I am making a simple forget password module.
User will enter his username, security question answer, and new password.
So if the user is found in the database table, the password will get updated
or else it will show an error.
FORM CODE :
<form id="fogform" method="POST">
<div class="form-group row">
<label for="un" class="col-form-label col-md-6">Username:
</label>
<div class="col-md-6">
<input type="text" class="form-control" name="un" placeholder="Enter your username" required>
</div>
</div>
<div class="form-group">
<div class="row">
<label class="col-form-label col-md-6" for="ques">Security
Question:</label>
<div class="col-md-6">
<select name="ques" class="form-control" required>
<option value="" selected>Choose any:</option>
<option value="In which city you were
born?">In which city you were born?
</option>
<option value="What was your first
pet's name?">What was your first pet's name?</option>
</select>
</div>
</div>
</div>
<div class="form-group row">
<label for="answ" class="col-form-label col-md-6">Your Answer:
</label>
<div class="col-md-6">
<input type="text" class="form-control" name="answ" placeholder="Enter your answer" required>
</div>
</div>
<div class="form-group row">
<label for="npwd" class="col-form-label col-md-6">New Password:
</label>
<div class="col-md-6">
<input type="password" class="form-control" name="npass" placeholder="Enter a New Password" required>
</div>
</div>
<div class="form-group row">
<label for="rpwd" class="col-form-label col-md-6">Retype Password:
</label>
<div class="col-md-6">
<input type="password" class="form-control" name="pass" placeholder="Retype the password" required>
</div>
</div>
<div class="form-group row">
<div class="col-md-5 offset-2">
<button type="reset" class="btn btn-danger">Reset</button>
</div>
<div class="col-md-5">
<button type="submit" name="fogo" class="btn btn-success" data-toggle="modal" data-target="#infomod" form="fogform">Submit</button>
</div>
</div>
</form>
PHP CODE:
<?php
session_start();
$cn=mysqli_connect("localhost", "root", "", "imedtalks");
if(isset($_POST['fogo']))
{
$fogsql = "SELECT uname, passwd, que, ans FROM register WHERE passwd='".$_POST['pass']."'
AND que='".$_POST['ques']."' AND ans='".$_POST['ques']."' AND uname='".$_POST['un']."' ";
$rslt=mysqli_query($cn, $fogsql);
if($_POST['npass'] === $_POST['pass'])
{
if($row=mysqli_fetch_assoc($rslt))
{
$fogsql2 = "UPDATE register SET passwd='".$_POST['pass']."' WHERE que='".$_POST['ques']."' AND ans='".$_POST['ques']."'
AND uname='".$_POST['un']."' ";
if($cn->query($fogsql2) === TRUE)
{
echo " <script type='text/javascript'>alert('Password Reset Successful!')</script> ";
echo " <script type='text/javascript'>window.location.replace('http://localhost/PROII/HomePage.php')</script> ";
}
}
else
{
echo " <script type='text/javascript'>alert('Password Reset Unsuccessful! Try Again.')</script> ";
echo " <script type='text/javascript'>window.location.replace('http://localhost/PROII/HomePage.php')</script> ";
}
}
else
{
echo " <script type='text/javascript'>alert('Password Verification Failed! Try Again')</script> ";
echo " <script type='text/javascript'>window.location.replace('http://localhost/PROII/HomePage.php')</script> ";
}
}
?>
So here, whenever i try the wrong way it gives unsuccessful message but even for right field data, it gives an error.
I am new to php, that's why i can't understand where its going wrong.
Related
So basically i wanted to make a medical appointment page and i wanted to not register the pacient if he/she wants to see the same doctor at the same date and the same hour with another pacient.
