I have a problem with trim, it doesnt work as i expected, when the user writes only spaces in username form ("studentname") it should write you didint fill all fields ("niste izpolnili vsa polja") and i dont know how to achieve that, sorry if question is duplicate but i didnt find the answer to fix my problem
here is the code:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>vaja 5: PHP</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container">
<form name='form' method='post'>
<label class="registracija">Registracija</label>
<div class="form-group row">
<label for="username" class="col-sm-2">Vnesi ime</label>
<div>
<input type="text" id="studentname" name="studentname">
</div>
</div>
<div class="form-group row">
<label for="password" class="col-sm-2">Vnesi geslo</label>
<div>
<input type="password" id="password1" name="password1">
</div>
</div>
<div class="form-group row">
<label for="password" class="col-sm-2">Geslo še enkrat</label>
<div>
<input type="password" id="password2" name="password2">
</div>
</div>
<div>
<input type="submit" value="Pritisni me" name="button">
</div>
</form>
</div>
<p>
<div class="container">
<?php
if (isset($_POST["button"]))
{
echo $_POST['studentname'];
}
?>
<br>
<?php
if (isset($_POST["button"])) {
$studentname = trim( $_POST['studentname'] );
$password1 = $_POST ['password1'];
$password2 = $_POST ['password2']; }
if ($_POST['studentname'] == "" || $_POST['password1'] == "" || $_POST['password2'] == "") {
echo "Niste izpolnili vsa polja";
} else
if ($_POST['password1']!= $_POST['password2']) {
echo "Gesli se ne ujemata";
} else {
echo "Registracija uspela";
}
?>
<div>
</p>
<script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
</body>
</html>
You register a variable $studentname with the trim result but you actually compare to $_POST['studentname']. Try to use $studentname === "".
if (trim($_POST['studentname']) == "" || $_POST['password1'] == "" || $_POST['password2'] == "") {
echo "Niste izpolnili vsa polja";
I would enhance the following to trim all input fields, not just the studentname
if (isset($_POST["button"])) {
$studentname = trim($_POST['studentname']);
$password1 = trim($_POST['password1']);
$password2 = trim($_POST['password2']);
}
Then make sure write your conditions on the variables, not the original POSTed values. This is the main issue in your current code.
I also rewrote your else/if to be a bit more clear.
// ensure that user submitted all fields
if (
studentname == ''
|| $password1 == ''
|| $password2 == ''
) {
echo "Niste izpolnili vsa polja";
}
// ensure that passwords match
elseif($password1 != $password2) {
echo "Gesli se ne ujemata";
}
// validations passed
else {
echo "Registracija uspela";
}
Related
Im currently working on this project for my assignment.i need to differentiate between user and admin on the login page. What changes should i made for the login page can differentiate between the user and admin ? these codes working just fine.
index.php
<?php
require_once 'php_action/db_connect.php';
session_start();
if(isset($_SESSION['userId'])) {
header('location: http://localhost/managementsystem/dashboard.php');
}
$errors = array();
if($_POST) {
$username = $_POST['username'];
$password = $_POST['password'];
if(empty($username) || empty($password)) {
if($username == "") {
$errors[] = "Username is required";
}
if($password == "") {
$errors[] = "Password is required";
}
} else {
$sql = "SELECT * FROM users WHERE username = '$username'";
$result = $connect->query($sql);
if($result->num_rows == 1) {
$password = md5($password);
// exists
$mainSql = "SELECT * FROM users WHERE username = '$username' AND password='$password'";
$mainResult = $connect->query($mainSql);
if($mainResult->num_rows == 1) {
$value = $mainResult->fetch_assoc();
$user_id = $value['user_id'];
//set session
$_SESSION['userId'] = $user_id;
header('location: http://localhost/managementsystem/dashboard.php');
} else {
$errors[] = "Incorrect Username or Password combination";
}
}else {
$errors[] = "Username does not exists";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Log-in Page</title>
<!-- bootstrap -->
<link rel="stylesheet" type="text/css" href="assets/bootstrap/css/bootstrap.min.css">
<!-- bootstrap theme -->
<link rel="stylesheet" type="text/css" href="assets/bootstrap/css/bootstrap-theme.min.css">
<!-- font awesome -->
<link rel="stylesheet" type="text/css" href="assets/font-awesome/css/font-awesome.min.css">
<!-- custom css -->
<link rel="stylesheet" href="custom/css/custom.css">
<!-- jquery -->
<script type="text/javascript" src="assets/jquery/jquery.min.js"></script>
<!-- jquery ui -->
<link rel="stylesheet" href="assets/jquery-ui/jquery-ui.min.css">
<script src="assets/jquery-ui/jquery-ui.min.js"></script>
<!-- bootstrap js -->
<script src="assets/bootstrap/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="row vertical">
