I have two pages which are (sigin.php , validateIn.php)
the form the is submitted by the user in the 'signin' page, then gets validated in the 'validateIn' page.
The problem is that the server doesn't redirect me to the 'validateIn' page and it just reloads the current page 'signin'.
I have included the action attribute in the form tag.
I have tried using the header('Location:***.php) function
none of these worked for me.
I have included a number of "echo" statements to know the path of the compiler.
Signin.php
<form action="validateIn.php" method="POST">
<strong> <label> Student Number: </strong>
<input id="studentNumber" type="text" name="studentNumber"
value="<?php echo isset($_POST['studentNumber']) ? $_POST['studentNumber'] : '' ?>">
</label> <br>
<strong> <label> Password: </strong>
<input id="pass" type="password" name="pass">
</label> <br>
<input id="signin" type="submit" name="signin" value="Sign In" >
</form>
vaildateIn.php
<?php
if (isset($_POST['signin'])) { //if 1
echo "if number 1 <br>";
if(!empty($_POST['studentNumber']) && !empty($_POST['pass']) ){ //if 2
echo "if number 2";
$number = mysqli_real_escape_string($_POST['studentNumber']);
$pass = mysqli_real_escape_string(md5($_POST['pass']));
$sql = "SELECT * FROM students WHERE student_number=$number AND password=$pass";
$result = mysqli_query($$conn, $sql);
if (mysqli_num_rows($result) == 1) { //if 3
echo "if number 3";
header('Location:home.php');
} else { //else 1
echo "else number 1";
header('Location:signin.php');
}
}
}
else{
echo "else number 2";
}
To add the hashed version of the user's password to the database, semi-pseudo code might be:
<form method='post'>
<label>username:<input type='text' name='username' /></label>
<label>studentNumber:<input type='text' name='studentNumber' /></label>
<label>password:<input type='password' name='pass' /></label>
<input type='submit' />
</form>
<?php
if( $_SERVER['REQUEST_METHOD']=='POST' ){
$args=array(
'studentNumber' => FILTER_SANITIZE_STRING,
'username' => FILTER_SANITIZE_STRING,
'pass' => FILTER_SANITIZE_STRING
);
$_POST=filter_input_array( INPUT_POST, $args );
extract( $_POST );
$pwdhash=password_hash( $pass, PASSWORD_DEFAULT );
$sql='insert into `student` set `username`=? `student_number`=?, `password`=?';
$stmt=$db->prepare( $sql );
$stmt->bind_param('sss', $username, $studentNumber, $pwdhash );
$stmt->execute();
}
?>
If you were to assume that passwords had been stored in the database as correctly formed hashes using password_hash then the approach you would use to verify the user credentials could be like this:
<form action="validateIn.php" method="POST">
<label>
<strong>Student Number: </strong>
<input type="text" name="studentNumber" value="<?php echo isset( $_POST['studentNumber'] ) ? $_POST['studentNumber'] : '' ?>" />
</label>
<br />
<label>
<strong>Password:</strong>
<input type="password" name="pass" />
</label>
<br />
<input type="submit" value="Sign In" />
</form>
if( $_SERVER['REQUEST_METHOD']=='POST' ){
$args=array(
'studentNumber' => FILTER_SANITIZE_STRING,
'pass' => FILTER_SANITIZE_STRING
);
$_POST=filter_input_array( INPUT_POST, $args );
extract( $_POST );
if( isset( $studentNumber, $pass ) ){
$sql='select `password` from `student` where `student_number`=?';
$stmt=$db->prepare( $sql );
$stmt->bind_param( 's', $studentNumber );
$res=$stmt->execute();
if( $res ){
$stmt->store_result();
$stmt->bind_result( $pwdhash );
$stmt->fetch();
$stmt->free_result();
$stmt->close();
if( $pwdhash == password_verify( $pass, $pwdhash ) ){
/* ok - redirect accordingly */
}else{
/* bogus - */
}
}
}
}
With regards to the logic used in your form and validateIn.php script - this appears to work fine for me ( removed all the db calls though ) - hope this all proves of some help but I will say that you are wrong to assume that security is not important in your project as it is just a school exercise.... never too early to adopt best practise '-)
<?php
if( $_SERVER['REQUEST_METHOD']=='POST' ){
/* POST to same page to emulate posting to validateIn.php */
if( isset( $_POST['signin'] ) ) {
echo "if number 1 <br>";
if( isset( $_POST['studentNumber'], $_POST['pass'] ) && !empty( $_POST['studentNumber'] ) && !empty( $_POST['pass'] ) ){
echo "if number 2";
} else {
echo 'Bogus - empty or missing fields';
}
} else{
echo "else number 2";
}
}
?>
<!DOCTYPE html>
<html lang='en'>
<head>
<meta charset='utf-8' />
<title></title>
</head>
<body>
<form method="POST">
<label>
<strong>Student Number: </strong>
<input type="text" name="studentNumber" value="<?php echo isset( $_POST['studentNumber'] ) ? $_POST['studentNumber'] : '' ?>" />
</label>
<br />
<label>
<strong>Password:</strong>
<input type="password" name="pass" />
</label>
<br />
<input type="submit" name='signin' value="Sign In" />
</form>
</body>
</html>
Related
I am new in PhP. i am trying to use if/else statement to request for (include 'user_index_Big_Data.php';) with different inputs.
