I can't get the users name to get updated or to deleted the user. Whatever i try doesn't work. When i click on the update button it just goes to the index page and nothing happens and the same happens when i click on the delete button too.
this is the codes i have on my server.php page:
<?php
session_start();
// initializing variables
$idmedlemmer = "";
$brukernavn = "";
$email = "";
$fornavn = "";
$etternavn = "";
$errors = array();
// connect to the database
$db = mysqli_connect("localhost", "root", "", "mymusic");
// Update User
if (isset($_POST['update'])) {
// receive all input values from the form
$brukernavn = mysqli_real_escape_string($db, $_POST['brukernavn']);
// form validation: ensure that the form is correctly filled ...
// by adding (array_push()) corresponding error unto $errors array
if (empty($brukernavn)) { array_push($errors, "Feltet kan ikke være tomt"); }
// first check the database to make sure
// a user does not already exist with the same username and/or email
$user_check_query = "SELECT brukernavn FROM medlemmer LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['brukernavn'] === $brukernavn) {
array_push($errors, "Brukernavn eksisterer allerede");
}
}
// Finally, register user if there are no errors in the form
if (count($errors) == 0) {
mysqli_query($db, "UPDATE medlemmer SET brukernavn='$brukernavn' WHERE idmedlemmer=$idmedlemmer");
$_SESSION['message'] = "Brukernavnet har blitt oppdatert";
header('location: index.php');
}
}
// ...
// ...
// Delete User
if (isset($_GET['brukernavn']))
if (isset($_GET['slett'])) {
$query = sprintf("DELETE FROM medlemmer WHERE idmedlemmer='%s'");
mysqli_query($db, $query);
$_SESSION['brukernavn'] = $brukernavn;
$_SESSION['success'] = "Bruker har blitt slettet";
header('location: Login.php');
}
?>
And this is what i have on my update page:
<?php include('server.php')?>
<?php
if (isset($_GET['update'])) {
$brukernavn = $_GET['update'];
$record = mysqli_query($db, "SELECT * FROM medlemmer WHERE brukernavn=$brukernavn");
if (count($record) == 1 ) {
$n = mysqli_fetch_array($record);
$name = $n['brukernavn'];
}
}
?>
<html>
<head>
<title>Edit Data</title>
<link rel="stylesheet" type="text/css" href="stilark.css">
<meta charset="utf-8">
</head>
<body>
<form name="form1" method="post" action="index.php">
<table border="0">
<tr>
<td>Name</td>
<td><input type="text" name="brukernavn" value="<?php echo ($_SESSION['brukernavn']); ?>"></td>
</tr>
<tr>
<td><input type="hidden" name="idmedlemmer" value="<?php echo $idmedlemmer;?>"></td>
<td><input type="submit" name="update" value="update"></td>
</tr>
</table>
</form>
and this is what i have on my delete page:
<?php include('Server.php')?>
<!DOCTYPE html>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="stilark.css">
<head>
<title>Slett Bruker</title>
</head>
<body>
Tilbake
<br/><br/>
<form name="form1" method="post" action="index.php">
<table border="0">
<tr>
<td><input type="hidden" name="idmedlemmer" value="<?php echo $_GET['idmedlemmer'];?>"></td>
<td><input type="submit" name="slett" value="slett"></td>
Delete
</tr>
</table>
</body>
</html>
I have tried to check on youtube videoes and read many articles but i just cant seem to get anywhere so i am totaly stuck and appreciate all the help i can get. Hope that you can help me
Related
I am able to login to my user page and admin page without giving password and username. when usertype is selected and click on login both are getting loggedin. here is my login.php code
<?php
$servername="SERVER";
$username="USER";
$password="PWD";
$dbname="DB";
$conn = mysqli_connect($servername, $username, $password, $dbname);
echo("conneciton");
if(isset($_POST['Login'])){
$user=$_POST['user'];
$pass = $_POST['pass'];
$usertype=$_POST['usertype'];
$query = "SELECT * FROM multiuserlogin WHERE username='".$user."' and password = '".$pass."' and usertype='".$usertype."'";
$result = mysqli_query($conn, $query);
if($result){
while($row=mysqli_fetch_array($result)){
echo'<script type="text/javascript">alert("you are login successfully and you are logined as ' .$row['usertype'].'")</script>';
}
if($usertype=="admin"){
?>
<script type="text/javascript">
window.location.href="index.php"</script>
<?php
}else{
?>
<script type="text/javascript">
window.location.href="user.php"</script>
<?php
}
}else{
echo 'no result';
}
}
?>
<html>
<head>
<!-- title and meta -->
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>admin</title>
<!-- /title and meta -->
<script src="js/jquery.js"></script>
<!-- Bootstrap -->
<link href="css/bootstrap.min.css" rel="stylesheet">
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<!-- Include all compiled plugins (below), or include individual files as needed -->