<div class="col-md-5 col-md-offset-3">
<div class="panel panel-default">
<div class="panel-info">
<div class= "panel-heading text-center">
<h3 class= "panel-title">MH ALLIM Management System</h3>
</div>
<div class="panel-body">
<div class="messages">
<?php if($errors) {
foreach ($errors as $key => $value) {
echo '<div class="alert alert-warning" role="alert">
<i class="glyphicon glyphicon-exclamation-sign"></i>
'.$value.'</div>';
}
} ?>
</div>
<form class="form-horizontal" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST" id="loginForm">
<div class="form-group">
<label for="inputUser3" class="col-sm-2 control-label">Username</label>
<div class="col-sm-10">
<input type="text" class="form-control" id="username" name="username" placeholder="Username">
</div>
</div>
<div class="form-group">
<label for="password" class="col-sm-2 control-label">Password</label>
<div class="col-sm-10">
<input type="password" class="form-control" id="password" name="password" placeholder="Password">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-default"> <i class="glyphicon glyphicon-log-in"></i>
Sign in</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
Session.php
<?php
session_start();
require_once 'db_connect.php';
//echo $_SESSION['userId'];
if(!$_SESSION['userId']) {
header('location: http://localhost/managementsystem/index.php');
}
?>
should i modify the session so the normal user cannot access to the admin page ?
Thanks :)
You should have something that makes user and admin different. So, you can simply add a new column to your table with the name "role" (for example). If the user is a User, then the role will be "user". Same thing with any Admin, the role will be "admin".
And you can write the following code to your admin's page to prevent any login from unauthorized users. Use the same code with the user's page to prevent any login from any admin to the user's page "change this part to: $_SESSION['role'] != 'user')"
<?php
session_start();
require_once 'db_connect.php';
if( (empty($_SESSION['userId'])) || ($_SESSION['role'] != 'admin') ) {
echo "<script>window.open('index.php','_self');</script>";
}
else {
$userId = $_SESSION['userId'];
}
?>
Use if and else to separate it:
if(type="admin")
{
do somethg
}
else
{
do somethg
}
I have the following php code named recover.php:
<?php
include "php/init.php";
inaccessible_if_loggedIn();
if (isset($_GET['success']) === true && empty($_GET['success']) === true) {
?>
<p>succes!</p>
<?php
} else {
$allowed_modes = array('username', 'password');
if (isset($_GET['mode']) === true && in_array($_GET['mode'], $allowed_modes) === true) {
if (isset($_POST['email']) && empty($_POST['email']) === false) {
if (user_in_DB($_POST['email'])) {
// TO DO: schrijf recover functie
//recover($_GET['mode'], $_POST['email']);
header("Location: recover.php?success");
exit();
} else {
$errors[] = "email: " . $_POST['email'] . " does not exist";
}
}
include "includes/recover_form.php";
} else {
header("Location: includes/errorPages/page_not_exist.php");
exit();
}
}
?>
the html include contains a form with action recover.php
html code:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" type="text/css" href="css/signInStylesheet.css">
<title>bestBay</title>
</head>
<body>
<div class="wrapper">
<div class="header_container">
<a id="logoLink" href="index.php"><img src="images/logo.png" class="logo"></a>
</div>
<div class="register_form">
<div class="formBody">
<form action="recover.php" method="post">
<br/>
<span class="formText">E-Mail<span style="color: red">*</span></span> <input name="email" class="fillInput" type="email" maxlength="90" required>
<br/>
<br/>
<?php echo print_errors($errors); ?>
<input class="signInButton" type="submit" value="Recover">
</form>
</div>
</div>
</div>
</body>
</html>
page layout:
The problem is after the user enters a valid email my php code still redirects to "includes/errorPages/page_not_exist.php" as if the ?succes after the link is not there.
I cannot see what I am doing wrong in my code.
If I leave
else {
header("Location: includes/errorPages/page_not_exist.php");
exit();
}
empty my code seems to work.
What exactly am I missing here?
Why do you have so many php tags in your code? please remove those tags and echo success also try using elseif for the second part of your code...
?>
succes!
include "php/init.php";
inaccessible_if_loggedIn();
if (isset($_GET['success']) === true && empty($_GET['success']) === true) {
echo succes!;
} elseif {
//please also log your errors on the starting line using ini_set("display_startup_errors", 1);
ini_set("display_errors", 1);
The solution was rather simple. My code never got as far as even redirecting to the success page. This was because my form action never passed a GET variable resulting in $_GET['mode returning false'].