when I run the code it will output all the .php forms. but i just want it to output just one form.
<html>
<head>
<LINK href="style.css" rel="stylesheet" type="text/css">
<title>Login</title>
</head>
<body>
<form action="" method="post">
<h1>Enter Key word to search</h1>
<p>Search <input type="text" name="username" placeholder='e.g. big data, Big Data'></p>
<p><input type="submit" name="submit" value="Search"></p>
</form>
</body>
</html>
<?php
$user = ("Big Data" || "big data" or "Big data" or "BIG DATA" or "big data analytics" or "BIG DATA ANALYTICS"
or "big data analysis");
$user1 = ("machine learning" || "MACHINE LEARNING" or "Machine Learning" or "Machine learning");
$user2 = ("Data center" || "Efficient Energy" or "Renewal Energy" or "Multi-Agents");
//$pass = "itsme";
if(isset($_POST["submit"])) {
if($_POST["username"] == $user )
include 'user_index_Big_Data.php';}
if(isset($_POST["submit"])) {
if($_POST["username"] == $user1 )
include 'user_index_machine_Learning.php';
}
if(isset($_POST["submit"])) {
if($_POST["username"] == $user3 )
include 'Energy.php';
}
else {
echo "Incorrect Key Word";
}
?>
please i want the code to output just one form. but it outputs all the forms. it echos all the results of the forms.
If you add the various key-words to arrays you can test for a match using in_array ~ though there is no need to include all possible uppercase/lowercase variants, just cast supplied user data to lowercase etc
<html>
<head>
<link href='style.css' rel='stylesheet' />
<title>Login</title>
</head>
<body>
<?php
if( $_SERVER['REQUEST_METHOD']=='POST' && !empty( $_POST['type'] ) ){
/* Process secondary form submission - do whatever needs to be done with secondary forms */
ob_clean();
$_POST['time']=time();
exit( json_encode( $_POST ) );
}
if( $_SERVER['REQUEST_METHOD']=='POST' && isset( $_POST['submit'], $_POST['username'] ) ){
/* Process primary form to select secondary form */
$file=false;
$user=array('big data','big data analytics');
$user1=array('machine learning');
$user2=array('data center','efficient energy','renewal energy','multi-agents');
$username=trim( strtolower( urldecode( $_POST['username'] ) ) );
if( in_array( $username, $user ) )$file='user_index_Big_Data.php';
if( in_array( $username, $user1 ) )$file='user_index_machine_Learning.php';
if( in_array( $username, $user2 ) )$file='Energy.php';
if( $file ){
if( file_exists( $file ) )require $file;
else printf( 'Unable to find file: "%s" to suit username "%s"', $file, $_POST['username'] );
} else {
printf( 'Incorrect Key Word: "%s"', $_POST['username'] );
}
}
?>
<form method='post'>
<h1>Enter Key word to search</h1>
<p>Search <input type='text' name='username' placeholder='e.g. big data, Big Data'></p>
<p><input type='submit' name='submit' value='Search'></p>
</form>
</body>
</html>
The other, secondarary, forms:
<?php
/* Big Data : user_index_Big_Data.php */
?>
<form name='big-data' method='post'>
<input type='text' name='type' value='big data' />
<input type='submit' />
</form>
<?php
/* machine learning : user_index_machine_Learning.php */
?>
<form name='machine-learning' method='post'>
<input type='text' name='type' value='machine learning' />
<input type='submit' />
</form>
<?php
/* Energy : energy.php */
?>
<form name='energy' method='post'>
<input type='text' name='type' value='Energy' />
<input type='submit' />
</form>
I am testing a SESSION where the three prior pages prints to the last page. But I'm have trouble getting it to work. Everything goes well until the last page. Here is the code:
<?php
session_start();
if (isset($_POST['submit'])) {
$_SESSION['name'] = $_POST ['name'];
$_SESSION['email'] = $_POST ['email'];
$_SESSION['age'] = $_POST ['age'];
echo $_SESSION['name'];
echo $_SESSION['email'];
echo $_SESSION['age'];
}
?>
I'm getting a blank or a index error for the session variable. Can anyone help with the correct way to print user inputted session data?
