How do I get this cookies code to display properly? Both in Google Chrome and Firefox I get a dropdown suggestion from the browser. I would like to only have my own php "setcookie" to display.
PHP:
index.php:
<form action="index.php" method="POST">
<div class="row">
<div class="form-group">
<input type="email" class="form-control fill-bar" name="email" aria-describedby="emailHelp" placeholder="Email"
value="<?php
if(isset($_COOKIE["username"])) {
if(isset($_POST["email"])) {
echo($_POST["email"]);
}
} ?>" required>
</div>
<div class="form-group">
<input type="password" class="form-control fill-bar" id="passwd" name="password" placeholder="Password" value="<?php if(isset($_COOKIE["password"])) { echo $_COOKIE["password"]; } ?>" required>
</div>
<p><input type="checkbox" name="remember" class="mr-1">Remember Me</p>
Forgot your password?
<br><br><br>
<input type="submit" class="btn d-inline btn-primary register_button mr-3 w-100" id="login" name="login" value="Login">
<p class="text-center mt-3">No account yet? Register Here</p>
<br>
</div>
</div> <!-- end row -->
</form>
page-2.php: (inside if isset login button clicked)
if(!empty($_POST["remember"])) {
setcookie ("email",$_POST["email"],time()+ 3600);
setcookie ("password",$_POST["password"],time()+ 3600);
echo "Cookies Set Successfuly";
} else {
setcookie("email","");
setcookie("password","");
echo "Cookies Not Set";
}
Instead of my "setcookie", both Google and Firefox displayes these, I would like to have them not appear.
In your form, add the autocomplete attribute to your inputs and set it to off, like the following:
<form action="index.php" method="POST">
...
<div class="form-group">
<input type="password" class="form-control fill-bar" id="passwd" name="password" placeholder="Password" value="<?php if(isset($_COOKIE["password"])) { echo $_COOKIE["password"]; } ?>" autocomplete="off" required>
</div>
...
</form>
That should be enough to prevent autocomplete. However, browsers are not required to follow that attribute. You can check which browsers currently comply with the autocomplete attribute here. In the case of a browser not respecting the autocomplete attribute, you could try using methods to mangle the input names (such as jQuery plugins or by using PHP to generate random names and store those names in the user's session, and verify the form versus the session on submit).
Related
I'm trying to bypass the .htaccess default username and password form with a customised form of my own.
I still want all passwords to be authenticated as .htpasswd file does.
My protected directory is members folder. I'm new to PHP so still trying to get my head around it.
I have checked some similar posts on this site and can't seem to get things working:
Replace Htaccess popup box with a html form?
How can I style a .htaccess password protection promp?
HTML:
<form action="<?=$PHP_SELF?>" method="post">
<div class="title">
<h2 class="section-title">Members Only Login</h2>
</div>
<div class="card_container">
<label for="user"><strong>Username</strong></label>
<input type="text" placeholder="Enter Username" name="user" required="">
<label for="pass"><strong>Password</strong></label>
<input type="password" placeholder="Enter Password" name="pass" required="">
<button type="submit">Login</button>
<label>
<input type="checkbox" checked="checked" name="remember"> Remember me
</label>
</div>
<div class="card_container" style="background-color:#f1f1f1">
<button type="button" class="cancelbtn">Cancel</button>
<span class="pass">Forgot password?</span>
</div>
</form>
PHP:
<?php
if (isset($_POST['done']))
{
$url = "ajayswebdesign.com.au/dromanaprobusclub/members/";
$site = "https://".$_)POST['user'].":".$_POST['pass']."#".$url;
header("Location: $site:);
}
?>
What i am trying to do is:
post a form when user is logged in.
but if he is not logged in then pop up login is shown to user.
and in that popup redirection URL is added to hidden field.
when popup opens and i login it redirect me to that form.
But when i try to submit form it not being submitted.