The simple solution was to just leave the action empty.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" type="text/css" href="css/signInStylesheet.css">
<title>bestBay</title>
</head>
<body>
<div class="wrapper">
<div class="header_container">
<a id="logoLink" href="index.php"><img src="images/logo.png" class="logo"></a>
</div>
<div class="register_form">
<div class="formBody">
<form action="" method="post">
<br/>
<span class="formText">E-Mail<span style="color: red">*</span></span> <input name="email" class="fillInput" type="email" maxlength="90" required>
<br/>
<br/>
<?php echo print_errors($errors); ?>
<input class="signInButton" type="submit" value="Recover">
</form>
</div>
</div>
</div>
</body>
</html>
I am newbie in php, kindly pardon me if I looks silly. I am still learning step by step with the help of online forums and stack community.
I have a form online which code is as below:
<?php
define('DIR_APPLICATION', str_replace('\'', '/', realpath(dirname(__FILE__))) . '/');
include(DIR_APPLICATION."config.php");
ob_start();
session_start();
$msg = 'none';
$sql = '';
if(isset($_POST['email']) && $_POST['email'] != '' && isset($_POST['password']) && $_POST['password'] != ''){
if($_POST['usertype'] == 'admin'){
//here for admin
$sql= mysql_query("SELECT * FROM admin WHERE a_email = '".make_safe($_POST['email'])."' and password = '".make_safe($_POST['password'])."'",$link);
}
else if($_POST['usertype'] == 'teacher'){
//here for teacher
$sql= mysql_query("SELECT * FROM teacher WHERE t_email = '".make_safe($_POST['email'])."' and t_password = '".make_safe($_POST['password'])."'",$link);
}
else if($_POST['usertype'] == 'student'){
//here for student
$sql= mysql_query("SELECT * FROM student WHERE s_email = '".make_safe($_POST['email'])."' and s_password = '".make_safe($_POST['password'])."'",$link);
}
else if($_POST['usertype'] == 'parents'){
//here for parent
$sql= mysql_query("SELECT * FROM parent WHERE p_email = '".make_safe($_POST['email'])."' and p_password = '".make_safe($_POST['password'])."'",$link);
}
else if($_POST['usertype'] == 'librarian'){
//here for employee
$sql= mysql_query("SELECT * FROM user WHERE u_email = '".make_safe($_POST['email'])."' and u_password = '".make_safe($_POST['password'])."'",$link);
}
else if($_POST['usertype'] == 'accountant'){
//here for employee
$sql= mysql_query("SELECT * FROM user WHERE u_email = '".make_safe($_POST['email'])."' and u_password = '".make_safe($_POST['password'])."'",$link);
}
if($row = mysql_fetch_array($sql)){
//here success
$_SESSION['objLogin'] = $row;
$_SESSION['login_type'] = $_POST['usertype'];
if($_POST['usertype'] == 'admin'){
header("Location: dashboard.php");
die();
}
else if($_POST['usertype'] == 'teacher'){
header("Location: t_dashboard.php");
die();
}
else if($_POST['usertype'] == 'student'){
header("Location: s_dashboard.php");
die();
}
else if($_POST['usertype'] == 'parents'){
header("Location: p_dashboard.php");
die();
}
else if($_POST['usertype'] == 'accountant'){
header("Location: a_dashboard.php");
die();
}
else if($_POST['usertype'] == 'librarian'){
header("Location: l_dashboard.php");
die();
}
}
else{
$msg = 'block';
}
}
function make_safe($variable)
{
$variable = strip_tags(mysql_real_escape_string(trim($variable)));
return $variable;
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>SITE TITLE | Log in</title>
<!-- Tell the browser to be responsive to screen width -->
<meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
<!-- Bootstrap 3.3.5 -->
<link rel="stylesheet" href="bootstrap/css/bootstrap.min.css">
<!-- Font Awesome -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css">
<!-- Ionicons -->
<link rel="stylesheet" href="https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css">
<!-- Theme style -->
<link rel="stylesheet" href="dist/css/AdminLTE.min.css">
<!-- iCheck -->
<link rel="stylesheet" href="plugins/iCheck/square/blue.css">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/html5shiv/3.7.3/html5shiv.min.js"></script>