These are the 1st, 2nd and 3rd pages:
<html>
<head>
<title>phpsession</title>
</head>
<body>
<form method="POST" action="test_2_page_1.php">
<input type="text" name="name" placeholder="enter name"></input>
<input type="submit"> next</input>
</form>
<?php
//Set session variables
if (isset($_POST['submit'])) {
$_SESSION['name'] = $_POST ['name'];
}
?>
</body>
</html>
<?php
session_start();
if (isset($_POST['submit'])) {
$_SESSION['name'] = $_POST ['name'];
$_SESSION['email'] = $_POST ['email'];
}
?>
<html>
<head>
<title>phpsession</title>
</head>
<body>
<form method="POST" action="test_2_page_2.php">
<input type="text" name="email" placeholder="enter email"></input>
<input type="submit"> next</input>
</form>
<?php
// Set session variables
?>
</body>
</html>
<?php
session_start();
if (isset($_POST['submit'])) {
$_SESSION['name'] = $_POST ['name'];
$_SESSION['email'] = $_POST ['email'];
$_SESSION['age'] = $_POST ['age'];
}
?>
<html>
<head>
<title>phpsession</title>
</head>
<body>
<form method="POST" action="post_test.php">
<input type="text" name="age" placeholder="enter age"></input>
<input type="submit"> next</input>
</form>
<?php
// Set session variables
?>
</body>
</html>
The input element is self-closing in that you do not need </input> - rather the tag is simply closed using />
To display Next as the submit button you would use the value attribute - ie: <input type='submit' value='Next' />
Once the session variable is assigned you do not need to keep trying to set it and will encounter errors if the variable is not available in the POST array - so use isset to test prior to creating a variable
<?php
session_start();
if ( isset( $_POST['submit'], $_POST['name'] ) ) {
$_SESSION['name'] = $_POST['name'];
}
?>
<html>
<head>
<title>phpsession</title>
</head>
<body>
<form method="POST" action="test_2_page_1.php">
<input type="text" name="name" placeholder="enter name" />
<input type="submit" name='submit' value='Next'>
</form>
</body>
</html>
<?php
session_start();
if ( isset( $_POST['submit'], $_POST['email'] ) ) {
$_SESSION['email'] = $_POST['email'];
}
?>
<html>
<head>
<title>phpsession</title>
</head>
<body>
<form method="POST" action="test_2_page_2.php">
<input type="text" name="email" placeholder="enter email" />
<input type="submit" name='submit' value='Next'>
</form>
</body>
</html>
<?php
session_start();
if( isset( $_POST['submit'],$_POST['age'] ) ) {
$_SESSION['age'] = $_POST['age'];
}
?>
<html>
<head>
<title>phpsession</title>
</head>
<body>
<form method="POST" action="post_test.php">
<input type="text" name="age" placeholder="enter age" />
<input type="submit" name='submit' value='Next'>
</form>
</body>
</html>
To further help you solve your issues I quickly put together a single page demo of getting and setting the session variables based upon form submissions.. hope it'll help
<?php
session_start();
#https://stackoverflow.com/questions/54194496/what-am-i-doing-wrong-with-this-phone-session-im-trying-to-print-to-screen/54194890?noredirect=1#comment95217192_54194890
if( !empty( $_GET['reset'] ) ){
unset( $_SESSION['name'] );
unset( $_SESSION['email'] );
unset( $_SESSION['age'] );
header( sprintf('Location: %s', $_SERVER['SCRIPT_NAME'] ) );
}
/*
as each form only submits two values ( submit being one ) we can
simply remove it from the POST array and use the remaining field/value
to generate the session variables using simple array techniques
The below could easily be replaced with pre-defined variables, such as:
if( isset( $_POST['name'] ) )$_SESSION['name']=$_POST['name']; etc
*/
if ( isset( $_POST['submit'] ) ) {
/* remove the submit button & value from the array */
unset( $_POST['submit'] );
/* there will now be one item, with index = 0 */
$keys=array_keys( $_POST );
$values=array_values( $_POST );
/* set the session variable */
$_SESSION[ $keys[0] ]=$values[0];
}
?>
<html>
<head>
<title>phpsession</title>
</head>