Here is my php code :
$con2 = mysqli_connect('localhost','root','','cabinet');
$sql="SELECT data,ora,doctorul FROM programare";
$res2=mysqli_query($con2,$sql);
while($row=mysqli_fetch_array($res2)){
$data2=$row['data'];
$ora2=$row['ora'];
$doctor2=$row['doctorul'];
}
if (isset($_POST['programare'])) {
$errors=array();
$nume=$_POST['nume'];
$data=$_POST['data'];
$ora=$_POST['ora'];
$tip=$_POST['tip'];
$doctor=$_POST['doctor'];
if(!empty($nume) && !empty($data) && !empty($ora) && !empty($doctor)){
if ($data == $data2 && $ora == $ora2 && $doctor == $doctor2) {
array_push($errors,"Programare existenta la acea ora!");
}else{
$sql2="INSERT INTO programare(nume,data,ora,tipul,doctorul)VALUES(?,?,?,?,?)";
mysqli_query($con2,$sql2);
$stmt = mysqli_stmt_init($con2);
if(!mysqli_stmt_prepare($stmt,$sql2)){
echo "SQL error";
} else {
mysqli_stmt_bind_param($stmt,"sssss",$nume,$data,$ora,$tip,$doctor);
mysqli_stmt_execute($stmt);
}
array_push($errors,"Programare inregistrata");
}
}else{
array_push($errors,"Introduceti toate datele!");
}
}
So if i register pacient1 to doctor1 at date1 hour1 and after that i want to register pacient2 to doctor1 at date1 hour1 it works ..it doesn't register pacient2 but if i register pacient3 to doctor2 at date2 hour2 and after that i register pacient4 to doctor1 at date1 hour1 it works...and it shouldn't ...so what am i missing in my code ?
Here is the form:
<form class="form-horizontal form-bordered" method="post">
<?php include('erori.php'); ?>
<div class="form-group">
<label class="col-md-3 control-label" for="inputFocus">Nume</label>
<div class="col-md-6">
<input class="form-control" id="inputFocus" type="text" name="nume" autocomplete="off">
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label" for="inputFocus">Tip</label>
<div class="col-md-6">
<input class="form-control" id="inputFocus" type="text" name="tip" autocomplete="off">
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label" for="inputFocus">Data</label>
<div class="col-md-6">
<input class="form-control" id="datepicker2" type="text" name="data" autocomplete="off">
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label" for="inputFocus">Ora</label>
<div class="col-md-6">
<input class="form-control" id="inputFocus" type="text" name="ora" autocomplete="off">
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label">Doctor</label>
<div class="col-md-6">
<select data-plugin-selectTwo class="form-control populate" name="doctor">
<option></option>
<?php
$con = mysqli_connect('localhost','root','','cabinet');
$sql="SELECT user FROM users WHERE level='1'";
$res=mysqli_query($con,$sql);
while($row=mysqli_fetch_array($res)){
echo "<option>".$row['user']."</option>";
}
?>
</select>
</div>
</div>
<div class="form-group" id="btnform">
<button type="submit" class="mb-xs mt-xs mr-xs btn btn-primary" name="programare">Inregistrare</button>
</div>
</form>
If there are any errors while registration or login into the sit then it is not displaying the error message just printing the variable.Here is the code.Tried by doing echo as well but it is also not working.Tried with storing the result in a variable and displaying the message but still not worked.