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body class="hold-transition login-page">
<div class="login-box">
<div class="login-logo">
<b>SITE</b> TITLE
</div>
<!-- /.login-logo -->
<div class="login-box-body">
<p class="login-box-msg">Sign in to start your session</p>
<form onSubmit="return validationForm();" role="form" id="form" method="post">
<div class="form-group has-feedback">
<input type="email" name="email" id="email" class="form-control" placeholder="Email">
<span class="glyphicon glyphicon-envelope form-control-feedback"></span>
</div>
<div class="form-group has-feedback">
<input type="password" name="password" id="password" class="form-control" placeholder="Password">
<span class="glyphicon glyphicon-lock form-control-feedback"></span>
</div>
<div class="form-group has-feedback">
<select class="form-control" name="usertype" id="usertype">
<option value="-1">-- Select User Type --</option>
<option value="admin">Admin</option>
<option value="teacher">Teacher</option>
<option value="student">Student</option>
<option value="parents">Parents</option>
<option value="accountant">Accountant</option>
<option value="librarian">Librarian</option>
</select>
</div>
<div class="row">
<div class="col-xs-8">
Forget Password?<br>
</div>
<!-- /.col -->
<div class="col-xs-4">
<button type="submit" id="login" class="btn btn-primary btn-block btn-flat">Sign In</button>
</div>
<!-- /.col -->
</div>
</form>
</div>
<!-- /.login-box-body -->
</div>
<!-- /.login-box -->
<!-- jQuery 2.2.0 -->
<script src="plugins/jQuery/jQuery-2.2.0.min.js"></script>
<!-- Bootstrap 3.3.5 -->
<script src="bootstrap/js/bootstrap.min.js"></script>
<!-- iCheck -->
<script src="plugins/iCheck/icheck.min.js"></script>
<script>
$(function () {
$('input').iCheck({
checkboxClass: 'icheckbox_square-blue',
radioClass: 'iradio_square-blue',
increaseArea: '20%' // optional
});
});
</script>
<script type="text/javascript">
function validationForm(){
if($("#email").val() == ''){
alert("Email Required !!!");
$("#email").focus();
return false;
}
else if($("#password").val() == ''){
alert("Password Required !!!");
$("#password").focus();
return false;
}
else if($("#usertype").val() == '-1'){
alert("Select User Type !!!");
return false;
}
else{
return true;
}
}
</script>
<!-- SCRIPTS -AT THE BOTOM TO REDUCE THE LOAD TIME-->
<!-- JQUERY SCRIPTS -->
<script src="assets/js/jquery-1.10.2.js"></script>
<!-- BOOTSTRAP SCRIPTS -->
<script src="assets/js/bootstrap.min.js"></script>
</body>
</html>
This form works perfectly.
But my issue is I am creating an android form for this online version where I need a json response. So I tried the following in the browser:
mydomain.com/index.php?email=user#example.com&password=mypass&usertype=student
This results in the same page.
I am confused why this is not entering the page.
I can understand that somewhere I am wrong but can't figure it out.
Kindly help please.
As #Akhil #Vijay and #MiguelJimenez suggested
I changed $_POST to $_REQUEST and it worked like a charm
So, if any one getting stuck in this issue this might help you guys hopefully.
I am writing a log in script for a site, I have most things working except on a validation mysqli query the else tatement is not being accessed and I cannot figure out how to resolve it, the code below is the index page that has the html and then the php script that is called, All of the php validation works except for the bit of script that validates all the input fields match the database fields, i can get the validation side of the if statement to work and it sends me to the relevent page, the problem is that if the validation in the first part of the if statement shows invalid it doesnt then pass to the else statement, all i get is a blank white page and it is the same as the php page doing the validation not the page i need it to go too. Any help would be most appreciated.