<body>
<form method='POST'>
<?php
if( empty( $_SESSION['name'] ) ){
echo "<input type='text' name='name' placeholder='enter name' />";
}
if( !empty( $_SESSION['name'] ) && empty( $_SESSION['email'] ) ){
echo "<input type='text' name='email' placeholder='enter email address' />";
}
if( !empty( $_SESSION['name'] ) && !empty( $_SESSION['email'] ) && empty( $_SESSION['age'] ) ){
echo "<input type='text' name='age' placeholder='enter your age' />";
}
if( empty( $_SESSION['age'] ) ){
echo "<input type='submit' name='submit' value='Next'>";
} else {
if( empty( $_POST['finish'] ) ) echo "<input type='submit' name='finish' value='Finish'>";
}
if( isset( $_POST['finish'] ) ){
/*
Once the user has completed each form, send them off to their final destination?
or do something else....
*/
printf(
'Do some interesting stuff now ....
<pre>%s</pre>Reset',
print_r( $_SESSION, true )
);
}
?>
</form>
</body>
</html>
You have no input element in your HTML with the name submit so the following part of your PHP code will always evaluate to false:
if (isset($_POST['submit'])) {
Change the submit button in your HTML to the following and the line above will evaluate to true when the form is posted:
<input name="submit" type="submit"> next</input>
sign_up page
<html>
<head>
<meta name="keywords" content="example, Javascript Form Validation, Sample registration form" />
</head>
<body>
<form name="registration" method="post" action= '<?php $_SERVER["PHP_SELF"] ?>'>
<label for="user">USERNAME</label>
<input name="user" type="text" id="username" placeholder="should not contain spaces" required><br><br>
<label for="email">EMAIL</label>
<input name="email" type="email" id="email" placeholder="eg: abc#xyz.com" required><br><br>
<label for="pass">PASSWORD</label>
<input name="pass" type="password" id="password" placeholder="atleat 8 characters" required><br><br>
<label for="conf_pass">CONFIRM PASSWORD</label>
<input name="conf_pass" type="password" id="conf_pass" placeholder="atleat 8 characters" required><br><br>
<label for="mobile">MOBILE NO</label>
<input name="mobile" type="number" id="mobile" placeholder="should contain 10 digits" required><br><br>
<label for="dob">DATE OF BIRTH</label>
<input name="dob" type="date" id="dob" required><br><br>
<input type="submit" name="signup" id="submit" value="Submit">
</form>
</body>
</html>
===============================================================================
<?php
$conn=new mysqli("localhost","khushank","sethi","emp");
if(!$conn){
echo "unable to connect".$conn->connect_error();
}
if($_SERVER['REQUEST_METHOD']=='POST') {
if(isset($_POST['signup'])){
$user=$_POST['user'];
$email=$_POST['email'];
$psw=$_POST['pass'];
$conf_psw=$_POST['conf_pass'];
$mob=(int)$_POST['mobile'];
$dob=$_POST['dob'];
if($psw!=$conf_psw){
echo"<script type='text/javascript'>".'alert(confirm password and password should be same");
</script>';
}
else{
$sel="SELECT userid FROM details WHERE userid='$user'";
$sql="INSERT INTO details(userid,email,pass,mobile,date_of_birth) VALUES(?,?,?,?,?)";
$res=$conn->query($sel);
if($res->num_rows!=0){
echo"<script type='text/javascript'>".'alert("username already exists");
</script>';
}
else{
$stmt=$conn->prepare($sql);
$stmt->bind_param('sssis', $user, $email, $pass, $mob, $dob);
if($stmt->execute()){
header('location:login.php');
}
$stmt->close();
}
}
}
}
$conn->close();
?>
Change
action= '<?php $_SERVER["PHP_SELF"] ?>
to
action= '<?php echo $_SERVER["PHP_SELF"] ?>
and move the php loops and db connection at top of the form
If the above is the actual code of your page then there are problems. To use header you need to do so before sending any HTML content to the browser ( though you can use output buffering to mitigate this requirement but not best practise ) - so it is likely that you are getting errors logged but clearly not displayed otherwise you would have mentioned them in the question?
