body>
</html>
And finally php database connection file (called insert.php):
<?php
$connection=mysqli_connect("localhost","root","pw");
if (!$connection){
die("Database Connection Failed" . mysqli_error($connection));
}
$select_db = mysqli_select_db($connection, 'my_database');
if (!$select_db){
die("Database Selection Failed" . mysqli_error($connection));
}
?>
First of all in your login PHP code, you only started a session but you didn't tell the from where to direct to if login is successful. Add a header to the code. That is;
if ($count == 1){
$_SESSION['username'] = $username;
header("Location: page.php"); //the page you want it to go to
}
And your registration PHP code looks ok. Check your database table if you've misspelt anything there.
Your logic to set the $_SESSION['username'] requires that the username and password combination exists once in your database.
This might sound silly but can you confirm that this is the case (i.e. confirm that you have not created the same username and password combination).
Altering the logic to be > 1 would also get around this temporarily. So your code
if ($count == 1){
$_SESSION['username'] = $username;
}
should become
if ($count > 1){
$_SESSION['username'] = $username;
}
its my first time creating a login page.
I want users to login, then the page redirects to the customer account page, if they have a account. I have added echo's so i can see whats happening. I have a "Logged in successfully" alert that works perfectly when i login. The page just does not redirect.
HTML
<section class="container">
<form id="myform " class="Form" method="post" action="login.php" accept-charset="utf-8">
<!-- <div id="first">-->
<input type="email" id="email" name="email" placeholder="Email Address" value='' required>
<input class ="login-field" type="password" id="pass1" name="pass1" value="" placeholder="Password" maxlength="30" required>
<input type="submit" name="login" value="login" class="btn ">
<br>
</form>
PHP
<?php
session_start();
require ('./mysql.inc.php');
?>
<?php
if (isset($_POST['login']))
//database varianbles
$c_email = $_POST['email'];
$c_password = $_POST['pass1'];
// select login details
$sel_c = "SELECT * FROM Cus_Register WHERE Cus_Email='$c_email' AND Cus_Password='$c_password'";
$run_c = mysqli_query($dbc, $sel_c);
//check if customer is on databse
$check_customer = mysqli_num_rows($run_c);
if ($check_customer == 0) {
echo "<script> alert('password or email is incorrect please try again')</script>";
exit();
}
else{
$_SESSION['Cus_Email'] = $c_email;
echo "<script> alert ('Logged in successfully')</script>";
echo "<script>window.open('./customer/Cus_Account.php'.'_self') </script>";
}
?>
You may use header() to redirect
else
{
$_SESSION['Cus_Email'] = $c_email;
header('Location: customer/Cus_Account.php');
exit();
}
hope it helps:)
Do you intend window.open('./customer/Cus_Account.php'.'_self') to be window.open('./customer/Cus_Account.php', '_self')?
window.open takes a location and a target parameter and in JavaScript parameters are separated by a comma, not a full stop. In this case './customer/Cus_Account.php' is the location and '_self' is the target.
I have the tables users and register in my database. I've created a login page which starts a session using the users table, then people fill out a form to insert data into the register table. I've used the following code to insert the data. My code doesn't have errors but the thing is it is not inserted to my table. Please help me. Thanks.