HTML CODE ***********
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Dot Mov Home</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link href="/styles/home.css" rel="stylesheet" type="text/css">
<!--The following script tag downloads a font from the Adobe Edge Web Fonts server for use within the web page. We recommend that you do not modify it.-->
<script>var __adobewebfontsappname__="dreamweaver"</script>
<script src="http://use.edgefonts.net/lemon:n4:default.js" type="text/javascript"></script>
<script src="/js/civem.js"></script>
<script type='text/javascript' src='http://code.jquery.com/jquery.min.js'></script>
<script src="http://code.jquery.com/jquery-1.7.min.js"></script>
<script src="/js/pswrd_strength.js"></script>
<script src="/js/email_dbvalidate.js"></script>
<script src="/js/username_dbvalidate.js"></script>
<script src="/js/confirm_password__dbvalidate.js"></script>
<script type="text/javascript">
function SwapDivsWithClick(div1,div2)
{
d1 = document.getElementById(div1);
d2 = document.getElementById(div2);
if( d2.style.display == "none" )
{
d1.style.display = "none";
d2.style.display = "block";
}
else
{
d1.style.display = "block";
d2.style.display = "none";
}
}
</script>
</head>
<body>
<div id="video_container">
<video muted autoplay loop >
<source src="/video/South Dakota Badlands Scenic Byway 720p (Video Only)_1.3gp" type="video/3gp">
<source src="/video/South Dakota Badlands Scenic Byway 720p (Video Only).webm" type="video/webm">
<source src="/video/South Dakota Badlands Scenic Byway 720p.ogg" type="video/ogg">
Your browser does not support the video tag. I suggest you upgrade your browser. </video>
</div>
<header>
<div class="upload">UPLOAD</div>
<div class="view">VIEW</div>
<div class="spacer1"></div>
<div class="search_bar">
<form action="/search_results.php" method="post" name="search_database" autocomplete="on">
<input type="text" class="search" placeholder="Search">
</form>
</div>
<div class="logo_text">.MOV </div>
<div class="tagline">Motorcycle Online Video</div>
</a></header>
<main>
<div id="login" style="display:block">
<form method="post" action="includes/login.inc.php" id="loginform">
<input name="email" type="email" id="email" form="loginform" placeholder="Please Enter Your Email">
<input name="password" type="password" id="password" form="loginform" placeholder="Please Enter Your Password" title="Please Enter Your Password">
<div class="submit_buttons">
<input type="submit" class="login_btn" form="loginform" formaction="includes/login.inc.php" title="Login" value="Login">
<div class="join_but">Or Join</div>
</div>
<div id="forgotten_password">Forgotten Password</div>
<div class="login_statements">
<div class="statement1">
<div class="by_joining">By Joining</div>
<div class="dot_mov">.MOV</div>
<div class="agree">You agree to our</div>
</div>
<div class="statement2">
<div class="terms_link">Terms of Service</div>
<div class="and">and</div>
<div class="service_link">Privacy Policy</div>
</div>
</div>
<div class="facebook_login">
<div class="facebook_icon"><img src="images/fb.png" class="fb_icon"></div>
<div class="fb_link">Login with FaceBook </div>
</div>
</form>
</div>
</div>
<div id="join" style="display: none;">
<form action="includes/register.inc.php" method="post" id="joinform">
<input name="name2" type="text" id="name2" form="joinform" placeholder="Please Enter Your Username" title="Please Enter Your Username">
<div id="user-name">
<h4>Username must meet the following requirements!<br>If you have forgotten your Password, click on "Forgotten Password"!</h4>
<div id="name_result"></div>
<div id="name_length" class="invalid">At least <strong>6 letters</strong></div>
</div>
<input name="email2" type="email" id="email2" form="joinform" placeholder="Please Enter Your Email" title="Please Enter a Valid Email">
<div id="user-email">
<h4>Email must be a valid Email format!<br>If the Email exists, Either Login using the Username the Email was setup with or check your Email is correct!</h4>
<div id="email_result">
<div id="email_validate" class="invalid">Email Valid</div>
<div id="emaildb_validate"></div>
</div>
</div>
<input name="password2" type="password" id="password2" form="joinform" placeholder="Please Enter Your Password" title="Please Enter Your Password">
<div id="pswd_info">
<h4>Password must meet the following requirements!<br>If the Password doesnt meet the requirements you will be required to fill in the form again!</h4>
<ul id="pswd_list">
<li id="letter" class="invalid">At least <strong>one letter</strong></li>
<li id="capital" class="invalid">At least <strong>one capital letter</strong></li>