// submit button in form
$('#submitcompanyEnquiry').on('click',function(e){
e.preventDefault();
//get data attr to check if user is login
if($('#companyEnquiry').data('login')){
//companyEnquiry =>form id
//here i try to submit form
console.log('testing'); --->it is working
jQuery('#companyEnquiry').submit(); ---> //the problem is here this piece of code is executing
}else{
if($('#companyEnquiry').attr('action')!=''){
//here i added the current url to hidden field latter to used for redirection
$('#loginForm #redirectUrl').val($('#companyEnquiry').data('seotitle'));
}
//here the login popup is trigger.
jQuery("#login").trigger('click');
}
});
Things that I confirmed:
ensure that there is unique id with the
name provided.
console some value in the if block which was
running but the line of code i have mention.
PHP part is working fine i have removed the e.preventDefault();
it is works fine but doesn't achieve the require functionality.
HTML Code
<form action="<?=Route::url('default',array('controller'=>'contact','action'=>'user_contact'))?>" data-login="<?php echo $data; ?>" data-seotitle="<?=Route::url('company', array('controller'=>'listing','seotitle'=>$company_seotitle))?>" id="companyEnquiry" method="post">
<input type="hidden" name="company_to" value="<?php echo $id; ?>">
<?php if (!$auth->logged_in()) { ?>
<div class="input-group searchbox">
<input type="text" class="form-control search" placeholder="Name" name="name" required aria-describedby="basic-addon1">
</div>
<?php }else { ?>
<div class="input-group searchbox">
<input type="text" class="form-control search" placeholder="Name" required value="<?php echo $auth->get_user()->company_name; ?>" name="name" aria-describedby="basic-addon1">
</div>
<?php } ?>
<?php if (!$auth->logged_in()) { ?>
<div class="input-group searchbox">
<input type="email" class="form-control search" placeholder="email" required name="company_from" aria-describedby="basic-addon1">
</div>
<?php }else { ?>
<div class="input-group searchbox">
<input type="email" class="form-control search" placeholder="email" required value="<?php echo $auth->get_user()->companyemail; ?>" name="company_from" aria-describedby="basic-addon1">
</div>
<?php } ?>
<?php if ($auth->logged_in()) { ?>
<div class="input-group searchbox">
<input type="text" class="form-control search" placeholder="phone number" required name="phone" value="<?php echo $auth->get_user()->company_phone_1; ?>" aria-describedby="basic-addon1">
</div>
<?php } else { ?>
<div class="input-group searchbox">
<input type="text" class="form-control search" placeholder="phone number" required name="phone" aria-describedby="basic-addon1">
</div>
<?php } ?>
<div class="input-group searchbox">
<input type="text" class="form-control search" placeholder="subject" required name="subject" aria-describedby="basic-addon1">
</div>
<div class="input-group searchbox">
<input type="text" class="form-control search" placeholder="message" required name="message" aria-describedby="basic-addon1">
</div>
<input data-login="<?php echo $data; ?>" id="submitcompanyEnquiry" type="submit" name="submit" value="SEND" class="form-control blue-btn send-btn">
</form>
The problem can only exist in the way you are adding the login variable to the form with the id : companyEnquiry
Check if you have add it as correct parameter because jquerys data function will only read values which have a "data-" tag infront of it.
So your php code should look like this :
echo '<form id="companyEnquiry" ' . ($login ? 'data-login="1"' : '' . '>
I am trying to submit a form using Ajax, the problem is the validation file I made is not called at all (I checked it by putting a bit of js alert inside the PHP validation file). I searched the internet and tried a lot of solutions but none worked. Is there something wrong I am making in my code?