Also, lines like below will cause errors.
echo"<script type='text/javascript'>".'alert(confirm password and password should be same");
</script>';
A few minor alterations - placing the php code before the HTML should help when it comes to errors relating to the use of header, simplifying the javascript variables and subsequent display. Remove PHP_SELF as the form action - it is vulnerable to abuse and, as you post to the same page, is not required at all.
<?php
try{
$message=false;
if( $_SERVER['REQUEST_METHOD']=='POST' ) {
$conn=new mysqli( "localhost", "khushank", "sethi", "emp" );
if( !$conn ) throw new Exception( sprintf( "Unable to connect: %s", $conn->connect_error() ), 1 );
/*
ensure that other required fields are in the submitted data
*/
if( isset(
$_POST['signup'],
$_POST['user'],
$_POST['email'],
$_POST['pass'],
$_POST['conf_pass'],
$_POST['mobile'],
$_POST['dob']
)){
$user=$_POST['user'];
$email=$_POST['email'];
$psw=$_POST['pass'];
$conf_psw=$_POST['conf_pass'];
$mob=(int)$_POST['mobile'];
$dob=$_POST['dob'];
/* passwords do not match - abort processing here */
if( $psw !== $conf_psw ){
$message='confirm password and password should be same';
} else{
/* try to locate user in db */
$sql="select `userid` from `details` where `userid`=?";
$stmt=$conn->prepare( $sql );
if( !$stmt ) throw new Exception( 'Failed to prepare sql query', 3 );
$stmt->bind_param('s', $user );
$res=$stmt->execute();
if( $stmt->num_rows == 0 ){
/* user does not already exist */
$sql="insert into `details` ( `userid`, `email`, `pass`, `mobile`, `date_of_birth` ) values( ?,?,?,?,? )";
/* clean up from previous query */
$stmt->free_result();
$stmt->close();
/* prepare new query */
$stmt=$conn->prepare( $sql );
if( !$stmt ) throw new Exception( 'Failed to prepare sql query', 4 );
/* bind and execute */
$stmt->bind_param( 'sssis', $user, $email, $pass, $mob, $dob );
$result = $stmt->execute();
/* this should be exactly 1 */
$count = $conn->affected_rows;
$stmt->close();
$conn->close();
if( $count===1 )header( 'Location: login.php' );
} else {
$message='username already exists';
}
}
$conn->close();
} else {
throw new Exception( 'Missing or empty values in POST data', 2 );
}
}
}catch( Exception $e ){
exit( sprintf( 'Exception: %s, Code: %d', $e->getMessage(), $e->getCode() ) );
}
?>
<html>
<head>
<meta name='keywords' content='example, Javascript Form Validation, Sample registration form' />
<title>User registration</title>
</head>
<body>
<form name='registration' method='post'>
<label for='user'>USERNAME</label>
<input name='user' type='text' id='username' placeholder='should not contain spaces' required>
<br><br>
<label for='email'>EMAIL</label>
<input name='email' type='email' id='email' placeholder='eg: abc#xyz.com' required>
<br><br>
<label for='pass'>PASSWORD</label>
<input name='pass' type='password' id='password' placeholder='atleat 8 characters' required>
<br><br>
<label for='conf_pass'>CONFIRM PASSWORD</label>
<input name='conf_pass' type='password' id='conf_pass' placeholder='atleat 8 characters' required>
<br><br>
<label for='mobile'>MOBILE NO</label>
<input name='mobile' type='number' id='mobile' placeholder='should contain 10 digits' required>
<br><br>
<label for='dob'>DATE OF BIRTH</label>
<input name='dob' type='date' id='dob' required>
<br><br>
<input type='submit' name='signup' id='submit' value='Submit'>
</form>
<?php
/* If there was an error, use a javascript alert to inform user */
if( $_SERVER['REQUEST_METHOD']=='POST' && !empty( $message ) ){
printf( '<script>alert("%s");</script>', $message );
}
?>
</body>
</html>
Hope it helps...