<li id="number" class="invalid">At least <strong>one number</strong></li>
<li id="length" class="invalid">Be at least <strong>8 characters</strong></li>
</ul>
</div>
<input name="confirm_password2" type="password" id="confirm_password2" form="joinform" placeholder="Please Confirm Your Password" title="Please Confirm Your Password">
<div id="user-confirm_password">
<h4>Please Confirm Password<br>If the Passwords do not match, you wil be required to fill in the form again!</h4>
<div id="error" class="error"></div>
<div id="confirm_match" class="invalid">Passwords Match</div>
</div>
<div class="submit_buttons2">
<input name="join_btn2" type="submit" id="join_btn2" form="joinform" formaction="includes/register.inc.php" " formmethod="POST" title="Join" value="Join">
<div class="join_btn2">Or Login</div>
</div>
<div class="login_statements2">
<div class="statement1">
<div class="by_joining">By Joining</div>
<div class="dot_mov">.MOV</div>
<div class="agree">You agree to our</div>
</div>
<div class="statement2">
<div class="terms_link">Terms of Service</div>
<div class="and">and</div>
<div class="service_link">Privacy Policy</div>
</div>
</div>
<div class="facebook_login2">
<div class="facebook_icon"><img src="images/fb.png" class="fb_icon"></div>
<div class="fb_link">Login with FaceBook </div>
</div>
</form>
</div>
</div>
</div>
<div class="scroll_container">
<a data-scroll href="#body2"><div class="scroll_link">
<div class="arrow"><img src="/images/arrow.png" alt="" class="arrow_icon"/></div>
<div class="arrow3"><img src="/images/arrow.png" alt="" class="arrow_icon"/></div>
Scroll Down</div></a>
</div>
</main>
<div class="body2" id="body2">
<div class="vid_grid">
<div class="top_section">
<div class="top_left_quarter"></div>
<div class="top_right_quarter">
<div class="top_right_left_quarter"></div>
<div class="top_right_right_quarter"></div>
<div class="top_right_bottom_left"></div>
<div class="top_right_bottom_right"></div>
</div>
</div>
<div class="bottom_section">
<div class="bottpm_left_top"></div>
<div class="bottpm_left_bottom"></div>
<div class="bottom_middle"></div>
<div class="bottom_left_quarter"></div>
<div class="bottom_right_quarter"></div>
<div class="bottom_right_top"></div>
<div class="bottom_right_bottom"></div>
</div>
<div class="staff_picks">Staff Picks </div>
</div>
</div>
<footer class="footer">
<div id="breadcrumbs">Terms | Privacy | About Us | Copyright | Cookies | ® © 2015</div><img src="/images/.mov.png" alt="" width="42" height="14" class="logo"/>
<div class="social_media"><img src="/images/fb.png" alt="" width="30" height="30" class="fbicon"/><img src="/images/twitter.png" alt="" width="32" height="32" class="twittericon"/><img src="/images/googleplus.png" alt="" width="32" height="32" class="googleplusicon"/></div>
</footer>
<script src="/js/smooth-scroll.js"></script>
<script src="/js/smooth-scroll.min.js"></script>
<script type="text/javascript">
smoothScroll.init({
speed: 1000,
easing: 'easeInOutCubic',
offset: 0,
updateURL: true,
callbackBefore: function ( toggle, anchor ) {},
callbackAfter: function ( toggle, anchor ) {}
});
</script>
</body>
</html>
PHP ***************
<?php
include_once 'db_connect.php';
include_once 'functions.php';
sec_session_start();
$emailErr = $passwordErr = $password_matchErr = $email_exsistErr = '';
$email = $name = $password = $confirm_password = '';
if (isset($_POST['name2'], $_POST['email2'], $_POST['paswword2'], $_POST['confirm_password2'])) {
$error_msg .= "please fill in the form";
} else {
// Sanitize the data passed in 'name'
$name = filter_input(INPUT_POST, 'name2', FILTER_SANITIZE_STRING);
// Sanitize the data passed in 'email'
$email = filter_input(INPUT_POST, 'email2', FILTER_SANITIZE_EMAIL);
// validate the data passed in 'email'
$email = filter_var($email, FILTER_VALIDATE_EMAIL);
// check if email is valid
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
// Not a valid email
$emailErr = "The email address you entered is not valid";
}
//Sanitize the data passed in 'password'
$password = filter_input(INPUT_POST, 'password2', FILTER_SANITIZE_STRING);
//validate the data passed in 'password'
if (preg_match("/^.*(?=.{8,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/", $password)) {
} else {
$passwordErr = "Password is invalid!<br>Please ensure your password is formatted as described when filling in the form!";
}
//Sanitize the data passed in 'confirm_password'
$confirm_password = filter_input(INPUT_POST, 'confirm_password2', FILTER_SANITIZE_STRING);
//check that password and confirm password match
