I have a problem with the Hostgator DB server. first thing first, I am a new baby on this.
So, DB connects and I can log in but it doesn't allow me to save new user details and to pull out any info from DB. Everything works perfectly on localhost. So I realise that it's because of HostGator DB or $_SESSION. The code -
include 'connection.php';
session_start();
$id=$_SESSION['id'];
$query=mysqli_query($db,"SELECT * FROM users where user_id='$id'")or die(mysqli_error());
$row=mysqli_fetch_array($query);
And if I manually change $id to The No of user-id example-(1) everything works perfectly so I can save it and any changes appear on DB same as on a webpage. So seems it is not recognising Session id for the user who changes his user information.
The code -
include 'connection.php';
session_start();
$id=$_SESSION['id'];
$query=mysqli_query($db,"SELECT * FROM users where user_id='1'")or die(mysqli_error());
$row=mysqli_fetch_array($query);
Does anyone know what is the issue???
I don't care about security issues on the code. Just need to be able to run the PHP code on the HostGator host and DB.
The full code after I edited regarding suggestions -
<?php
session_start();
include('connection.php');
$id=$_SESSION['id'];
$query=mysqli_query($db,"SELECT * FROM users where user_id=$id");
$row=mysqli_fetch_array($query);
?>
<!DOCTYPE html>
<html lang="en-US">
<head>
<title>IT SourceCode</title>
<link rel="stylesheet" href="libs/css/bootstrap.min.css">
<link rel="stylesheet" href="libs/style.css">
<link rel="stylesheet" href="main.css">
<style>
img {
border-radius: 50%;
}
</style>
</head>
<h1>Profile</h1>
<div class="profile-input-field">
<form method="post" action="#" >
<div class="form-group">
<td> <img src="<?php echo 'images/' . $row['profile_image'] ?>" width="100%" height="100%" alt="" class="button" value="<?php echo $row['profile_image']; ?>"> </td>
</div>
<div class="button" value="<?php echo $row['full_name']; ?>">
<h1><?php echo $row['full_name']; ?></h1>
</div>
<div class="form-group">
Facebook Page
</div>
<div class="form-group">
Send Email
</div>
<center>
Edit Profile
</center>
<center>
Log out
</center>
</form>
</div>
</html>
Got in Error log - PHP Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, bool given on line 6
Related
This question already has answers here:
How to fix "Headers already sent" error in PHP
(11 answers)
Closed 5 years ago.
I've already looked at a ton of fixes for this I've tried deleting whitespace but there was none, I've tried using the ob_start(); function but to no avail. Whatever I do it gives me this error.
Warning: Cannot modify header information - headers already sent by
(output started at /home/gener105/public_html/header.php:37) in /home/gener105/public_html/includes/vault_post.inc.php on line 12
It says the output starts on the last line of my header.php file(Fig1) and it has a problem with me calling header(); in the function I need to use. This is because of me using the header(); function on line 12 in vault_post.inc.php(Fig2).
I'm just confused on why its doing this because theres no outputs before the the header is called.