Please take a look at the following code this is for the front end of my website going through wordpress without having the wordpress platform being used, however the login page is having issues.
<?php
global $wpdb;
$err = '';
$success = '';
if(isset($_POST['task']) && $_POST['task'] == 'login' )
{
//We shall SQL escape all inputs to avoid sql injection.
$username = $wpdb->escape($_POST['log']);
$password = $wpdb->escape($_POST['pwd']);
$remember = $wpdb->escape($_POST['remember']);
if( $username == "" || $password == "" ) {
$err = 'Please don\'t leave the required field.';
} else {
$user_data = array();
$user_data['user_login'] = $username;
$user_data['user_password'] = $password;
$user_data['remember'] = $remember;
$user = wp_signon( $user_data, false );
if ( is_wp_error($user) ) {
$err = $user->get_error_message();
exit();
} else {
wp_set_current_user( $user->ID, $username );
do_action('set_current_user');
echo '<script type="text/javascript">window.location='. get_bloginfo('url') .'</script>';
exit();
}
}
}
?>
This is the form been used for the login.
<form method="post">
<div class="message"><h2>Already have an account? Please login.</h2></div>
<p>
<?php
if( !empty($sucess) )
echo $sucess;
if( !empty($err) )
echo $err;
?>
</p>
<input type="text" name="log" value="" id="log" class="textbox" placeholder="Username"/>
<input type="password" name="pwd" value="" id="pwd" class="textbox" placeholder="Password"/>
<p><input type="submit" value="Login" class="button" />
<label><input type="checkbox" name="remember" value="true" /> Remember Me</label>
<input type="hidden" name="task" value="login" />
</form>
Why am i getting the following: Warning can not modify header information
How do i get around this?
I have a custom registration form. I am trying to redirect users to a specific page after they've registered, but the methods I have tried have not worked, here is my code - how can I get a redirection after a user has registered?:
EDIT: (a jQuery or Javascript solutuion for this would be acceptable too)
<?php
/* Load registration file. */
require_once( ABSPATH . WPINC . '/registration.php' );
/* If user registered, input info. */
if ( 'POST' == $_SERVER['REQUEST_METHOD'] && !empty( $_POST['action'] ) && $_POST['action'] == 'adduser' ) {
$user_pass = wp_generate_password();
$userdata = array(
'user_pass' => esc_attr( $_POST['user_pass'] ),
'user_login' => esc_attr( $_POST['user_name'] ),
'user_email' => esc_attr( $_POST['email'] ),
);
if ( !$userdata['user_login'] )
$error = __('A username is required for registration.', 'frontendprofile');
elseif ( username_exists($userdata['user_login']) )
$error = __('Sorry, that username already exists!', 'frontendprofile');
elseif ( !is_email($userdata['user_email'], true) )
$error = __('You must enter a valid email address.', 'frontendprofile');
elseif ( email_exists($userdata['user_email']) )
$error = __('Sorry, that email address is already used!', 'frontendprofile');
else{
$new_user = wp_insert_user( $userdata );
update_usermeta( $new_user, 'fullname', esc_attr( $_POST['fullname'] ) );
update_usermeta( $new_user, 'publication', esc_attr( $_POST['publication'] ) );
update_usermeta( $new_user, 'usertype', esc_attr( $_POST['usertype'] ) );
wp_new_user_notification($new_user, $user_pass);
wp_redirect( 'http://www.google.com' );
}
}
?>
<form method="post" id="adduser" class="user-forms" action="http://<?php echo $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; ?>">
<p class="form-usertype">