if ($password != $confirm_password) {
// error matching passwords
$confirm_passwordErr = "Your passwords do not match.<br>Please type carefully.";
}
$results = $mysqli->query("SELECT * FROM signed_up WHERE email = `'$email'");`
while($row = $results->fetch_assoc()) {
if ($row["name"] == $name && $row["email"] == $email && $row["password"] == $password) {
$regErr = 'User Already Exsists!<br>Please Login';
$_SESSION['regErr'] = $regErr;
header('location: ../login.php');
} else {
//if ($emailErr == '' && $passwordErr == '' && $password_matchErr == '' && $email_exsistErr =='') {
echo '15';
$_SESSION['emailErr'] = $emailErr;
$_SESSION['passwordErr'] = $passwordErr;
$_SESSION['confirm_passwordErr'] = $confirm_passwordErr;
$_SESSION['email_exsistErr'] = $email_exsistErr;
header('Location: ../join.php');
exit();
}
}
}
//}
?>
This is the section of code where the issue is ***********
$results = $mysqli->query("SELECT * FROM signed_up WHERE email = '$email'");
while($row = $results->fetch_assoc()) {
if ($row["name"] == $name && $row["email"] == $email && $row["password"] == $password) {
$regErr = 'User Already Exsists!<br>Please Login';
$_SESSION['regErr'] = $regErr;
header('location: ../login.php');
} else {
//if ($emailErr == '' && $passwordErr == '' && $password_matchErr == '' && $email_exsistErr =='') {
echo '15';
$_SESSION['emailErr'] = $emailErr;
$_SESSION['passwordErr'] = $passwordErr;
$_SESSION['confirm_passwordErr'] = $confirm_passwordErr;
$_SESSION['email_exsistErr'] = $email_exsistErr;
header('Location: ../join.php');
exit();
}
}
}
//}
?>
edited code that now works ***********************
$results = $mysqli->query("SELECT * FROM signed_up WHERE email = '$email'");
while($row = $results->fetch_assoc()) {
if ($row["name"] == $name && $row["email"] == $email && $row["password"] == $password) {
$regErr = 'User Already Exsists!<br>Please Login';
$_SESSION['regErr'] = $regErr;
header('location: ../login.php');
}else{
$_SESSION['emailErr'] = $emailErr;
$_SESSION['passwordErr'] = $passwordErr;
$_SESSION['confirm_passwordErr'] = $confirm_passwordErr;
$_SESSION['email_exsistErr'] = $email_exsistErr;
header('Location: ../join.php');
exit();
}
}
}
Put your validation directly into SQL
$results = $mysqli->query("SELECT count(*) FROM signed_up WHERE email = '$email' AND name = '$name'");
if ($result->fetchColumn()){
echo "User already exists";
}else{
echo "New user";
}
I'm unable to solve the logical error in the code. I'm not sure what is wrong though it seems the logic is correct
This is my php:
<?php require_once("includes/connection.php"); ?>
<?php
include_once("includes/form_functions.php");
if(isset($_POST['submit']))
{
$errors = array();
if(isset($_POST['txtSpace']))
{
$choice_spc_port = $_POST["txtSpace"];
}
if(isset($_POST['txtNumber']))
{
$choice_no = $_POST["txtNumber"];
}
if(isset($_POST['txtLocation']))
{
$choice_loc = $_POST["txtLocation"];
if($choice_loc =="txtSetXY")
{
$x = $_POST["txtXLocation"];
$y = $_POST["txtYLocation"];
if($x == "")
{
$message = "You forgot to enter X Value";
}
elseif($y == "")
{
$message = "You forgot to enter Y Value";
}
else
{
$choice_loc = $x . "," . $y;
}
}
}
$user_name = $_POST["txtUserName"];
$user_email = $_POST["txtUserEMail"];
$animal_name = $_POST["txtAnimalName"];
$disp_msg = $_POST["txtDispMsg"];
$comments = $_POST["txtComments"];
if(!isset($_POST['txtSpace']))
{
$message = "Please select Space Portion";
}
elseif(!isset($_POST['txtNumber']))
{
$message = "Please select the number of animals";
}
elseif(!isset($_POST['txtLocation']))
{
$message = "Please select the desired location of animal";
}
elseif($user_name == "")
{
$message = "Please enter your name.";
}
elseif($user_email == "")
{
$message = "Please enter your email.";
}
elseif($animal_name == "")
{
$message = "Please enter the name of the animal.";
}
elseif($disp_msg == "")
{
$message = "What message you want to dedicate to the animal?.";
}
else
{
// validation
$required_fields = array('txtUserName','txtUserEMail','txtAnimalName','txtDispMsg');
$errors = array_merge($errors, check_required_fields($required_fields, $_POST));
$user_name = trim(mysql_prep($_POST['txtUserName']));
$user_email = trim(mysql_prep($_POST['txtUserEMail']));
$animal_name = trim(mysql_prep($_POST['txtAnimalName']));
$disp_msg = trim(mysql_prep($_POST['txtDispMsg']));
if(empty($errors))
{
/*if($choice_loc == "txtSetXY")
{
$x = $_POST["txtXLocation"];
$y = $_POST["txtYLocation"];
$choice_loc = $x . "," . $y;
}*/
if($choice_no == "other")
{
$choice_no = $_POST["other_field"];
}
