I have a login page here in which there are two fields and a submit button. The code looks fine but when I press the submit button nothing is passed to the isset method. Here are my codes.
<?php
function security($database,$value)
{
$new_val=stripslashes($value);
$new_val=mysqli_real_escape_string($database,$value);
return $new_val;
}
require_once("database.php");
if(isset($_POST['submit']))
{
echo "working";
$username=security("betit",$_POST['username']);
$paassword=security("betit",$_POST['password']);
$sql="SELECT * FROM user_info WHERE username='$username' and password='$password'";
$result=mysqli_query("betit",$sql);
if($result)
{
echo "congrats";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>LOGIN</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="row">
<h3>Login</h3>
<div class="col-3">
<form method="post" action="" >
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span>
<input id="email" type="text" class="form-control" name="username" placeholder="Username">
</div>
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input id="password" type="password" class="form-control" name="password" placeholder="Password">
</div>
<input type="button" class="btn btn-primary" name="submit" value="submit">
</form>
</div>
</div>
</div>
</body>
</html>
The database.php
<?php
function db_connection($hostname, $username, $password, $database)
{
$link = mysqli_connect($hostname, $username, $password, $database);
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
echo "Connect Successfullyworking. Host info: " . mysqli_get_host_info($link);
}
db_connection("localhost", "root", "", "betit")
?>
Submit button was supposed to invoke the isset method but nothing is passing.I just cant identify what kind of error is it.
You have given type as button on submit input. change it to type="submit"
I think the problem is in Button
Change
<input type="button" class="btn btn-primary" name="submit" value="submit">
To
<input type="submit" class="btn btn-primary" name="submit" value="submit">
Related
I have two files
functions.php
<?php
include 'config.php';
function signup(){
if (isset($_POST['submit'])) {
$uname = $_POST['uname'];
$email = $_POST['email'];
$password = $_POST['password'];
$cpassword = $_POST['cpassword'];
if($password == $cpassword) {
$hash = md5($password);
$insert = "INSERT INTO `users`(`user_name`, `email`, `password`) VALUES ('$uname','$email','$hash')";
$result = mysqli_query($con, $insert);
if ($result) {
echo '<script>alert("Your account has been successfully created.")</script>';
}
}
else {
echo '<script>alert("Passwords do not match!")</script>';
}
}
}
?>
signup.php
<?php
include 'functions.php';
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- ===== Iconscout CSS ===== -->
<link rel="stylesheet" href="https://unicons.iconscout.com/release/v4.0.0/css/line.css">
<!-- ===== CSS ===== -->
<link rel="stylesheet" href="css/credential.css">
<title>Sing Up</title>
</head>
<body>
<div class="container">
<div class="forms">
<div class="form signup">
<span class="title">Sign Up</span>
<form method="POST" action="functions.php">
<div class="input-field">
<input type="text" name="uname" placeholder="Enter your full name" required>
<i class="uil uil-user"></i>
</div>
<div class="input-field">
<input type="email" name="email" placeholder="Enter your email" required>
<i class="uil uil-envelope icon"></i>
</div>
<div class="input-field">
<input type="password" class="password" name="password" placeholder="Create a password" required>
<i class="uil uil-lock icon"></i>
</div>
<div class="input-field">
<input type="password" class="password" name="cpassword" placeholder="Confirm a password" required>
<i class="uil uil-lock icon"></i>
<i class="uil uil-eye-slash showHidePw"></i>
</div>
<div class="checkbox-text">
<div class="checkbox-content">
<input type="checkbox" id="termCon">
<label for="termCon" class="text">I accepted all Terms and Conditions, Privacy Policy and Cookie Policy</label>
</div>
</div>
<div class="input-field button">
<input type="submit" value="Sign Up" name="submit">
</div>
</form>
<div class="login-signup">
<span class="text">Already have an account?