<script src="js/bootstrap.min.js"></script>
<link href="css/adminindex.css" rel="stylesheet">
</head>
<body class='bg-image'>
<center><div class="col-md-4 col-sm-4 col-xs-10 formclass">
<form action="" method="post" name="Login_Form">
<table>
<tr>
<td colspan="2" align="left" valign="top"><h3>Login</h3></td>
</tr>
<tr>
<td valign="top">Username:</td><td><input type="text" name="user" placeholder="enter your username"
</td>
</tr>
<tr>
<td >Password:</td><td><input type="text" name="pass" placeholder="enter your password"</td>
</tr>
<tr>
<td>
Select user type:</td><td> <select name="usertype">
<option value="admin">admin</option>
<option value="user">user</option>
</select>
</td>
</tr>
<tr>
<td><input type="submit" name="Login" value="Login"></td>
</tr>
</table>
</form> </div>
</center>
</body>
</html>
my database table name is multiuserlogin and column are username password usertype
Please help me on this, i need to verify my username password and then only able to login
Your if statement
if($result){
is always true, because it contains the query not the results. So you are logged in as the usertype you have selected.
Adjust the db information and try this out:
$conn = new mysqli("SERVER", "USER", "PWD", "DB");
if (!$conn->connect_error) {
echo("connected");
if(isset($_POST['Login'])){
$user = $_POST['user'];
$pass = $_POST['pass'];
$query = "SELECT * FROM multiuserlogin WHERE username='".$user."' and password = '".$pass."' LIMIT 1";
$result = $conn->query($query);
$logged_user = $result->fetch_array(MYSQLI_ASSOC);
$conn->close();
if(is_array($logged_user) && $logged_user['username'] == $user) {
echo '<script type="text/javascript">alert("you are login successfully and you are logined as ' . $logged_user['usertype'] .'")</script>';
if($logged_user['usertype'] == "admin"){
echo '<script type="text/javascript">window.location.href="index.php"</script>';
} else {
echo '<script type="text/javascript">window.location.href="user.php"</script>';
}
} else {
echo 'no result';
}
}
}
Dont forget to validate for preventing SQL injections.
This question already has answers here:
Can I mix MySQL APIs in PHP?
(4 answers)
Reference - What does this error mean in PHP?
(38 answers)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 4 years ago.
Good morning everybody I've made this simple page that should update my database following some tutorials around the internet but still not updating the data when I press the submit button, can somebody help and correct the code ? I just need to update the ID from this table, I think this code can be helpful for many people out there... I'm going to paste the code below. Many thanks.
<?php
$servername = "localhost";
$username = "user";
$password = "pass";
$dbname = "database";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$id_cus = $_GET["id_cus"];
$sql = "SELECT `id_customer`, `firstname`, `lastname`, `email` FROM `customer` WHERE `id_customer` = $id_cus";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$id = $row["id_customer"];
$nome = $row["firstname"];
$cognome = $row["lastname"];
$email = $row["email"];
}
} else {
echo "0 results";
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Bootstrap Example</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<link rel="stylesheet" href="./panel.css">
<script src="//code.jquery.com/jquery-1.11.1.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-12">
<main>
<form action="" method="post">
<table class="table table-bordered table-condensed">
<thead>
<tr>
<th>Codice cliente</th>
<th class="col">Nome</th>
<th class="col">Cognome</th>
<th class="col">Indirizzo email</th>
</tr>
</thead>
<tbody>
<tr>
<td><input type="text" name="id" value="<?php echo $id ?>"/></td>
<td><?php echo $nome; ?></td>
<td><?php echo $cognome; ?></td>
<td><?php echo $email; ?></td>
</tr>
</tbody>
</table>
<input type="submit" name="submit" value="Aggiorna" class="pull-right">
</form>
</main>
</div>
</div>
</div>
</body>
</html>
<?php
// check if the form has been submitted. If it has, process the form and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_numeric($_POST['id']))
{
// get form data, making sure it is valid
$id = $_POST['id'];
// check that firstname/lastname fields are both filled in
if ($id == '')
{
// generate error message
echo 'ERROR: Please fill in all required fields!';
}
else
{
// save the data to the database
$conn->query("UPDATE customer SET id_customer='$id'")
or die(mysql_error());
// once saved, redirect back to the view page
header("Location: panel.php?id_cus=$id");
}
}
}
$conn->close();
?>
EDITED CODE TRYING ANOTHER SOLUTION bust still does not update why ? this should be very simple!