$insert = "INSERT INTO db_form (db_space_portion, db_number, db_location, db_user_name, db_user_email, db_animal_name, db_message, db_comments) VALUES ('{$choice_spc_port}', '{$choice_no}', '{$choice_loc}', '{$user_name}', '{$user_email}','{$animal_name}','{$disp_msg}','{$comments}')";
$result = mysql_query($insert);
if($result)
{
echo("<br>Input data is succeed");
}
else
{
$message = "The data cannot be inserted.";
$message .= "<br />" . mysql_error();
}
}
else
{
if(count($errors) == 1)
{
$message = "There was 1 error on the form.";
}
else
{
$message = "There were " . count($errors) ." errors on the form.";
}
}
}
}
else
{
$user_name = "";
$user_email = "";
$disp_msg = "";
$comments = "";
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Test Form</title>
<meta charset="utf-8">
<link rel="stylesheet" href="css/reset.css" type="text/css" media="all">
<link rel="stylesheet" href="css/layout.css" type="text/css" media="all">
<link rel="stylesheet" href="css/style.css" type="text/css" media="all">
<script type="text/javascript" src="js/jquery-1.9.0.min.js" ></script>
<script type="text/javascript" src="js/cufon-yui.js"></script>
<script type="text/javascript" src="js/cufon-replace.js"></script>
<script type="text/javascript" src="js/Copse_400.font.js"></script>
<script type="text/javascript" src="js/imagepreloader.js"></script>
<script type="text/javascript" src="js/functions.js"></script>
<!--[if lt IE 9]>
<script type="text/javascript" src="js/ie6_script_other.js"></script>
<script type="text/javascript" src="js/html5.js"></script>
<![endif]-->
</head>
<body id="page5">
<!-- START PAGE SOURCE -->
<div class="body7">
<div class="main">
<section id="content">
<div class="wrapper">
<article class="col24">
<div class="pad1">
<h4>Kindly Fill the form</h4>
<?php if(!empty($message)){ echo $message; } ?>
<?php if(!empty($errors)){ echo display_errors($errors);}?>
<form id="TestForm" name="TestForm" method="post" action="form.php">
<div>
<div class="wrapper"> <strong><span>*</span> Desired Space</strong>
<div class="formText">
<input type="radio" name="txtSpace" value="RJ"/>Space Top<br />
<input type="radio" name="txtSpace" value="SM" />Space Bottom<br />
</div>
</div>
<div class="wrapper"> <strong><span>*</span> Select the Number</strong>
<div class="formText">
<input type="radio" name="txtNumber" value="100"/>100
<input type="radio" name="txtNumber" value="200"/>200
<input type="radio" name="txtNumber" value="500"/>500
<input type="radio" name="txtNumber" value="1000"/>1000
<input type="radio" name="txtNumber" value="10000"/>10000
<input type="radio" name="txtNumber" value="other"/>other
<input type="text" name="other_field" id="other_field" onblur="checktext(this);"/>
</div>
</div>
<div class="wrapper"> <strong><span>*</span> Select X & Y Value</strong>
<div class="formText">
<input type="radio" name="txtLocation" value="txtSetXY"/> Specify Photo Location<br />
<div style="padding-left:20px;">
X: <input type="text" id="locField" name="txtXLocation"><br />
Y: <input type="text" id="locField" name="txtYLocation"><br />
</div>
<input type="radio" name="txtLocation" value="Default"/>Default
</div>
</div>
<div class="wrapper"> <strong><span>*</span> Your Name:</strong>
<div class="bg">
<input type="text" class="input" name="txtUserName">
</div>
</div>
<div class="wrapper"> <strong><span>*</span> Your Email:</strong>
<div class="bg">
<input type="text" class="input" name="txtUserEMail">
</div>
</div>
<div class="wrapper"> <strong><span>*</span> Name of the animal:</strong>
<div class="bg">
<input type="text" class="input" name="txtAnimalName">
</div>
</div>
<div class="wrapper">
<div class="textarea_box"> <strong><span>*</span> The Message you want for your favourite animal:</strong>
<textarea name="txtDispMsg" cols="1" rows="1"></textarea>
</div>
</div>
<div class="wrapper">
<div class="textarea_box"> <strong>Comments:</strong>
<textarea name="txtComments" cols="1" rows="1"></textarea>
</div>
</div>
<input type="submit" name="submit" value="Submit">
</div>
</form>
</div>
</article>
</div>
</section>
</div>
</div>
</body>
</html>
Errors:
Check this php fiddle here.
line 25. This is never shown even if I leave x textfield blank
$message = "You forgot to enter X Value";
same is with line 29. This is never shown even if I leave y textfield blank
$message = "You forgot to enter Y Value";
However if I enter the values in x and y textfield i.e. in txtXLocation and in txtYLocation they are being saved in db meaning it is just not checking the validation.
Thanks in advance
make sure you have connection.php file in includes folder and you have given correct path to reach that file.