Login Now
</span>
</div>
</div>
<div class="form login">
<span class="title">Login</span>
<form action="#">
<div class="input-field">
<input type="email" placeholder="Enter your email" required>
<i class="uil uil-envelope icon"></i>
</div>
<div class="input-field">
<input type="password" class="password" placeholder="Enter your password" required>
<i class="uil uil-lock icon"></i>
<i class="uil uil-eye-slash showHidePw"></i>
</div>
<div class="checkbox-text">
<div class="checkbox-content">
<input type="checkbox" id="logCheck">
<label for="logCheck" class="text">Remember me</label>
</div>
Forgot password?
</div>
<div class="input-field button">
<input type="submit" value="Login" name="submit">
</div>
</form>
<div class="login-signup">
<span class="text">Don't have an account?
Signup Now
</span>
</div>
</div>
</div>
</div>
<script src="js/credential.js"></script>
</body>
</html>
I want something like this...
when I click on <input type="submit" of signup the signup() function from functions.php should work. But I don't know how to do it.
If I remove function signup(){} from functions.php and try without function then in url signup.php is replaced by functions.php and page is blank and no data is inserted in mysql localhost.
In 'config.php' file
<?php
$con = mysqli_connect("localhost","root","","get-viewed");
?>
Database name, Table name and field name are perfect I have double checked it.
The form action correctly point to function.php and the webserver execute it.
The result is blank because nothing in function.php get executed.
you defined function signup() but you don't call it
add signup(); as last code line, just before php closing tag ?>
Note 1: you can extract the code from the signup function, since it does not add any advantage.
Note 2: if the php closing tag is the last code line in the file (no html follow) you should omit, it is a good practice to avoid unwanted output.
This is a must once you start to use frameworks, otherwise header errors will popup
Thanks for helping me I have solved my question.
I updated functions.php
<?php
include 'config.php';
function signup() {
$uname = $_POST['uname'];
$email = $_POST['email'];
$password = $_POST['password'];
$cpassword = $_POST['cpassword'];
if($password == $cpassword) {
$hash = password_hash($password, PASSWORD_DEFAULT);
$insert = "INSERT INTO `users`(`user_name`, `email`, `password`) VALUES ('$uname','$email','$hash')";
$result = mysqli_query($con, $insert);
if ($result) {
echo '<script>alert("Your account has been successfully created.")</script>';
}
}
else {
echo '<script>alert("Passwords do not match!");location.replace("signup.php");</script>';
}
}
function login(){
if (isset($_POST['login'])) {
echo '<script>alert("login")</script>';
}
}
if (isset($_POST['signup'])) {
signup();
}
else {
login();
}
Now it is working perfectly as I wanted.
I have 2 files connect.php (The connection is successful) to connect to the database. The register.php whiche includes the connect file. The code doesnt give any errors, it just doesnt send the information into the actual databse. Below is the code from each file and an image of the database I have setup.
Here is the actual code ran (I combined the connect.php with register.php for this it is just the connection to the database.)
<html>
<head>
<title>User Registeration Using PHP & MySQL</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" >
<!-- Optional theme -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" >
<link rel="stylesheet" href="styles.css" >
<!-- Latest compiled and minified JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<?php
$connection = mysqli_connect('localhost', 'root', 'password', 'login');
if (!$connection){
die("Database Connection Failed" . mysqli_error($connection));
}
$select_db = mysqli_select_db($connection, 'test');
if (!$select_db){
die("Database Selection Failed" . mysqli_error($connection));
}
// If the values are posted, insert them into the database.