<?php
error_reporting(E_ALL);
ini_set('display_errors',1);
$databaseHost = 'localhost';
$databaseName = 'dbname';
$databaseUsername = 'dbuser';
$databasePassword = 'pass';
$mysqli = mysqli_connect($databaseHost, $databaseUsername, $databasePassword, $databaseName);
if(isset($_POST['update']))
{
$id = $_POST['id'];
$firstname=$_POST['firstname'];
$lastname=$_POST['lastname'];
$email=$_POST['email'];
// checking empty fields
if(empty($fistname) || empty($lastname) || empty($email)) {
if(empty($firstname)) {
echo "<font color='red'>Name field is empty.</font><br/>";
}
if(empty($lastname)) {
echo "<font color='red'>lastname field is empty.</font><br/>";
}
if(empty($email)) {
echo "<font color='red'>Email field is empty.</font><br/>";
}
} else {
//updating the table
$result = mysqli_query($mysqli, "UPDATE customer SET firstname='$firstname',lastname='$lastname',email='$email' WHERE id_customer=$id");
//redirectig to the display page. In our case, it is index.php
header("Location: index.php");
}
}
?>
<?php
//getting id from url
$id = $_GET['id'];
//selecting data associated with this particular id
$result = mysqli_query($mysqli, "SELECT `id_customer`, `firstname`, `lastname`, `email` FROM `customer` WHERE `id_customer` = $id");
while($res = mysqli_fetch_array($result))
{
$firstname = $res['firstname'];
$lastname = $res['lastname'];
$email = $res['email'];
$id_customer = $res['id_customer'];
}
?>
<html>
<head>
<title>Edit Data</title>
</head>
<body>
Home
<br/><br/>
<form name="form1" method="post" action="panel.php">
<table border="0">
<tr>
<td>Name</td>
<td><input type="text" name="firstname" value="<?php echo $firstname;?>"></td>
</tr>
<tr>
<td>Lastname</td>
<td><input type="text" name="lastname" value="<?php echo $lastname;?>"></td>
</tr>
<tr>
<td>Email</td>
<td><input type="text" name="email" value="<?php echo $email;?>"></td>
</tr>
<tr>
<td>ID</td>
<td><input type="text" name="id_customer" value="<?php echo $id_customer;?>"></td>
</tr>
<tr>
<td><input type="hidden" name="id" value=<?php echo $_GET['id'];?>></td>
<td><input type="submit" name="update" value="Update"></td>
</tr>
</table>
</form>
</body>
</html>
</html>
When i select my button in the form with the link to the processing page for the login it just returns a server error 500, i have not encountered this before and have had no luck on google.