FIG1 (header.php)
<?php
session_start();
include 'includes/dbh.php';
include 'includes/vault_post.inc.php';
date_default_timezone_set('America/New_York');
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="">
<meta name="author" content="">
<title>Generation Diary - Leave Them Something For Later</title>
<!-- Bootstrap Core CSS -->
<link href="lib/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<!-- Custom Fonts -->
<link href="lib/font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css">
<link href="https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic" rel="stylesheet" type="text/css">
<link href="https://fonts.googleapis.com/css?family=Cabin:700" rel="stylesheet" type="text/css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css">
<!-- Theme CSS -->
<link href="css/grayscale.min.css" rel="stylesheet">
<!-- Temporary navbar container fix until Bootstrap 4 is patched -->
<style>
.navbar-toggler {
z-index: 1;
}
#media (max-width: 576px) {
nav > .container {
width: 100%;
}
}
</style>
</head>
FIG2 (vault_post.inc.php) The first function thats needed in the file
<?php
function setVaultPosts($conn) {
if (isset($_POST['vault_sub'])) {
$uid = $_POST['uid'];
$date = $_POST['date'];
$content = $_POST['content'];
$sql = "INSERT INTO vaults (uid, date0, content) VALUES ('$uid', '$date', '$content')";
$result = mysqli_query($conn, $sql);
header("Location: http://www.generationdiary.com/user_vault.php?success");
}
}
FORM THAT NEEDS THE FUNCTION
<?php include('header.php'); ?>
<div class="container" id="vault_main">
<div class="row row-offcanvas row-offcanvas-right">
<div class="col-12 col-md-9">
<p class="float-right hidden-md-up">
<button type="button" class="btn btn-primary btn-sm" data-toggle="offcanvas">Toggle nav</button>
</p>
<div class="jumbotron">
<h1 class="text-center">
<?php
if (isset($_SESSION['username'])) {
echo $_SESSION['firstname'] . " " . $_SESSION['lastname'] . "'s";
} else {
echo "You are not logged in";
}
?>
</h1>
<h2 class="text-center">Vault</h2> </div>
<?php
if (isset($_SESSION['username'])) {
echo "
<form action='".setVaultPosts($conn)."' method='POST'>
<input type='hidden' name='uid' value='".$_SESSION['username']."'>
<input type='hidden' name='date' value='".date(' Y-m-d ')."'>
<textarea class='ckeditor' name='content'></textarea>
<br>
<button class='btn btn-default btn-lg' type='submit' name='vault_sub'>Submit</button>
";
getVaultPosts($conn);
} else {
echo "log in";
}
?>
</div>
<div class="col-6 col-md-3 sidebar-offcanvas" id="sidebar">
<div class="fixed">
<div class="list-group"> Vault Recipient Settings Account Settings Log Out </div>
</div>
</div>
</div>
</div>
<?php include('footer.php'); ?>
This is entirely obvious. And your code is entirely flawed and this is probably because you are using HTML form submission for the first time.
Your header.php includes HTML text which is sent out immediately. So you want to call your Header() function, you need to make sure nothing is sent out before hand. You are having your session_start() on the first line of your code, this is correct and you need to make sure that this function is the first line of code in any PHP script processing that is using it. You need to be careful that no header info is sent before this function is called.
HTMl form's action attribute is the url path, not the PHP function.
<form action='form_process.php'>. You set the path here the same way you set link's href (relative or absolute path). Your form_process.php will then receive a $_POST global variable for you to handle your form data received. http://php.net/manual/en/reserved.variables.post.php
I have some code which attempts to check whether a user is an admin or customer to login, and then there's one problem I can't solved it. When I use the customer user's account to login, for example using redhood as my customer's username to access the customer login page. But when I use the admin user's account to login, for example using wolfpack as my admin's username, it redirect me to the customer login page instead of the admin login page. But I don't know which php code I need to change. Can anyone solve this problem? Thanks!