<?php
include 'includes/db.php';
$match = '';
if(isset($_POST['submit_user']))
{
$email = $_POST['email'];
$check=mysqli_query($conn,"select * from users where user_email='$email'");
$checkrows=mysqli_num_rows($check);
if($checkrows>0)
{
$msg = "Email Already Exists";
header('Location:registration.php?msg=$msg');
}
else
{
if($_POST['password'] == $_POST['con_password'])
{
$ins_sql = "INSERT INTO users (first_name, last_name, user_email, user_password, username) VALUES ('$_POST[first_name]', '$_POST[last_name]', '$_POST[email]', '$_POST[password]', '$_POST[username]')";
$run_sql = mysqli_query($conn,$ins_sql);
}
else
{
$match = '<div class="alert alert-danger">Password doesn't match!</div>';
}
}
}
?>
<form class="form-horizontal" action="registration.php" method="post" role="form">
<div class="body">
<div class="row clearfix">
<div class="col-sm-6 col-xs-12">
<div class="form-group">
<div class="form-line">
<input type="text" class="form-control" placeholder="First Name" name="first_name" id="first_name" onkeypress="return checkSpcialChar(event)" required>
</div>
</div>
</div>
<div class="col-sm-6 col-xs-12">
<div class="form-group">
<div class="form-line">
<input type="text" class="form-control" placeholder="Last Name" name="last_name" id="last_name" required>
</div>
</div>
</div>
</div>
<div class="row clearfix">
<div class="col-sm-12">
<div class="form-group">
<div class="form-line">
<input type="text" class="form-control" placeholder="Enter Your Email" name="email" id="email" required>
</div>
</div>
</div>
<div class="col-sm-12">
<div class="form-group">
<div class="form-line">
<input type="password" class="form-control" placeholder="Password" name="password" id="password" required>
</div>
</div>
</div>
<div class="col-sm-12">
<div class="form-group">
<div class="form-line">
<input type="type" class="form-control" placeholder="Confirm Password" name="con_password" id="con_password" required>
</div>
</div>
</div>
<div class="col-sm-12">
<div class="form-group">
<div class="form-line">
<input type="text" class="form-control" placeholder="Enter Username" name="username" id="username">
</div>
</div>
</div>
<div class="col-sm-12">
<div class="form-group drop-custum">
<select class="form-control show-tick" name="user_role" id="user_role" required>
<option value="">-- Select User role --</option>
<option value="admin">Admin</option>
<option value="employee">Employee</option>
</select>
</div>
</div>
<div class="col-sm-12">
<button type="submit" class="btn btn-raised g-bg-cyan" name="submit_user" id="subject">Submit</button>
<button type="submit" class="btn btn-raised">Cancel</button>
</div>
<span>
<?php if(isset($_GET['msg']))
echo $_GET['msg'];
?>
</span>
</div>
</div>
</form>
i have this page named courses.php contain the form below (iam using bootstrap):
<form class="" action="coumysql.php" method="post" style="margin-left:100px;">
<input type="hidden" name="act" value="add"/>
<div class="form-group" >
<label class="control-label" for="course_id">Course Code:</label>
<div class="" >
<div class="col-xs-3">
<input type="text" class="form-control" id="email" placeholder="" name="course_id" required="">
</div>
</div>
</div> <br>
<br>
<div class="form-group">
<label class="control-label " for="course_name">Course Name:</label>
<div class="">
<div class="col-xs-3">
<input type="text" class="form-control" id="pwd" placeholder="" name="course_name" required="">
</div>
</div>
</div><br>
<br>
<div class="form-group" style="display: inline;">
<div class="col-sm-offset-1 "><br>
<button type="submit" class="btn btn-default">Add Subject</button>
</div>
</div>
</form>
the form processed at the page named coumysql.php
<?php
include 'connect.php';
if(isset($_POST['act'])){
if($_POST['act'] == 'add'){
if ($mysqli->query("INSERT INTO courses (course_id, course_name) VALUES ('".$_POST['course_id']."', '".$_POST['course_name']."');")) {
echo "data added";
}
}else if($_POST['act'] == 'delete'){