<?php
include("includes/db.php");
session_start();
if(!isset($_SESSION['user_name'])){
header("location: login.php");
}
else { ?>
<html>
<body>
<h2>New users Signup!</h2>
<form action="login.php" method="post">
<input type="text" name = "firstname" placeholder="Firstname"/>
<input type="text" name = "lastname" placeholder="Lastname"/>
<input type="text" name = "address" placeholder="Address"/>
<input type="text" name = "contact" placeholder="Contact"/>
<input type="text" name = "email" placeholder="Email Address"/>
<input type="password" name = "password" placeholder="Password"/>
<div class = "bttn">
<button type="submit" name = "submit" class="btn btn-default">Signup</button>
</div>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
$users_firstname = $_POST['firstname'];
$users_lastname = $_POST['lastname'];
$users_address = $_POST['address'];
$users_contact = $_POST['contact'];
$users_email = $_POST['email'];
$users_password = $_POST['password'];
$users_date = date('Y-m-d');
if($users_firstname=='' or $users_lastname=='' or $users_address=='' or $users_contact=='' or $users_email=='' or $users_password=='')
{
echo "<script>alert('Any of the fields is empty')</script>";
exit();
} else {
$insert_query = mysql_query("insert into users (users_firstname,users_lastname,users_address,users_contact,users_email,users_password,users_date) values ('$users_firstname','$users_lastname','$users_address','$users_contact','$users_email','$users_password','$users_date')");
$users_id=mysql_insert_id();
if(mysql_query($insert_query)) {
echo "<script>alert('post published successfuly')</script>";
}
}
}
} ?>
Now try this code:
<?php
include("includes/db.php");
session_start();
if(!isset($_SESSION['user_name'])){
header("location: login.php");
}
else {
?>
<html>
<body>
<?php
if(isset($_POST['submit']))
{
$users_firstname = $_POST['firstname'];
$users_lastname = $_POST['lastname'];
$users_address = $_POST['address'];
$users_contact = $_POST['contact'];
$users_email = $_POST['email'];
$users_password = $_POST['password'];
$users_date = date('Y-m-d');
if($users_firstname=='' or $users_lastname=='' or $users_address=='' or $users_contact=='' or $users_email=='' or $users_password=='')
{
echo "<script>alert('Any of the fields is empty')</script>";
exit();
}
else
{
$insert_query = mysql_query("INSERT INTO `users` (users_firstname, users_lastname, users_address, users_contact, users_email, users_password, users_date) values ('$users_firstname', '$users_lastname', '$users_address', '$users_contact', '$users_email', '$users_password', '$users_date')");
$users_id=mysql_insert_id();
echo "<script>alert('post published successfuly')</script>";
}
}
?>
<h2>New users Signup!</h2>
<form action="" method="post">
<input type="text" name="firstname" placeholder="Firstname"/>
<input type="text" name="lastname" placeholder="Lastname"/>
<input type="text" name="address" placeholder="Address"/>
<input type="text" name="contact" placeholder="Contact"/>
<input type="text" name="email" placeholder="Email Address"/>
<input type="password" name="password" placeholder="Password"/>
<div class="bttn">
<button type="submit" name="submit" class="btn btn-default">Signup</button>
</div>
</form>
</body>
</html>
<?php } ?>
I have:
Repositioned your PHP code for inserting to be at the top of the form
changed <form action="login.php" to <form action="" because we are executing from the same page
Your query has already run so removed the if(mysql_query...
Removed the spaces in the form e.g. name = " nameofform" to name="nameofform"
I don't see any reason for having this $users_id=mysql_insert_id();, YOu should use auto-increment for the userID on your database
But since we don't know how you have connected to your database, because also that can be an issue: you can also try this way
<?php
//connect to DB
$hostname_localhost = "localhost"; //hostname if it is not localhost
$database_localhost = "databasename";
$username_localhost = "root"; //the username if it is not root
$password_localhost = "password_if_any"; //if no password leave empty
$localhost = mysql_pconnect($hostname_localhost, $username_localhost, $password_localhost) or trigger_error(mysql_error(),E_USER_ERROR);
?>
<?php
// include("includes/db.php");
if (!isset($_SESSION)) {
session_start();
}
if(!isset($_SESSION['user_name'])){
header("location: login.php");
}
else {
?>
<html>
<body>
<?php
if(isset($_POST['submit']))
{
$users_firstname = $_POST['firstname'];
$users_lastname = $_POST['lastname'];
$users_address = $_POST['address'];
$users_contact = $_POST['contact'];
$users_email = $_POST['email'];
$users_password = $_POST['password'];
$users_date = date('Y-m-d');
if($users_firstname=='' or $users_lastname=='' or $users_address=='' or $users_contact=='' or $users_email=='' or $users_password=='')
{
echo "<script>alert('Any of the fields is empty')</script>";
exit();
}
else
{
$insert_query = sprintf("INSERT INTO `users` (users_firstname, users_lastname, users_address, users_contact, users_email, users_password, users_date) values ('$users_firstname', '$users_lastname', '$users_address', '$users_contact', '$users_email', '$users_password', '$users_date')");
mysql_select_db($database_localhost, $localhost);
$Result = mysql_query($insert_query, $localhost) or die(mysql_error());
echo "<script>alert('post published successfuly')</script>";
}
}
?>
<h2>New users Signup!</h2>
<form action="" method="post">
<input type="text" name="firstname" placeholder="Firstname"/>
<input type="text" name="lastname" placeholder="Lastname"/>
<input type="text" name="address" placeholder="Address"/>
<input type="text" name="contact" placeholder="Contact"/>
<input type="text" name="email" placeholder="Email Address"/>
<input type="password" name="password" placeholder="Password"/>
<div class = "bttn">
<button type="submit" name="submit" class="btn btn-default">Signup</button>
</div>
</form>
</body>
</html>
<?php } ?>
You should removed the whitespaces in your html-code:
Wrong
<input type="text" name = "firstname" placeholder="Firstname"/>
^^^^^
Correct
<input type="text" name="firstname" placeholder="Firstname"/>
Do not put the variables in single quotes:
$insert_query = mysql_query("INSERT INTO users
(users_firstname,users_lastname,users_address,users_contact,users_email,users_password,users_date)
VALUES
($users_firstname,$users_lastname,$users_address,$users_contact,$users_email,$users_password,$users_date)");
Update: This was wrong. The whole string is in double-quotes so the OP did correct and my notice was wrong. For information-purposes i will let stand the link to the documentation here.