MySql Database:
Signin.html
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="css/signin/signin_desktop.css">
<link rel="stylesheet" type="text/css" href="css/signin/signin_tablet.css" media="screen and (max-width:768px)">
<link rel="stylesheet" type="text/css" href="css/signin/signin_mobile.css" media="screen and (max-width:480px)">
</head>
<body>
<div id="wrapper">
<header>
<nav id="mainMenu">
<img src="logo/logo.png" id="logo">
<ul>
<li>Home</li>
<li>About</li>
<li>Booking Rates</li>
<li>Recreation</li>
</ul>
</nav>
</header>
<section id="banner">
<div id="ritu" class="shadow">
<img src="images/content_pure.jpg">
<img src="images/Sports-Hub-Gym.jpg">
<img src="images/gym.jpg">
<img src="images/ClubFitt2jpg.jpg">
</div>
</section>
<section id="content">
<div id="sign">
<div class="user">
<h2>Existing User</h2>
<form action="checkuser.php" method="post">
<p style="color:white;">Username:</p>
<input type="text" name="uname" size="25" maxlength="20" placeholder="Please enter your username" required><br><br>
<p style="color:white;">Password:</p>
<input type="password" name="pword" size="25" maxlength="20" placeholder="Please enter your password" pattern=".{6,}" required><br><br>
<input type="submit" name="loginbtn" value="">
</form>
<?php
if(isset($_GET['uname']) && isset($_GET['pword']))
{
echo "<script>alert('Invalid Username and Password.')</script>";
}
?>
</div>
<div class="user">
<h2>New User</h2>
<img id="create" src="button/CREATE%20ACCOUNT.png">
<p style="color:white;">Ads:</p>
<div id="ads">
<div class="row">
<div class="image">
<img id="minilogo" src="logo/logo.png">
<div id="advt">
Download Now
</div>
</div>
<div class="image">
<img id="apps" src="images/myActiveSG%20APP.jpg">
</div>
</div>
</div>
</div>
</div>
</section>
<footer>
<p>© Copyright 2016 SportLab. All Rights Reserved.</p>
<nav id="submenu">
<ul>
<li>Sitemap | </li>
<li> Contact |</li>
<li>Term of Use </li>
<li>| Privacy </li>
</ul>
</nav>
</footer>
</div>
</body>
</html>
PHP
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Check Login</title>
</head>
<body>
<?php
if(isset($_POST["loginbtn"]))
{
$u=$_POST['uname'];
$p=$_POST['pword'];
$conn=mysqli_connect("localhost", "root", "" , "M3_156020K_Syahri_SportFacility");
$sql = "SELECT * FROM create_user WHERE username='" .$u. "' AND password='" .$p. "' ";
$search_result=mysqli_query($conn, $sql);
$userfound=mysqli_num_rows($search_result);
if($userfound >= 1)
{
session_start();
$_SESSION['MM_Username']= $u;
$row=mysql_fetch_assoc($search_result);
if($row['role'] == 1)
{
header("Location: login_admin.html");
}
else
{
header("Location: login_cust.html");
}
}
else
{
header("Location: signin.html?uname=" . $u . "&pword=" . $p);
}
mysqli_close($conn);
}
?>
At a quick glance, one of the things you should correct, is to not send output until AFTER you have finished working with the session. Also, as Rafael mentioned, you are checking if the field equals 1, and not the actual value in the field.
For example, moving the html block to after your conditions like so ( Updated this example to use prepared statements ) :
<?php
if(isset($_POST["loginbtn"])) {
$u=$_POST['uname'];
$p=$_POST['pword'];
$conn=new mysqli("localhost", "root", "" , "M3_156020K_Syahri_SportFacility");
$sql = "SELECT `role` FROM create_user WHERE username=? AND password=?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('ss', $u, $p);
$stmt->execute();
$stmt->bind_result($role);
$stmt->close();
$conn->close();
if($role) {
session_start();
$_SESSION['MM_Username']= $u;
if($role == 'Admin') {
header("Location: login_admin.html");
} else {
header("Location: login_cust.html");
}
} else {
header("Location: signin.html?uname=" . $u . "&pword=" . $p);
}
mysqli_close($conn);
}
?><!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Check Login</title>
</head>
<body>
At the end of the day, I would seriously reconsider writing your own login system from scratch especially given the apparent lack of attention to obvious security holes. I would recommend a package out of the box such as otp-thing or if you must write the whole portal yourself, something like Laravel/etc.
Aside from the security issues in the code others have stated, to answer your question...your condition is wrong:
if($row['role'] == 1) should be changed to if ($row['role'] == "Admin")
In your case the role is never 1 and therefore will always hit the else condition sending them to login_cust.html.
Your database roles are only User and Admin. Change the condition.
First time posting here (so please be gentle, as I am a relative PHP newbie).
I am building an intranet for our company and one of the things I need to do is to create a form that lists all outstanding sales orders (pulled from our accounting database) and provides a "submit" button beside each one to create the relevant work order.