if (isset($_POST['username']) && isset($_POST['password'])){
$username = $_POST['username'];
$email = $_POST['email'];
$password = md5($_POST['password']);
$query = "INSERT INTO `user` (username, password, email) VALUES ('$username', '$password', '$email')";
$result = mysqli_query($connection, $query);
if($result){
$smsg = "User Created Successfully.";
}else{
$fmsg ="User Registration Failed";
}
}
?>
<body>
<div class="container">
<form class="form-signin" method="POST">
<?php if(isset($smsg)){ ?><div class="alert alert-success" role="alert"> <?php echo $smsg; ?> </div><?php } ?>
<?php if(isset($fmsg)){ ?><div class="alert alert-danger" role="alert"> <?php echo $fmsg; ?> </div><?php } ?>
<h2 class="form-signin-heading">Please Register</h2>
<div class="input-group">
<span class="input-group-addon" id="basic-addon1">#</span>
<input type="text" name="username" class="form-control" placeholder="Username" required>
</div>
<label for="inputEmail" class="sr-only">Email address</label>
<input type="email" name="email" id="inputEmail" class="form-control" placeholder="Email address" required autofocus>
<label for="inputPassword" class="sr-only">Password</label>
<input type="password" name="password" id="inputPassword" class="form-control" placeholder="Password" required>
<div class="checkbox">
<label>
<input type="checkbox" value="remember-me"> Remember me
</label>
</div>
<button class="btn btn-lg btn-primary btn-block" type="submit">Register</button>
<a class="btn btn-lg btn-primary btn-block" href="login.php">Login</a>
</form>
</div>
</body>
</html>
My PHP page is unable to pick values from HTML form. It's sending blank strings to database. Here is my HTML and PHP code. Please find error. I am new to PHP, unable to solve the problem.
my html page:
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title>LOGIN</title>
<link rel="stylesheet" href="css/reset.css">
<link rel='stylesheet prefetch' href='http://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900|RobotoDraft:400,100,300,500,700,900'>
<link rel='stylesheet prefetch' href='http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css'>
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<!-- Mixins-->
<!-- Pen Title-->
<div class="pen-title">
<h1>SYNCHPHONY</h1>
</div>
<div class="rerun">Rerun Pen</div>
<div class="container">
<div class="card"></div>
<div class="card">
<h1 class="title">Login</h1>
<form name="login" action="login.php" method="POST">
<div class="input-container">
<input type="text" id="loginid" required="required"/>
<label for="loginid">Login ID</label>
<div class="bar"></div>
</div>
<div class="input-container">
<input type="password" id="password" required="required"/>
<label for="password">Password</label>
<div class="bar"></div>
</div>
<div class="button-container">
<button><span>Go</span></button>
</div>
</form>
</div>
<div class="card alt">
<div class="toggle"></div>
<h1 class="title">Register
<div class="close"></div>
</h1>
<form name="register" action="register.php" method="POST">
<div class="input-container">
<input type="text" id="loginid" required="loginid"/>
<label for="loginid">Login ID</label>
<div class="bar"></div>
</div>
<div class="input-container">
<input type="password" id="password" required="required"/>
<label for="password">Password</label>
<div class="bar"></div>
</div>
<div class="button-container">
<button value'submitb'><span>Next</span></button>
</div>
</form>
</div>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
<script src="js/index.js"></script>
</body>
</html>
my php page:
**strong text** <?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "syncphony";
$loginid="";
$password="";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(isset($_POST['loginid'])){ $loginid = $_POST['loginid']; }
if(isset($_POST['password'])){ $password = $_POST['password']; }
// Escape user inputs for security
$loginid = mysqli_real_escape_string($conn,$loginid);
$password = mysqli_real_escape_string($conn,$password);
// attempt insert query execution
$sql = "INSERT INTO users (loginid, password ) VALUES ('$loginid', '$password')";
if(mysqli_query($conn, $sql)){
echo "Records added successfully.";
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($conn);
}
// close connection
mysqli_close($conn);
?>
The inputs inside your form tag do not have names. Try this for login:
<input type="text" id="loginid" required="required" name="loginid"/>
and this for password:
<input type="password" id="password" required="required" name="password"/>
It would be nice if you would protect your users against XSS attacks and to use encryption when you store a password. Also, you should structure your code and make sure your HTML is valid.
I have 2 projects 1 is just for checking username and password if they exist in the database,which has the function password_verify() working , and the other u can sign up and then log in, but in this 1 the function password_verify is always returning false even thought i have the same code written in both but changed the table name i will post the project, so if anyone can help me please.
I did check that it is connecting to the database normally and returning the email result correct but when it comes to comparing hashed pass with the one entered it's always false.
