I wrote a code to show the return variable value at some specific location in HTML paragraph tag without using AJAX.
I wrote below code for that but its not working for me.
<?php
$Success = "";
$Failed = "";
?>
<br><br>
<center>
<h3>Already a user? Log in:</h3>
<p style="color:green;"><?php echo $Success; ?></p>
<p style="color:red;"><?php echo $Failed; ?></p>
<form action="" method="POST">
<div>Username:</div> <input type="text" name="username">
<div>Password:</div> <input type="password" name="password">
<br><br>
<input type="submit" value="Log In" name="login">
</form>
</center>
<?php
if(isset($_POST['login']))
{
if( !empty($_POST['username']) && !empty($_POST['password']) )
{
$Success = "Thanks.";
}
else
{
$Failed = "You must supply a username and password.";
}
}
?>
Php scripts compiled line by line, So you must assign variable before using those. You can use this:
<?php
$Success = "";
$Failed = "";
if(isset($_POST['login']))
{
if( !empty($_POST['username']) && !empty($_POST['password']) )
{
$Success = "Thanks.";
}
else
{
$Failed = "You must supply a username and password.";
}
}
?>
<br><br>
<center>
<h3>Already a user? Log in:</h3>
<p style="color:green;"><?php echo $Success; ?></p>
<p style="color:red;"><?php echo $Failed; ?></p>
<form action="" method="POST">
<div>Username:</div> <input type="text" name="username">
<div>Password:</div> <input type="password" name="password">
<br><br>
<input type="submit" value="Log In" name="login">
</form>
</center>
Related
I need to create a form, which will check if the input is empty or not. If it is empty there should be a text like "Required field". There is a notice saying, that surName has an undefined index.
Here is my PHP code
<?php
$name_error="";
$sname_error="";
$f_name="";
$s_name="";
if (isset($_POST['submit_button'])) {
if ($_POST['firstName']!=='') {
$f_name=$_POST['firstName'];
}
else {
$name_error="Required Field *";
}
}
if ($_POST['surName']!=='') {
$s_name=$_POST['surName'];
}
else {
$sname_error="Please fill this out";
}
?>
<html>
<head>
<title>Registration form</title>
</head>
<body>
<div class="head">
<p>Registration Form</p>
</div>
<form action="Register/final.php" method="POST">
<label for="firstName">First Name</label><br>
<input type="text" name="firstName" placeholder="First Name" value="<?php echo $f_name; ?>"><br><br>
<p style="color: red;"><?php echo $name_error; ?></p>
<label for="surName">Last Name</label><br>
<input type="text" name="surName" placeholder="Last Name" value="<?
php echo $s_name;?>"><br><br>
<p style="color: red;"><?php echo $sname_error;?></p>
</form>
</body>
</html>
well for starters, you could use the built-in HTML5 input validator required
<input type="text" required>
This will provide that nice user message on submit asking them to please fill out that field.
Secondly, you can check on the server using empty instead of if ($_POST['surName']!=='')
if ( !empty($_POST['surName']) ) {
// your logic here
}
The functionality is basically there already...