Here is the code:
<div class="report_column">
<div class="report_header">
<div class="report_column_title" style="width:150px;margin-left:5px">ship date</div>
<div class="report_column_title" style="width:200px">customer</div>
<div class="report_column_title" style="width:140px;text-align:right">item</div>
<div class="report_column_title" style="width:120px;text-align:right">quantity</div>
</div>
<?php
// Open connection
include 'includes/dbconnect.php';
// Perform query
$result = mysqli_query($con,"SELECT * FROM tSalOrdr ORDER BY dtShipDate ASC");
// Retrieve results
while($row = mysqli_fetch_array($result)) {
$order = $row['lId'];
if ($row['bCleared'] == 0) {
$shipdate = substr($row['dtShipDate'], 0,10);
$customer = $row['sName'];
$po = $row['sComment'];
echo '<div class="report_item" style="width:750px";>';
echo '<form class="form" action="index.php?page=form&item=create_work_order" method="POST">';
echo '<div class="report_item_date" style="width:120px">'.$shipdate.'</div>';
echo '<div class="report_item_name" style="width:530px">'.$customer;
echo '<input type="hidden" name="po" value="'.$po.'" />';
echo '<input type="submit" class="submit" style="height: 25px;width:100px;margin:0px;padding:0px;margin:0px" value="work order"/>';
echo '</div>';
$result2 = mysqli_query($con,"SELECT * FROM tSOLine WHERE lSOId=$order ORDER BY sDesc ASC");
while($row = mysqli_fetch_array($result2)) {
if ($row['dRemaining'] <> 0) {
echo '<div class="report_item_details">';
echo '<div class="report_item_item">'.$row['sDesc'].'</div>';
echo '<div class="report_item_quantity">'.$row['dRemaining'].'</div>';
echo '</div>';
}
}
echo '</form>';
echo '</div>';
}
}
// Close connection
mysqli_close($con);
?>
</div>
What happens when I do this is that the first "submit" button will, for some reason, send me back to "index.php". The other buttons will load the correct page, however, they do not POST the required value.
Is there something I am doing wrong or is this something that needs different methodology than what I am currently using? My research on this seems to indicate that perhaps I should use javascript or an array to deal with this, but, having never dealt with either, I am not sure how to proceed. Any pointers would be appreciated.
Thanks.
#maniteja: The index.php is as follows:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="language" content="en" />
<title></title>
<link href="css/main.css" rel="stylesheet" type="text/css" />
<link href="css/forms.css" rel="stylesheet" type="text/css" />
<link rel="icon" type="image/ico" href="favicon.ico" />
<script type="text/javascript" src="scripts/jquery-2.1.0.min.js" ></script>
<script type="text/javascript" src="scripts/tabcontent.js" ></script>
</head>
<body>
<!-- BEGIN MAIN CONTENT -->
<div id="wrapper">
<!-- BEGIN HEADER -->
<div id="header">
<img src="images/logo.jpg">
</div>
<!-- END HEADER -->
<!-- BEGIN MAIN MENU -->
<div id="leftcolumn">
<?php include 'includes/menu.php'; ?>
</div>
<!-- END MAIN MENU -->
<!-- BEGIN CONTENT FRAME -->
<div id="rightcolumn">
<div id="content_area">
<?php
if (isset($_GET['page']))
{$page = $_GET['page'];
include('pages/' . $page . '.php');}
else {include('pages/home.php');}
?>
</div>
</div>
<!-- END MAIN CONTENT -->
</body>
</html>
I've made seventeen other forms with it, so I don't think that it is the problem. I'm hoping that this is just a typo or a logic error on my part.
u can use
<button type='submit' class='' name='' onclick=''>Submit</button>
Try to do onclick. See my example below.
input type="button" name="submit" onclick='location.href="index.php?id=$id"'
AS far as I understand, you are making your forms go to index.php:
echo '<form class="form" action="index.php?page=form&item=create_work_order" method="POST">';
Can you explain what is your expected behavior when a button is pushed?