Here is my HTML markup on the login page
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<link rel="stylesheet" type="text/css" href="styles.css">
<title>Administrator Login</title>
</head>
<body>
<div class="container">
<div class="header"><img src="IMAGES/LOGO.png" alt="Insert Logo Here" name="Insert_logo" width="" height="90" id="Insert_logo" style="background-color: #; display:block;" />
<!-- end .header --></div>
<div class="content">
<form action="loginProcess.php" method="post" class="loginForm">
<input type="text" id="username" name="username" placeholder="Enter Username" required>
<input type="password" id="password" name="password" placeholder="Enter Password" required>
<button type="submit" id="loginBTN" >Login</button>
</form>
</div>
</body>
</html>
And here is the code for my php process
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<?php
error_reporting(E_ALL); ini_set('display_errors', 1);
//stores the search data
$username = $_POST['username'];
$password = $_POST['password'];
//checks to see if it is empty or null
if(isset($username) && !empty($username) && (isset($password) && !empty($password))){
require('includes/dbconx.php');
//escapes all special characters that could break database
$pword = mysqli_real_escape_string($con, $password);
$uname = mysqli_real_escape_string($con, $username);
//searchq stores the cleaned up search data
//create a variable to store a wildcard SQL statement
$sql = mysqli_query($con, "SELECT * FROM login WHERE username = '%$uname%' AND password = '%$pword%' ");
}//end statement
//if no data is inserted it will putput this
else{
echo("Please enter Login details!");
//this will kill the connection
die;
}
//end else
$result = $con->query($sql);
//if it finds no matching data it informs the user and kills the DB connextion
if(mysqli_num_rows($result) == 0){
echo("<p>No record found or password doesn't match! </p>");
die;
}
else{
header('Location: adminPage.php');
?>
</body>
</html>
Here is my connection, this works for the other pages as it should this.
<?php
//connects to my music database
$con=mysqli_connect("localhost","root","root","music");
//if it fails to connect it outputs this with an error number
if(mysqli_connect_errno()) {
echo "failed to connet to MYSQL:".mysqli_connect_error();
}
?>
Got time for that Beer?
This query is incorrect, you use the % character only when using the LIKE syntax, so query should be
$sql = mysqli_query($con, "SELECT *
FROM login
WHERE username = '$uname'
AND password = '$pword' ");
If you format your code more consistantly it will also help in spotting errors.
And as in my answer to your last question, check for errors after all mysqli_ calls. During development it will save you much time, as thats when we developers make little bobo's
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// this would be better at the top of the script
require('includes/dbconx.php');
// why do 2 steps when one would do
// also you have not checked these actually exist
// until the IF that follows these 2 lines
//$username = $_POST['username'];
//$password = $_POST['password'];
// empty() does an isset already so you only need the empty()
if( !empty($username) && !empty($password)){
$pword = mysqli_real_escape_string($con, $_POST['password']);
$uname = mysqli_real_escape_string($con, $_POST['username']);
$sql = mysqli_query($con, "SELECT *
FROM login
WHERE username = '$uname'
AND password = '$pword'");
// always check status after mysqli_query and other calls
// and at least output the error message
if ( $sql === FALSE ) {
echo mysqli_error($con);
exit;
}
} else {
echo("Please enter Login details!");
die;
}
$result = $con->query($sql);
if(mysqli_num_rows($result) == 0){
echo("<p>No record found or password doesn't match! </p>");
die;
} else {
header('Location: adminPage.php');
// header Location: shoudl always be followed by an exit;
// as header does not stop execution
exit;
} // add missing closing bracket
?>
</body>
</html>
I am not sure what the problem is here. The user data is in my MySQL database, and correct. However when I try to login I get an error saying user/password is incorrect. I am trying to login using the users email address. In addition I want to add the first name, and user id to the session.