I guess the } bracket for if (isset($_POST['submit_button'])) { should be just before ?>
There is missing something like <input type="submit" name="submit_button" value="Register">
And considering what Jeff Puckett II says
So, if I do the changes 1 and 2 to your code, it might look like this:
<?php
$name_error="";
$sname_error="";
$f_name="";
$s_name="";
if (isset($_POST['submit_button'])) {
if ($_POST['firstName']!=='') {
$f_name = $_POST['firstName'];
} else {
$name_error="Required Field *";
}
if ($_POST['surName']!=='') {
$s_name = $_POST['surName'];
} else {
$sname_error="Please fill this out";
}
}
?>
<html>
<head>
<title>Registration form</title>
</head>
<body>
<div class="head">
<p>Registration Form</p>
</div>
<form action="Register/final.php" method="POST">
<label for="firstName">First Name</label><br>
<input type="text" name="firstName" placeholder="First Name" value="<?php echo $f_name; ?>"><br><br>
<p style="color: red;"><?php echo $name_error; ?></p>
<label for="surName">Last Name</label><br>
<input type="text" name="surName" placeholder="Last Name" value="<?php echo $s_name;?>"><br><br>
<p style="color: red;"><?php echo $sname_error;?></p>
<input type="submit" name="submit_button" value="Send">
</form>
</body>
</html>
It is because you've put the surName validation outsite of submit conditional;
`
if (isset($_POST['submit_button'])) {
if ($_POST['firstName']!=='') {
$f_name=$_POST['firstName'];
}else{
$name_error="Required Field *";
}
if ($_POST['surName']!=='') {
$s_name=$_POST['surName'];
}
else{
$sname_error="Please fill this out";
}
}
?>`
Your can improve this a little bit by using an associative array like this errors = array(); and then $errors['surName'] = "this is field is required";
You don't have a submit button. Another thing is that you didn't use your if statement of $_POST['surName'] after submit. You can use it like this :
<?php
error_reporting(1);
$name_error = "";
$sname_error = "";
$f_name = "";
$s_name = "";
if (isset($_POST['submit_button']))
{
if ($_POST['firstName'] != '')
{
$f_name = $_POST['firstName'];
}
else
{
$name_error = "Required Field *";
}
if ($_POST['surName'] != '')
{
$s_name = $_POST['surName'];
}
else
{
$sname_error = "Please fill this out";
}
}
?>
<html>
<head>
<title>Registration form</title>
</head>
<body>
<div class="head">
<p>Registration Form</p>
</div>
<form action="Register/final.php" method="POST">
<label for="firstName">First Name</label><br>
<input type="text" name="firstName" placeholder="First Name" value="<?php echo $f_name; ?>"><br><br>
<p style="color: red;"><?php echo $name_error; ?></p>
<label for="surName">Last Name</label><br>
<input type="text" name="surName" placeholder="Last Name" value="<?php echo $s_name;?>"><br><br>
<p style="color: red;"><?php echo $sname_error;?></p>
<input type="submit" name="submit_button" value="Register">
</form>
</body>
</html>
The following code does not work as intended, when the submit button of the form is clicked it with no data entered it goes to blog.php instead of showing the error above the form?
<?php
session_start();
include_once('connection.php');
if (isset($_SESSION['logged_in'])){
//display index
} else {
if (isset($_POST['username'], $_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
if (empty($username) or empty($password)) {
$error = 'All fields are required!';
}
}
}
?>
linked with the following html form
<?php if (isset($error)) { ?>
<small style="color:#aa0000;"><?php echo $error; ?> </small>
<?php } ?>
<form action="blog.php" method="post">
<input type="text" name="username" placeholder="username" />
<input type="password" name="password" placeholder="password" />
<input type="submit" value="login" />
</form>
If the actual validation is being done in admin.php, shouldn't the action be pointing to admin.php?
<?php if (isset($error)) { ?>
<small style="color:#aa0000;"><?php echo $error; ?> </small>
<?php } ?>
<form action="admin.php" method="post">
<input type="text" name="username" placeholder="username" />
<input type="password" name="password" placeholder="password" />
<input type="submit" value="login" />
</form>
My code is below. It's working fine, but i want it not to display form again after the errors were found. How can it be done?
This is a single page, username validation program i just want to know why form is displayed again after, and how will i solve it.
<?php require'function.php'; ?>
<?php
$errors = array();
$username = "";
$password = "";
$msg = "Please Log in.";
?>
<?php if (isset($_POST['submit']))
{
$username = $_POST['username'];
$password = $_POST['password'];
if($username != "rish" && $password != "password"){
$msg = "Try again.";
$errors['cred'] = "Wrong Credentials.";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Single Page Form</title>
</head>
<body>
<?php
echo display_error($errors);
?>
<?php echo $msg ?>
<form action="singleform.php" method="post">
Username: <input type="text" name="username" value="<?php echo htmlspecialchars($username); ?>"><br>
Password: <input type="password" name="password" value="<?php echo "" ?>"><br>
<input type="submit" name="submit" value="Submit">
</form>
</body>
</html>
You can do verifying if the $_POST data is empty. If was not empty, the users just load the page.