Here is my HTML:
<form method="post" id="signup">
<div class="form-group">
<input type="fname" name="fname" id="fname" value="" class="form-control" placeholder="Your First name" />
</div>
<div class="form-group">
<input type="lname" name="lname" id="lname" value="" class="form-control" placeholder="Your Last name" />
</div>
<div class="form-group">
<input type="email" name="email" id="email" value="" class="form-control" placeholder="Your Email" />
</div>
<div class="form-group">
<input type="password" name="password" id="password" value="" class="form-control" placeholder="Your Password" />
</div>
<div class="form-group submit-btn">
<input id="signupsumbit" type="submit" name="submit" value="Sign Up" class="btn btn-success btn-lg"/>
</div>
</form>
And here is the ajax call:
$(function (){
$('#signup').on('submit', function (e) {
e.preventDefault();
$.ajax({
type: 'POST',
data: $('#signup').serialize(),
url: 'login.php',
success: function (data) {
alert("data is"+data);
}
});
});
});
Here is a bit of my PHP code:
include("connection.php");
echo "<script>alert(2)</script>";
if (isset($_GET['logout']) and $_GET['logout']==1 and isset($_COOKIE[id]))
{
setcookie("email", '', time()-60*60*24);
setcookie("password", '', time()-60*60*24);
setcookie("id", '', time()-60*60*24);
$message = "You have been logged out! Come back soon!";
}
if(mysqli_connect_error()) // if failed to connect to database
{
die("Could not connect to database"); //stop the whole script from runnning
}
if (isset($_POST['submit']) and $_POST['submit'] == 'Sign Up')
{
echo '<script>console.log(1)</script>'; //
$error = '';
$success = '';
// email validation
$email = $_POST['email'];
if (empty($_POST['email']))
{
$error .="<br />Please enter your email";
}
else
{
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
{
$error .="<br />Please enter a valid email address";
}
}
.
.
.
.
?>
And of course, the PHP file I made validation at is called login.php.
As you may notice, I put two alerts in my PHP code, I alerted 2 to make sure that the file is called, and alerted 1 to make sure that the form was posted. Odds are, when I submit the form the normal way (with no AJAX), both of alerts work, but when I submit it with AJAX, none of them is alerted.
My Console shows this:
Any help would be appreciated. Thanks.
Testing your script, i found that the submit button is not sent to your login.php script. If you e.preventDefault() and then later trigger the submit, javascript was submitting the form but not the button. To fix your issue create a hidden field with name submit and value Sign Up and remove the name attribute from your submit button (don't need that) and it should work fine.
<form method="post" id="signup">
<input type="hidden" name="submit" value="Sign Up"> <!-- note this hidden field -->
<div class="form-group">
<input type="fname" name="fname" id="fname" value="" class="form-control" placeholder="Your First name" />
</div>
<div class="form-group">
<input type="lname" name="lname" id="lname" value="" class="form-control" placeholder="Your Last name" />
</div>
<div class="form-group">
<input type="email" name="email" id="email" value="" class="form-control" placeholder="Your Email" />
</div>
<div class="form-group">
<input type="password" name="password" id="password" value="" class="form-control" placeholder="Your Password" />
</div>
<div class="form-group submit-btn">
<input id="signupsumbit" type="submit" value="Sign Up" class="btn btn-success btn-lg"/><!-- note the removed name attribute -->
</div>
</form>
I have a website with two form authentication in different pages, have different input name and link to different pages . The problem is that when I save my authentication to a browser (chrome) of a form , the browser fill in the fields with the same data in the other form . How is it possible?
First form
<form action="" method="POST" enctype="multipart/form-data">
<div class="form-group">
<label for="exampleInputEmail1">Email</label>
<input type="email" name="private_email" class="form-control" id="email1" value="" placeholder="Enter email" required>
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="password" class="form-control" name="private_password" value="" id="password1" placeholder="Password" required>
</div>
<input type="submit" name="login" class="btn btn-default" value="Login">
</form>
Second Form (It is a form of a cms)
<form action="http://escuolainsieme.it/shop/login" method="post" id="login_form" class="box">
<h3 class="page-subheading">Sei già registrato?</h3>
<div class="form_content clearfix">
<div class="form-group form-ok">
<label for="email">Indirizzo email</label>
<input class="is_required validate account_input form-control" data-validate="isEmail" type="text" id="email" name="email" value="">
</div>
<div class="form-group">
<label for="passwd">Password</label>
<span><input class="is_required validate account_input form-control" type="password" data-validate="isPasswd" id="passwd" name="passwd" value=""></span>
</div>
<p class="lost_password form-group">Hai dimenticato la password?</p>
<p class="submit">
<input type="hidden" class="hidden" name="back" value="my-account"> <button type="submit" id="SubmitLogin" name="SubmitLogin" class="button btn btn-default button-medium">
<span>
<i class="icon-lock left"></i>
Entra
</span>
</button>
</p>
</div>
</form>
Login.php
<?php session_start(); // Starting Session
$error = ''; // Variable To Store Error Message
if (isset($_POST['private_login'])) {
if (empty($_POST['private_email']) || empty($_POST['private_password'])) {
$error = "<div class='alert alert-danger'>Compila tutti i campi</div>";
} else {
$email = mysqli_real_escape_string(conn(), $_POST['private_email']);
$password = mysqli_real_escape_string(conn(), $_POST['private_password']);
$cls_utente = new utente();
if ($cls_utente->check_user($email, $password) == 1) {
$_SESSION['login_user'] = $email; // Initializing Session
$_SESSION['is_logged'] = true;
} else {
$error .= "<div class='alert alert-danger'>Email o password errati</div>";
}
}}?>
You can try using autocomplete="false" or autocomplete="off" to disable it, not sure if it will work but give it a try.