I'm trying to develop a login system in PHP which has faculty_login.php which displays faculty_login_option.inc.php which has a login form and if $_SESSION['f_id'] is set it redirects to faculty_upload_option.php. where faculty details are fetched from faculty_table using $f_id = $_SESSION['f_id'] as the primary key.but $_SESSION['f_id'] is always returning 1 and user is logging in as the user whose f_id is 1.
<?php
//faculty login page.faculty_login.php
//if logged in show upload option/show login option.
require_once 'resources/core.inc.php';//session is set here
require_once 'resources/connect.inc.php';//init db connection
if(isset($_SESSION['f_id'])&&!empty($_SESSION['f_id'])){
require_once 'faculty_upload_option.inc.php';
}
else{
require_once 'faculty_login_option.inc.php';
}
?>
<?php
/* faculty_login_db.php
* Check if the faculty can login or the credentials are wrong.
*/
require_once 'resources/core.inc.php';
require_once 'resources/connect.inc.php';
if(isset($_POST['f_username'])&&isset($_POST['f_password'])){
if(!empty($_POST['f_username'])&&!empty($_POST['f_password'])){
$username = stripcslashes($_POST['f_username']);
$password = stripcslashes($_POST['f_password']);
$result = $conn->prepare("SELECT f_id FROM faculty_table WHERE f_username= :hjhjhjh AND f_password= :asas");
$result->bindParam(':hjhjhjh', $username);
$result->bindParam(':asas', $password);
$result->execute();
$rows = $result->fetch(PDO::FETCH_NUM);
if($result->rowCount() == 1) {
$_SESSION['f_id'] = $rows ;
$_SESSION['f_username'] = $username;
header('Location:faculty_login.php');
}
else{
header('Location:faculty_login.php?username='.$username);
}
}
else{
header('Location:faculty_login.php');
}
}
else{
header('Location:faculty_login.php');
}
?>
<?php
/* faculty_login_option.php
* faculty login page. check if user exists/ use faculty_login_db.php
*/
?>
<!DOCTYPE html>
<!--
To change this license header, choose License Headers in Project Properties.
To change this template file, choose Tools | Templates
and open the template in the editor.
-->
<html>
<head>
<title>Home</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0 , maximum-scale=1">
<link rel="stylesheet" href="resources/loginstyle.css">
</head>
<body>
<?php
//<img alt="full screen background image" src="images/orange.jpg" id="full-screen-background-image" />
?>
<div id="back">Home</div>
<div id="header">
<h3>FACULTY LOGIN</h3><br>
</div>
<hr>
<div id="container">
<center>
<form action="faculty_login_db.php" method="post">
<input type="text" onFocus="if(this.value=='Username'){this.value=''}" name="f_username" class="buttons" value="<?php
if(isset($_GET['username']))
{
echo $_GET['username'];
}else{echo 'Username';}
?>"><br>
<input type="password" onFocus="if(this.value=='Password'){this.value='';}" name="f_password" class="buttons" value="Password"><br>
<input type="submit" value="Login" class="lbutton">
</form>
</center>
<?php
if(isset($_GET['username'])){
?>
<div id="errormsg">Username or password is invalid.</div>
<?php
}
?>
</body>
<?php
/* this is faculty_upload_option.inc.php
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
require_once 'resources/core.inc.php';
require_once 'resources/connect.inc.php';
if(isset($_SESSION['f_id'])&&isset($_SESSION['f_username'])&&!empty($_SESSION['f_id'])){
$f_id=trim(isset($_SESSION['f_id']));
if(!empty($f_id)){
$result = $conn->prepare("SELECT * FROM faculty_table WHERE f_id=:id");
$result->bindparam(':id', $f_id);
$result->execute();
$rows = $result->fetchAll();
foreach($rows as $db_rows){
$f_username = $db_rows['f_username'];
$category = $db_rows['category'];
$branch = $db_rows['branch'];
}
//page which should be displayed if user logs in.?>
<html>
<head><title><?php echo $f_username; ?></title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0 , maximum-scale=1">
<link href='http://fonts.googleapis.com/css?family=Indie+Flower|Yanone+Kaffeesatz' rel='stylesheet' type='text/css'>
<link rel="stylesheet" href="resources/upload_style.css">
</head>
<body><div id="parent">
<div id="header">
<img src="images/no-profile-image.png" width="30%" id="noimg">
<span id="addfont"><h1><?php echo $f_username;?></h1></span>
<h2><?php echo $category;?></h2>
<p><?php echo $branch;?></p>
<center><div class="buttons" id="left">Home</div><div class="buttons" id="right">Logout</div></center>
</div>
Are you destroying session correctly on logout? Are you setting session id before hitting the condition somewhere? What is the value before hitting the comparion condition?