Note: Unlike the double-quoted and heredoc syntaxes, variables and escape sequences for special characters will not be expanded when they occur in single quoted strings.
Read more about single- and double-quotes in the PHP documentation.
Do not double-run the query/perform wrong function-call
$insert_query = mysql_query(".......");
........
if(mysql_query($insert_query)){
echo "<script>alert('post published successfuly')</script>";
}
You already have run the query in the first line. If you want to check if it was successful, you have to use if($insert_query) {}. The call mysql_query($insert_query) is wrong because mysql_query() returns a ressource instead of the sql-query.
Do not use mysql_*() function calls. You mysqli_*() instead.
Warning
This extension was deprecated in PHP 5.5.0, and it was removed in PHP 7.0.0. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include:
mysqli_query()
PDO::query()
Check your use of session.
You are checking the $_SESSION for user_name and if it is not set, you are redirecting via header("location: login.php").
The problem is, that you are never inserting the user_name into the session, so it will always be not set.
You can set the value via $_SESSION['user_name'] = $_POST['user_name']. Have in mind that you have to set the session before checking the session-value. ;-)
remove action
Try this
<form action="" method="post">
My code works perfect with correct data. But when is invalid value in field, it shows an error message with link on page register.php and when I click on this error, it redirects to register form, but there is empty form and all values must be inserted again. I want that valid values are displayed after error and invalid not.
Code:
<html>
<head>
<?php include 'connect.php'; ?>
<?php include 'functions.php'; ?>
<meta charset="UTF-8">
<title>TechnoLab-Registracija</title>
<link rel='stylesheet' href='style.css' type='text/css' />
<?php include 'header.php'; ?>
</head>
<body>
<div id="container">
<div id="left">
<?php include "kategorije.php";?>
</div>
<div id="right">
<?php include "loggedin.php";?>
</div>
<form method="post" id='registerform'>
<br/>
<?php
if(!empty($_POST['username']) && !empty($_POST['password']) )
{
$username = mysqli_real_escape_string($con, $_POST['username']);
$password = md5(mysqli_real_escape_string($con, $_POST['password']));
$email = mysqli_real_escape_string($con, $_POST['email']);
$confirm_email = mysqli_real_escape_string($con, $_POST['confirm_email']);
$ime = mysqli_real_escape_string($con, ucfirst($_POST['ime']));
$prezime = mysqli_real_escape_string($con, ucfirst($_POST['prezime']));
$oib = mysqli_real_escape_string($con, $_POST['oib']);
$ulica = mysqli_real_escape_string($con, $_POST['ulica']);
$mjesto = mysqli_real_escape_string($con, $_POST['mjesto']);
$checkusername = mysqli_query($con, "SELECT * FROM korisnici WHERE Username = '".$username."' OR Oib = '".$oib."'");
if(mysqli_num_rows($checkusername) == 1)
{
echo " <p><a class='one' href=\"register.php\">Unesite drugo korisničko ime!</p>";
exit();
}
$checkusernamelenght = checkusernamelenght($username);
if(!$checkusernamelenght){
echo ' <p><a class="one" href="register.php">Korisničko ime minimalno 4 znaka i ne smije sadržavati razmake između slova!</a></p>';
exit();
}
if (preg_match("/^.*(?=.{6,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST['password']) === 0){
echo ' <p><a class="one" href="register.php">Lozinka mora imati barem 6 znakova i sadržavati mala i velika slova te broj!</a></p>';
exit();
}
$checkemail = mysqli_query($con, "SELECT * FROM korisnici WHERE Email = '".$email."'");
if(mysqli_num_rows($checkemail) == 1)
{
echo " <p><a class='one' href=\"register.php\">Unesite drugu email adresu!</p>";
exit();
}