Index.php is the main page and contains only two php lines:
include("signup.php");
include("login.php");
Connection.php
<?php
$server="localhost";
$db_username="myusername";
$db_password="mypassword";
$db="test_db";
$conn=mysqli_connect($server,$db_username,$db_password,$db);
if(!$conn)
die ("Connection Failed: ".mysqli_connect_error());
?>
signup.php
<?php
session_start();
if(isset($_POST['signup']))
{
function validateFormData($formData)
{
$formData=trim(stripcslashes(htmlspecialchars($formData)));
return $formData;
}
$email=validateFormData($_POST['email']);
$password=validateFormData($_POST['password']);
if(!$_POST['email'])
$error.="Please enter an email<br>";
else if(!filter_var($_POST['email'],FILTER_VALIDATE_EMAIL))
{
$error.="Please enter a valid email<br>";
}
if(!$_POST['password'])
$error.="Please enter a password<br>";
else
{
if(strlen($_POST['password'])<8)
$error.="Password must contain at least 8 characters<br>";
if(!preg_match('`[A-Z]`',$_POST['password']))
$error.="Password must contain at least one capital letter<br>";
}
if($error)
{
echo "<div class='alert alert-danger text-center lead'><a class='close red' data-dismiss='alert'>×</a>".$error."</div>";
}
else
{
include('connection.php');
$query="SELECT * FROM `diary` WHERE email='".mysqli_real_escape_string($conn,$email)."'";
$result=mysqli_query($conn,$query);
$results=mysqli_num_rows($result);
if($results)
echo "<div class='alert alert-danger text-center lead'>This email already exists, do you want to log in?<a class='close red' data-dismiss='alert'>×</a></div>";
else
{
$selectUser=mysqli_real_escape_string($conn,$email);
$hashedPass=password_hash($password,PASSWORD_DEFAULT);
$query="INSERT INTO `diary`(`email`, `password`) VALUES ('$selectUser','$hashedPass')";
mysqli_query($conn,$query);
echo "<div class='alert alert-success text-center lead'>You've been signed up!<a class='close green' data-dismiss='alert'>×</a></div>";
$_SESSION['id']=mysqli_insert_id($conn);
}
}
}
?>
login.php
<?php
if(isset($_POST['login']))
{
function validateFormData($formData)
{
$formData=trim(stripcslashes(htmlspecialchars($formData)));
return $formData;
}
$formEmail=validateFormData($_POST['loginEmail']);
$formPass=validateFormData($_POST['loginPassword']);
$newPass=password_hash($formPass,PASSWORD_DEFAULT);
echo $newPass;
include("connection.php");
$query="Select * from diary where email='$formEmail' ";
$result=mysqli_query($conn,$query);
if(mysqli_num_rows($result)>0)
{
while($row=mysqli_fetch_assoc($result))
{
$LogEmail= $row['email'];
$LogPass= $row['password'];
echo "<br>".$LogPass;
}
if(password_verify($newPass,$LogPass))
{
echo "<br>Correct Password";
}
else
echo "<br>Not Correct";
}
}
?>
output of $newPass is :"$2y$10$dw0AtEExMc41p4nUB3W9kOOWTcNZmQev9jM4emNn7oQNODfu6Ld.q"
output of $LogPass is : "$2y$10$biz6Z5nxsMZXNf7p3ebqw.pksPb1VhWEmoan776rMqOC7VcFRQbrK"
Index
<?php
include("signup.php");
include("login.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<title>Secret Diary</title>
<link rel="stylesheet" href="css/Normalize.css">
<link rel="stylesheet" href="bootstrap/css/bootstrap.min.css">
<link rel="stylesheet" href="css/style.css">
<!--[if IE]>
<script src="https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<div class="container">
<form class="form-horizontal emailForm" role="form" method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>">
<legend><h1 class="text-center">Sign Up</h1></legend>
<div class="form-group">
<label class="control-label col-sm-2" for="email" >Email:</label>
<div class="col-sm-10">
<input type="email" class="form-control" style="width:90%" id="email" placeholder="Enter Email" name="email" value="<?php echo addslashes($_POST['email']);?>">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="pwd">Password:</label>
<div class="col-sm-10">
<input type="password" class="form-control" style="width:90%" id="pwd" placeholder="Password" name="password">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-success " id="btnClick" name="signup">Sign Up</button>
</div>
</div>
</form><!--SIGN UP-->
<form class="form-horizontal emailForm" role="form" method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>">
<legend><h1 class="text-center">Log In</h1></legend>
<div class="form-group">
<label class="control-label col-sm-2" for="LogInEmail" >Email:</label>
<div class="col-sm-10">
<input type="email" class="form-control" style="width:90%" id="LogInEmail" placeholder="Enter Email" name="loginEmail" value="<?php echo addslashes($_POST['loginEmail']);?>">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="LogInPassword">Password:</label>
<div class="col-sm-10">
<input type="password" class="form-control" style="width:90%" id="LogInPassword" placeholder="Password" name="loginPassword">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-success " id="btnClick" name="login">Log In</button>
</div>
</div>
</form><!--LOG IN-->
</div>
<script src="js/JQuery.min.js"></script>
<script src="bootstrap/js/bootstrap.min.js" type="text/javascript"></script>
<script src="js/script.js" type="text/javascript"></script>
</body>
</html>
You overwrite your $password when you include your dbconnection.