For some reason my html stops recognizing the code for php after the first and second >, at the point marked with the comment code stops here.
The meaning for this that I need to get a picture from the database and then show it on the website as a header. I am very new to PHP and HTML. I am using phpmyadmin and sublimetext. the database is called stickerdome with the table images. in images there are 3 columns: id, name, link.
This is my code:
<head>
<?php
//Database Connect
$connect = mysql_connect("localhost","root","");
//Database Select
$db = mysql_select_db("stickerdome",$connect);
?>
<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
<title> StickerDome </title>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div id="banner">
<?php
//Query
$query1 = mysql_query("SELECT * FROM images WHERE id = 1");
$num = mysql_num_rows($query1);
if ($num > 0) // code stops here right after the >
{
while ($output1 = mysql_fetch_assoc($query1))
{
$src = $output1['link'];
echo "<img src='".$src."' alt='Image1'>"; //code stops here right after the > for the second time
}
}
else
{
echo "No picture found.";
}
?>
</div>
This is the file in total:
<!DOCTYPE html>
<html>
<head>
<?php
//Database Connect
$connect = mysql_connect("localhost","root","");
//Database Select
$db = mysql_select_db("stickerdome",$connect);
?>
<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
<title> StickerDome </title>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div id="banner">
<?php
//Query
$query1 = mysql_query("SELECT * FROM images WHERE id = 1");
$num = mysql_num_rows($query1);
if ($num IS NOT NULL)
{
while ($output1 = mysql_fetch_assoc($query1))
{
$src = $output1['link'];
echo "<img src='".$src."' alt='Image1'>";
}
}
else
{
echo "No picture found.";
}
?>
</div>
<div id="navigation">
<ul>
<li>
<a class="first" href="index.html">StickerDome</a>
</li>
<li>
<a class="second" href="samplepack.html">Sample Pack</a>
</li>
<li>
<a class="second" href="contact.html">Contact</a>
</li>
</ul>
</div>
<div id="pagename"><img src="Stickedomepagename.png"></div>
<div id="text">
<h1>Welcome to Stickerdome</h1>
<p class="text">Stickerdome is a website that gives you the best stickers you could ever imagine. It gives you <br>
- the best quality for every sticker <br>
- the best endurance that is usable outside <br>
- the biggest assortment <br>
<br>
For several years stickers started to became more popular. Everyone starting loving stickers. You can place them almost everywhere imaginable. But there is still one thing that nobody had and that is their own stickers. Yes, your own stickers! You can design your own stickers, send them to us, and we make sure that your stickers will be on your doormat within 5 days! Every design is possible, from round to square to with a border or without. You say it we make it!
</p>
</div>
</body>
<footer>
<p class="footer"> Stickerdome 2014 | Netherlands</p>
</footer>
</html>
you could try a different method or debug your sql.
Since i see your dutch im providing you with a link to a tutorial which greatly helped me the first time i worked with sql. maybe if you follow it you can fix your problem.
http://www.phphulp.nl/php/tutorial/overig/pdo-verbinden-met-verschillende-databases/534/inleiding/1364/