if ($mysqli->query("DELETE FROM courses WHERE course_id= ('".$_POST['course_id']."');")) {
echo "data deleted";
}
}
}
?>
i want the message "data added" or "data deleted" to be shown in courses.php after successfully form submitted to database
You could create a session() variable and pass it to the view. Like so:
<?php
include 'connect.php';
session_start();
if(isset($_POST['act'])){
if($_POST['act'] == 'add'){
if ($mysqli->query("INSERT INTO courses (course_id, course_name) VALUES ('".$_POST['course_id']."', '".$_POST['course_name']."');")) {
$_SESSION['insert']="Data has been successfully created!";
header('Location: courses.php');
}
}else if($_POST['act'] == 'delete'){
if ($mysqli->query("DELETE FROM courses WHERE course_id= ('".$_POST['course_id']."');")) {
$_SESSION['delete']="Data has been successfully deleted!";
header('Location: courses.php');
}
}
}
?>
Then catch them on courses.php like so:
<?php
session_start();
$added = $_SESSION['insert'];
$deleted=$_SESSION['delete'];
?>
<form class="" action="coumysql.php" method="post" style="margin-left:100px;">
<input type="hidden" name="act" value="add"/>
<div class="form-group" >
<label class="control-label" for="course_id">Course Code:</label>
<div class="" >
<div class="col-xs-3">
<input type="text" class="form-control" id="email" placeholder="" name="course_id" required="">
</div>
</div>
</div> <br>
<br>
<div class="form-group">
<label class="control-label " for="course_name">Course Name:</label>
<div class="">
<div class="col-xs-3">
<input type="text" class="form-control" id="pwd" placeholder="" name="course_name" required="">
</div>
</div>
</div><br>
<br>
<div class="form-group" style="display: inline;">
<div class="col-sm-offset-1 "><br>
<button type="submit" class="btn btn-default">Add Subject</button>
</div>
<?php
if(!empty($added)){
?>
<div class="alert aler-success"><p><?php echo $added;?></p></div>
<?php }elseif(!empty($deleted)){
?>
<div class="alert aler-success"><p><?php echo $deleted;?></p></div>
<?php
}?>
</div>
</form>
Note: u can customize div tag as u want..
I want to create a login form to log system in php. But I can't do it, below I mentioned my code. I have coded registration form also. It works successfully, but the login form does not works properly. The registration form code is included in the index page. But the login code is include in login.php page.
Help me to solve this problem.
<div class="modal fade" id="myModal" tabindex="-1" role="dialog" aria-labelledby="myLargeModalLabel"
aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">
×</button>
<h4 style="text-align: center" class="modal-title" id="myModalLabel">
Login & Registration</a></h4>
</div>
<div class="modal-body">
<div class="row">
<div class="col-md-8" style="border-right: 1px dotted #C2C2C2;padding-right: 30px;">
<!-- Nav tabs -->
<ul class="nav nav-tabs">
<li class="active">Login</li>
<li>Registration</li>
</ul>
<!-- Tab panes -->
<div class="tab-content">
<div class="tab-pane active" id="Login">
<form class="form-horizontal" actoin="login.php" method="post" >
<div class="form-group">
<label class="col-sm-2 control-label">
Username</label>
<div class="col-sm-10">
<input type="text" class="form-control" name="username2" id="username2" placeholder="Username" />
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
Password</label>
<div class="col-sm-10">
<input type="password" class="form-control" name="pwd2" id="pwd2" placeholder="Password" />
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
User Type</label>
<div class="col-sm-10">
<select class="form-control" name="utype" id="utype">
<option selected disabled>User Type</option>
<option value="Admin">Admin</option>
<option value="Student">Student</option>
<option value="Company">Company</option>
</select>
</div>
</div>
<div class="row">
<div class="col-sm-2">
</div>
<div class="col-sm-10">
<input type="submit" class="btn btn-primary btn-sm" name="buttonsubmit" id="buttonsubmit" value="Login">
Forgot your password?