if ($confirm_email!=$email){
echo " <p><a class='one' href=\"register.php\">Vaše email adrese se ne podudaraju!</a></p>" ;
exit();
}
$validateEmail = validateEmail($email);
if(!$validateEmail){
echo " <p><a class='one' href=\"register.php\">Unesite ispravan format emaila!</a></p>";
exit();
}
$checkOib = checkOib($oib);
if(!$checkOib){
echo " <p><a class='one' href=\"register.php\">Unesite ispravan OIB !</p>";
exit();
}
else{
$registerquery = mysqli_query($con, "INSERT INTO korisnici VALUES('', '$username', '$password', '$email', '$confirm_email', '$ime', '$prezime', '$oib', '$ulica', '$mjesto', 'user')");
if($registerquery)
{
header('location: index');
}
}
}
else
{
?>
<br/>
<div id="reg">
<label for="username">Korisničko ime:</label><input type="text" name="username" required /><br />
<label for="password">Lozinka:</label><input type="password" name="password" maxlength="20" required /><br />
<label for="email">Email:</label><input type="text" name="email" required /><br />
<label for="confirm_email">Potvrdi email:</label><input type="text" name="confirm_email" required /><br />
<label for="ime">Ime:</label><input type="text" name="ime" required /><br />
<label for="prezime">Prezime:</label><input type="text" name="prezime" required /><br />
<label for="oib">OIB:</label><input type="text" name="oib" required /><br />
<label for="ulica">Ulica i kućni broj:</label><input type="text" name="ulica" required /><br />
<label for="mjesto">Mjesto i poštanski broj:</label><input type="text" name="mjesto" required /><br />
<br/>
<input type="submit" name="register" id="register" value="Registracija" />
</div>
</form>
<?php
}
?>
</div>
<?php include "footer.php";?>
</body>
</html>
Is it possible do that only with php or must be javascript or something else?
I've searched on forum and tried with this and similar code but it doesn't work.
<input type="text" name="login" value="<?php if(isset($_POST['login'])){ echo $_POST['login'];}?>">
I appreciate any help!
The $_POST['<value>'] doesn't work because of the redirect, it "drops" the $_POST data.
One way to achieve the desired functionality is to use $_SESSION when the form has been submitted you can store the values in the $_SESSION, or you might prefer to only store them if there's a error.)
You can store/save the values in $_SESSION like so:
$_SESSION['name'] = $_POST['name'];
And then simply check for the $_SESSION['<value>'] instead of the $_POST['<value>'].
<input type="text" name="login" value="<?php if(isset($_SESSION['login'])){ echo $_SESSION['login'];}?>">
You'd have to remember to start the session at the top of each page you want to use sessions on.
session_start();
One thing to be aware of is that you should unset the session values after you are done with them, so you avoid old data being reused.
There are plenty of ways you can use $_SESSION to achieve what you want so it's all about finding the way that suits you best.
You can read more about sessions here
best way is to create session array for complete data and if it is not empty show it in your fields. other method is to pass that post array back to your view when redirecting after invalid values.
hope you will understand.
If you just want the register.php script to fill the fields, simply send the needed info to this script:
$param = "?user=".urlencode($_POST['user']);
$param .= "&email=".urlencode($_POST['user']);
//...concat all needed param here
echo " <p><a class='one' href=\"register.php".$param."\">Unesite drugo korisničko ime!</p>";
Then in your register.php script, just read the $_GET['...'] values to populate your form. don't forget to urldecode() them.
Note: For obvious security reasons, DO NOT pass the password in the GET parameters (nor store it in a $_SESSION variable).