<strong>TYPE</strong>
<?php $usertype = get_the_author_meta( 'usertype', $current_user->ID ); ?>
<ul>
<li>
<input class="radio" value="Media" name="usertype" <?php if ($_POST['usertype'] == 'Media' ) { ?>checked="checked"<?php }?> type="radio" />
<span><?php _e('Media', 'frontendprofile'); ?></span>
</li>
<li>
<input class="radio" value="Freelance" name="usertype" <?php if ($_POST['usertype'] == 'Freelance' ) { ?>checked="checked"<?php }?> type="radio" />
<span><?php _e('Freelance', 'frontendprofile'); ?></span>
</li>
<li>
<input class="radio" value="Student" name="usertype" <?php if ($_POST['usertype'] == 'Student' ) { ?>checked="checked"<?php }?> type="radio" />
<span><?php _e('Student', 'frontendprofile'); ?></span>
</li>
</ul>
</p>
<!-- .form-usertype -->
<p class="form-username">
<strong>FULL NAME</strong>
<input class="text-input" name="user_name" type="text" id="user_name" value="<?php if ( $error ) echo wp_specialchars( $_POST['user_name'], 1 ); ?>" />
</p>
<!-- .form-username -->
<p class="form-email">
<strong>E-MAIL</strong>
<input class="text-input" name="email" type="text" id="email" value="<?php if ( $error ) echo wp_specialchars( $_POST['email'], 1 ); ?>" />
</p>
<!-- .form-email -->
<p class="form-password">
<strong>CONFIRM E-MAIL</strong>
<input type="text" name="user_pass" id="user_pass" class="input" value="" size="20" tabindex="10" />
</p>
<p class="form-publication">
<strong>MEDIA OUTLET</strong>
<input class="text-input" name="publication" type="text" id="publication" value="<?php if ( $error ) echo wp_specialchars( $_POST['publication'], 1 ); ?>"/>
</p>
<!-- .form-publication -->
<p class="form-submit"> <?php echo $referer; ?>
<input name="adduser" type="submit" id="addusersub" class="submit button" value="<?php if ( current_user_can( 'create_users' ) ) _e('Add User', 'frontendprofile'); else _e('Register', 'frontendprofile'); ?>" />
<?php wp_nonce_field( 'add-user' ) ?>
<input name="action" type="hidden" id="action" value="adduser" />
</p>
<!-- .form-submit -->
</form>
<script type="text/javascript">
$(document).ready(function(){
$("input[name$='usertype']").click(function(){
var radio_value = $(this).val();
if(radio_value=='Media') {
$("p.form-publication").show();
}
else if(radio_value=='Student') {
$("p.form-publication").hide();
}
else if(radio_value=='Freelance') {
$("p.form-publication").hide();
}
});
});
</script>
Your pluggin is not respecting the expected action hook format that you'd normally use. What you have to do here is to hook two different functions for your pluggin.
One will draw the pluggin when necessary, using a shortcode for example.
The other will hook into the early processing of wordpress to actually do what it's got to do such as adding a user. Then, if you use wp_redirect it will allow you to redirect before any output is sent to the browser.
For example, in my pluggins, i use the hooks:
add_action('init', 'my_function_to_process');
add_action('template_redirect', 'my_function_to_draw');
And i create those two functions to do what they have to do in my pluggin's file.
You might want to check out the hooks database api for more information on hooks:
http://codex.wordpress.org/Plugin_API/Action_Reference
Good luck
EDIT
Just change:
wp_redirect( 'http://www.google.com' );
For:
?><script>window.href.location = "http://www.google.com";</script><?php exit();
And you would be on your way to victory... It's ugly in terms of integration, i'd have done it with a pluggin but it should work fine...