<?php
session_start();
include_once 'dbconnect_new.php';
if(isset($_SESSION['user'])!="")
{
header("Location: ../index.php");
}
if(isset($_POST['btn-login']))
{
$s_email = mysql_real_escape_string($_POST['email']);
$s_password = mysql_real_escape_string($_POST['password']);
$s_email = trim($s_email);
$s_password = trim($s_password);
$res=mysql_query("SELECT student_id, student_password, student_firstname FROM studentdata WHERE student_email='$s_email'");
$row=mysql_fetch_array($res);
$count = mysql_num_rows($res); // if uname/pass correct it returns must be 1 row
if($count == 1 && $row['student_password']==md5($s_password))
{
$_SESSION['user'] = $row['student_id'];
header("Location: ../index.php");
}
else
{
?>
<script>
alert('Username / Password Seems Wrong !');
</script>
<?php
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>New Reg Page</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<center>
<div id="login-form">
<form method="post">
<table align="center" width="30%" border="0">
<tr>
<td>
<input type="text" name="email" placeholder="Your Email" required />
</td>
</tr>
<tr>
<td>
<input type="password" name="password" placeholder="Your Password" required />
</td>
</tr>
<tr>
<td>
<button type="submit" name="btn-login">Sign In</button>
</td>
</tr>
<tr>
<td>Sign Up Here</td>
</tr>
</table>
</form>
</div>
</center>
</body>
</html>
Try this code:-
$s_email = mysql_real_escape_string($_POST['email']);
$s_password = mysql_real_escape_string($_POST['password']);
$s_email = trim($s_email);
$s_password = md5(trim($s_password));
$res=mysql_query("SELECT student_id, student_firstname FROM studentdata WHERE student_email='$s_email' AND student_password = '$s_password'");
if (!$res) {
// Debug query result by below code
//echo 'Could not run query: ' . mysql_error();
//exit;
echo '<script language="javascript">';
echo 'alert("Username / Password Seems Wrong !")';
echo '</script>';
}else{
$row = mysql_fetch_row($result);
$stu_id = $row[0];
$stu_fname = $row[1];
$_SESSION['user'] = $stu_id;
header("Location: ../index.php");
}
Hope this will help you :)
I am creating a form for log in and log out .
My problem is when a user submit their username and password then display welcome message with that username.Files are given below.
include.php
<?php
session_start();
$host = "VKSolutions";
$username = "VKSolutions";
$password = "VKSolutions#1";
$db = "VKSolutions";
#mysql_connect($host,$username,$password) or die ("error");
#mysql_select_db($db) or die("error");
?>
login.php
<?php
require_once('include.php');
$error = '';
$form = $_POST['submit'];
$user = $_POST['user'];
$password = $_POST['password'];
if( isset($form) ) {
if( isset($user) && isset($password) && $user !== '' && $password !== '' ) {
$sql = mysql_query("SELECT * FROM `accounts` WHERE user='$user' and
password='$password';");
if( mysql_num_rows($sql) != 0 ) { //success
$_SESSION['logged-in'] = true;
header('Location: members.php');
exit;
} else { $error = "Incorrect login info"; }
} else { $error = 'All information is not filled out correctly';}
}
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
</head>
<body>
<table width="80%" border="0"><form action="<?php $PHP_SELF; ?>" method="post" >
<tr>
<td><label>Employee Name:</label></td>
<td><input name="user" placeholder="Enter Name" type="text" value="<?php echo "$user";?>" /></td>
</tr>
<tr>
<td><label>Password:</label></td>
<td><input name="password" placeholder="Enter Password" type="password" /></td>
</tr>
<tr>
<td> </td>
<td><input valin="right" name="submit" type="submit" value="Log In" /></td>
</tr></form>
</table>
<?php
echo "<br /><span style=\"color:red\">$error</span>";
?>
</body>
</html>
members.php
<?php
require_once('include.php');
if ( !isset($_SESSION['logged-in']) || $_SESSION['logged-in'] !== true) {
header('Location: login.php');
exit;
}
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Staff Area</title>
</head>
<body>
<div style="margin-top:50px; color:#00F; margin-left:50px; font-size:18px; position:absolute">Welcome<?php echo "$user";?></div>
</body>
</html>
logout.php
<?php
session_start();
// if the user is logged in, unset the session
if (isset($_SESSION['logged-in'])) {
unset($_SESSION['logged-in']);
}
// now that the user is logged out,
// go to login page
header('Location: login.php');
?>
In my members.php it is log in but not display with username. I need that username.
Please find out what is wrong.
Thanks.
You need to create $_session variable since HTTP is a stateless protocol. Your variables defined in login.php is not available to members.php unless you store them in session.
first in the login.php
session_start();
$_SESSION['user'] = $_POST['user'];
then in your members.php file
session_start();
$user = $_SESSION['user'];
will allow you to access it.
Just use a session variable like $_SESSION['user']= $_POST['user']; and then display it using echo $_SESSION['user'].
Also make sure that you add session_start(); at the beginning of the php file.
You need to register your session username like this
session_start();
$_SESSION['user'] = $_POST['user'];
then retrieve your session username to display username message
echo $_SESSION['user'];