</div>
</div>
</form>
</div>
<div class="tab-pane" id="Registration">
<form class="form-horizontal" action="index.php" method="post">
<div class="form-group">
<label class="col-sm-2 control-label">
Title</label>
<div class="col-sm-10">
<div class="row">
<div class="col-md-3">
<select class="form-control" id="uutypex" name="uutype">
<option>Mr.</option>
<option>Ms.</option>
<option>Mrs.</option>
</select>
</div>
</div>
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
Name</label>
<div class="col-sm-10">
<input type="text" class="form-control" name="name" id="name" placeholder="Name" />
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
User Name</label>
<div class="col-sm-10">
<input type="text" class="form-control" name="username1" id="username1" placeholder="User Name" />
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
Password</label>
<div class="col-sm-10">
<input class="form-control" name="pwd" id="pwd" type="password" placeholder="Password" />
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
Birth Date
</label>
<div class="col-sm-10">
<input class="form-control" name="bdate" id="bdate" type="date">
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
Email</label>
<div class="col-sm-10">
<input type="email" class="form-control" name="email" id="email" placeholder="User Name" />
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
Mobile
</label>
<div class="col-sm-10">
<input type="text" class="form-control" name="mobile" id="mobile" placeholder="Mobile" />
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
University</label>
<div class="col-sm-10">
<input type="text" class="form-control" name="uni" id="uni" placeholder="University" />
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
User Type
</label>
<div class="col-sm-10">
<select class="form-control" name="type" id="type">
<option selected disabled>User Type</option>
<option value="Admin">Admin</option>
<option value="Student">Student</option>
<option value="Company">Company</option>
</select>
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
GPA</label>
<div class="col-sm-10">
<input type="text" class="form-control" name="gpa" id="gpa" placeholder="GPA" />
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">
Address</label>
<div class="col-sm-10">
<input type="text" class="form-control" name="address" id="address" placeholder="Address" />
</div>
</div>
<div class="row">
<div class="col-sm-2">
</div>
<div class="col-sm-10">
<input type="submit" class="btn btn-primary btn-sm" name="buttonregister" id="buttonregister" value="Submit and Save">
<button type="button" class="btn btn-default btn-sm">
Cancel
</button>
</div>
</div>
</form>
</div>
</div>
<div id="OR" class="hidden-xs">
OR</div>
</div>
<div class="col-md-4">
<div class="row text-center sign-with">
<div class="col-md-12">
<h3>
Sign in with
</h3>
</div>
<div class="col-md-12">
<div class="btn-group btn-group-justified">
Facebook <a href="#" class="btn btn-danger">
Google
</a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
php code
<?php
$conn=mysqli_connect("localhost","root","","internship");
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if(isset($_POST['buttonsubmit'])){
$username=$_POST['username2'];
$password=$_POST['pwd2'];
$type=$_POST['utype'];
$result=mysqli_query($conn,'select * from registration where username="'.$username.'" and password="'.$password.'" and usertype="'.$type.'"');
if(mysqli_num_rows($result)==1 && $type=="Student"){
header('Location: student.php');
}
else
?>
<script> alert("Account invalid!!!! Enter valid Username Password and Usertype")</script>
<?php
}
?>
<?php
$conn=mysqli_connect("localhost","root","","internship");
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if(isset($_POST['buttonsubmit'])){
$username=$_POST['username2'];
$password=$_POST['pwd2'];
$type=$_POST['utype'];
$result=mysqli_query($conn,'select * from registration where username="'.$username.'" and password="'.$password.'" and usertype="'.$type.'"');
if(mysqli_num_rows($result)==1 && $type=="Student"){
session_start();
$_SESSION['user'] = $result;
header('Location: student.php');
}
else
?>
<script> alert("Account invalid!!!! Enter valid Username Password and Usertype")</script>
<?php
}
Can you post the error that you are getting...?
Plus Your code is not secure. You should use php's hash functions to match passwords and use must use PDO to avoid sql injection.
Was trying to make a student register page but the data won't insert into database and there was no error message shown so i'm not sure where the problem is. Any help is appreciated!