As far as i am concerned it's not possible to make the browser 'realize' that they are different forms and they should not be auto-filled with the same data.
Have a look at these 2 answers, answer1 answer2 for more information how browser detects the forms.
You must add another one column in your user table, example if you add type column the value set default super admin,moderator, user. Now you can check the login authentication with this column.If user-name and password and type is equal redirect to particular page.so you can redirect different page depends upon the user type..
I'm a newbie programmer trying to utilize Twitter Bootstrap to build out a concept. I'm using PHP and assigning actions within HTML tags to POST data and essentially take a user through the navigation. This has been pretty straightforward when using forms: i.e. here is a snippet that does work. For example, for this snippet of HTML:
<form action="?viewnotes" method="post">
<input type="hidden" name="id" value="<?php htmlout($note['id']); ?>">
</form>
It successfully triggers the following if statement in my index.php:
if (isset($_GET['viewnotes']))
However, I'm trying to do the same thing in my registration page, using a Twitter Bootstrap class for buttons. Here is the HTML:
<a class="btn btn-primary btn-large" action="?register">Sign Up Free!»</a></p>
The PHP code is:
if (isset($_GET['register']))
{
include 'register.html.php';
}
Clicking on the Sign Up button is not invoking the PHP code. If I hard code the URL it works, but then I have a similar issue on the register.html.php page. HTML on the register page has:
<form class="form-horizontal" action="?storeuser" method="post">
<fieldset>
<legend>It's quick and easy...</legend>
<div class="control-group">
<label class="control-label">First Name</label>
<div class="controls">
<input type="text" name="fname" class="input-xlarge" id="fname">
</div>
</div>
<div class="control-group">
<label class="control-label" name="lname">Last Name</label>
<div class="controls">
<input type="text" name="lname" class="input-xlarge" id="lname">
</div>
</div>
<div class="control-group">
<label class="control-label" name="email">Email Address</label>
<div class="controls">
<input type="text" name="email" class="input-xlarge" id="email">
</div>
</div>
<div class="control-group">
<label class="control-label" name="password">Password</label>
<div class="controls">
<input type="password" name="password" class="input-xlarge" id="password">
</div>
</div>
</fieldset>
<button type="submit" name="action" class="btn btn-primary btn-large">Complete Registration</button>
</form>
However, when clicking on the button, the index file does not trigger the following, which would store the fields into the DB.
if (isset($_GET['storeuser']))
If I hardcode the URL to register.html.php, then the resulting URL looks like localhost/register.html.php?storeuser instead of localhost/?storeuser. I'm not sure if that's affecting the behavior here.
Thank you for the help!
I think you're approaching this the wrong way, and it's not Twitter Bootstrap's fault.
Usually, you'd use POST, not GET, to handle user registrations. Your form would look like this:
<form action="register.php" method="post">
<!-- your form -->
<fieldset>
<input type="submit" name="register" value="Register" class="btn btn-primary" />
</fieldset>
</form>
You can then build register.php as follows:
<?php
if (isset($_POST['register'])) {
// handle user registration
}
// display form
?>
This will display the form when the user visits register.php, but will try and process the user registration first if the form's been POSTed.
try passing a value with your GET variable
<form action="?viewnotes=1" method="post">