include('connection.php');
has:
$password="mypassword";
Previously you set:
$password=validateFormData($_POST['password']);
so your hashed password is not the user's password, but your DB password.
I would prefix all DB credentials variables with db_. So your database password variable would then be $db_password. This will allow you to have distinct variables throughout your project (I'd think).
Additionally you should be using $formPass, not $newpass. The $newpass is going to be double hashed at the verify function.
$formEmail=validateFormData($_POST['loginEmail']);
$formPass=validateFormData($_POST['loginPassword']);
$newPass=password_hash($formPass,PASSWORD_DEFAULT);
so change:
if(password_verify($newPass,$LogPass))
to:
if(password_verify($formPass, $LogPass))
password_verify expects the cleartext password as its first argument. To fix your code, remove this line:
$newPass=password_hash($formPass,PASSWORD_DEFAULT);
And change this line:
if(password_verify($newPass,$LogPass))
To the following:
if(password_verify($formPass,$LogPass))
I have a html form with one text field and one bootstrap module popup and two types of submit.
I'am able to collect the value from the html field using $_POST but I'am not getting the value from the popup window.
HTML :
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js"></script>
<script src="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
</head>
<body>
<form id="contactform" method="post" action="http://****/post.php">
<tr>
<td>
<label for="name">Name :</label>
</td>
<td>
<input type="text" name="name">
</td>
</tr>
<tr>
<td>
<button type="submit"> Submit</button>
<button type="button" class="btn btn-info btn-lg" data-toggle="modal" data-target="#myModal">Update</button>
<div class="modal fade" id="myModal" role="dialog">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal">×</button>
</div>
<div class="modal-body">
<label for="plan">Plan :</label>
<input type="radio" name="plan" value="Yes" > Yes</input>
<input type="radio" name="plan" value="No"> No</input>
</div>
<div class="modal-footer">
<button type="submit" formaction="update.php" class="btn btn-default" data-dismiss="modal">Submit</button>
</div>
</div>
</div>
</div>
</td>
</tr>
</form>
</body>
</html>
Here for two submits am using two php files: post.php and update.php
Where one submit is outside (post.php) the popup and other inside (update.php) the popup.
In post.php I am only collecting text field using
$name = $_POST['name'];
Which is working, but not in update.php code:
<?php
$conn = mysqli_connect("localhost", "username", "password", "database");
if($conn === false){
die("ERROR: Could not connect. " . mysqli_connect_error($conn));
}
$name = $_POST['name'];
$plan = $_POST['plan'];
$sql = "INSERT INTO table (name, plan) VALUES ('$name', '$plan')";
if(mysqli_query($conn, $sql)){
echo "Records added successfully.";
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($conn);
}
?>
Here in db I'am only able to collect name.
Please help to collect the values form both html field (name) and popup window field (plan).
Thanks in advance.
For your button in popup remove data-dismiss like this:
<button type="submit" formaction="update.php" class="btn btn-default">Submit</button>
Then in your post.php process just $name and in update.php $plan and $post.