Here's the code:
<form onsubmit="return Add_Validate()" class="form-horizontal" action="AddStudent.php" method="POST">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button>
<h4 class="modal-title"><i class="fa fa-plus"></i> Add Student</h4>
</div>
<div class="modal-body">
<div class="form-group">
<label class="col-sm-3 control-label">Student Name </label>
<label class="col-sm-1 control-label">: </label>
<div class="col-sm-8">
<input type="text" class="form-control" id="Add_Student_Name" placeholder="Student Name" name="Student_Name1" autocomplete="off" required>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">Gender </label>
<label class="col-sm-1 control-label">: </label>
<div class="col-sm-8">
<select class="form-control" id="Add_Student_Gender" name="Student_Gender1" required>
<option value="">~~SELECT~~</option>
<option value="Male">Male</option>
<option value="Female">Female</option>
</select>
</div></div>
<div class="form-group">
<label class="col-sm-3 control-label">Address </label>
<label class="col-sm-1 control-label">: </label>
<div class="col-sm-8">
<input type="text" class="form-control" id="Add_Student_Address" placeholder="Address" name="Student_Address1" autocomplete="off" required>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">Contact Number </label>
<label class="col-sm-1 control-label">: </label>
<div class="col-sm-8">
<input type="text" class="form-control" id="Add_Contact_Number" placeholder="Contact Number" name="Contact_Number1" autocomplete="off" required>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">Email </label>
<label class="col-sm-1 control-label">: </label>
<div class="col-sm-8">
<input type="text" class="form-control" id="Add_Student_Email" placeholder="Email" name="Student_Email1" autocomplete="off" required>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">Faculty </label>
<label class="col-sm-1 control-label">: </label>
<div class="col-sm-8">
<select class="form-control" name="Add_Faculty1" id="FacultyName" required>
<option value="">~~SELECT~~</option>
<?php $query_faculty="SELECT FacultyName FROM `faculty`";
$result_faculty = mysqli_query($connect, $query_faculty) or die(mysqli_error($connect));
while($row_faculty=mysqli_fetch_array($result_faculty)) { ?>
<option value="<?php echo $row_faculty['FacultyName'] ?>"><?php echo $row_faculty['FacultyName'] ?></option>
<?php } ?></select></div></div>
<div class="form-group">
<label class="col-sm-3 control-label">Username </label>
<label class="col-sm-1 control-label">: </label>
<div class="col-sm-8">
<input type="text" class="form-control" id="Add_Student_Username" placeholder="Username" name="Student_Username1" autocomplete="off" required>
</div></div>
<div class="form-group">
<label class="col-sm-3 control-label">Password </label>
<label class="col-sm-1 control-label">: </label>
<div class="col-sm-8">
<input type="password" class="form-control" id="Add_Password" placeholder="Password" name="Student_Password1" autocomplete="off" required>
</div>
</div>
And SQL command:
<?php require 'php_action/db_connect.php';
if($_POST) {
$Student_Name= $_POST['Student_Name1'];
$Student_Gender= $_POST['Student_Gender1'];
$Student_Address= $_POST['Student_Address1'];
$Contact_Number= $_POST['Contact_Number1'];
$Student_Email= $_POST['Student_Email1'];
$FacultyName= $_POST['Add_Faculty1'];
$Student_Username= $_POST['Student_Username1'];
$Password= $_POST['Student_Password1'];
$sql = "INSERT INTO student (Student_Name,Student_Gender,Student_Address,Contact_Number,Student_Email,FacultyName,Student_Username,Password) VALUES ('$Student_Name', '$Student_Gender','$Student_Address','$Contact_Number','$Student_Email','$FacultyName','$Student_Username','$Password')";
if($connect->query($sql) === TRUE) {
echo "<SCRIPT>alert('Student successfully added!');document.location='Student_Register.php'</SCRIPT>";
}
else {
echo "<SCRIPT>alert('Student add unsuccessful!');document.location='Student_Register.php'</SCRIPT>";
}
}
$connect->close();
?>
Found the error, seems to be wrong column name, sorry the all the trouble.....
Admin please close my question.
You're not getting an error message because you never get the error message from MySQL and show it in your alert. $connect->error will contain the error message, and you can add that to your alert like this:
else {
echo "<SCRIPT>alert('Student add unsuccessful! Reason: ' + " . json_encode($connect->error) . ");document.location='Student_Register.php'</SCRIPT>";
}