Can be do like code below:
<?php if(empty($_POST)):?>
<form action="singleform.php" method="post">
Username: <input type="text" name="username" value="<?php echo htmlspecialchars($username); ?>"><br>
Password: <input type="password" name="password" value="<?php echo "" ?>"><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php endif;?>
user isset ,, if the error initializes then it won't be displayed
<? if (!isset($errors['cred'])) { ?>
<form action="singleform.php" method="post">
Username: <input type="text" name="username" value="<?php echo htmlspecialchars($username); ?>"> <br>
Password: <input type="password" name="password" value="<?php echo "" ?>"><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php } ?>
Ok I am trying to create a simple login here but my login code as well as the intropage wont work properly. Tried to tweak the code for SESSION but find no luck.
Here's the code for my login.php:
<?php require_once("includes/connection.php"); ?>
<?php include("includes/header.php"); ?>
<?php
if(isset($_POST["login"])){
if(!empty($_POST['username']) && !empty($_POST['password'])) {
$username=$_POST['username'];
$password=$_POST['password'];
$query=mysql_query("SELECT * FROM usertbl WHERE username='".$username."' AND password='".$password."'");
$numrows=mysql_num_rows($query);
if($numrows!=0)
{
while($row=mysql_fetch_assoc($query))
{
$dbusername=$row['username'];
$dbpassword=$row['password'];
}
if($username == $dbusername && $password == $dbpassword)
{
session_start();
$_SESSION['session_username']=$username;
/* Redirect browser */
header("Location: intropage.php");
}
} else {
$message = "Invalid username or password!";
}
} else {
$message = "All fields are required!";
}
}
?>
<div class="container mlogin">
<div id="login">
<h1>LOGIN</h1>
<form name="loginform" id="loginform" action="" method="POST">
<p>
<label for="user_login">Username<br />
<input type="text" name="username" id="username" class="input" value="" size="20" /></label>
</p>
<p>
<label for="user_pass">Password<br />
<input type="password" name="password" id="password" class="input" value="" size="20" /></label>
</p>
<p class="submit">
<input type="submit" name="login" class="button" value="Log In" />
</p>
<p class="regtext">No account yet? <a href="register.php" >Register Here</a>!</p>
</form>
</div>
</div>
<?php include("includes/footer.php"); ?>
<?php if (!empty($message)) {echo "<p class=\"error\">" . "MESSAGE: ". $message . "</p>";} ?>
Then for here's the code for my intropage.php where in I redirect the page.
<?php
session_start();
if(!isset($_SESSION["session_username"])){
header("location:login.php");
} else {
?>
<?php include("includes/header.php"); ?>
<h2>Welcome, <?php echo $_SESSION['session_username'];?>! </h2>
<p>Logout Here!</p>
<?php
}
?>
Any help please? Just wanna make this work or if anything you can tweak so that I can find where I made a mistake. A big thanks!
You need to check if the session name is set inside all pages using if(isset($_SESSION["session_username"]))
login.php
<?php
error_reporting(E_ALL); ini_set('display_errors', 1);
session_start();
?>
<?php require_once("includes/connection.php"); ?>
<?php include("includes/header.php"); ?>
<?php
if(isset($_SESSION["session_username"])){
// echo "Session is set"; // for testing purposes
header("Location: intropage.php");
}
else{
echo "You are not logged in.";
}
if(isset($_POST["login"])){
if(!empty($_POST['username']) && !empty($_POST['password'])) {
$username=$_POST['username'];
$password=$_POST['password'];
$query =mysql_query("SELECT * FROM usertbl WHERE username='".$username."' AND password='".$password."'");
$numrows=mysql_num_rows($query);
if($numrows!=0)
{
while($row=mysql_fetch_assoc($query))
{
$dbusername=$row['username'];
$dbpassword=$row['password'];
}
if($username == $dbusername && $password == $dbpassword)
{
// old placement
// session_start();
$_SESSION['session_username']=$username;
/* Redirect browser */
header("Location: intropage.php");
}
} else {
// $message = "Invalid username or password!";
echo "Invalid username or password!";
}
} else {
$message = "All fields are required!";
}
}
?>
<div class="container mlogin">
<div id="login">
<h1>LOGIN</h1>
<form name="loginform" id="loginform" action="" method="POST">
<p>
<label for="user_login">Username<br />
<input type="text" name="username" id="username" class="input" value="" size="20" /></label>
</p>
<p>
<label for="user_pass">Password<br />
<input type="password" name="password" id="password" class="input" value="" size="20" /></label>
</p>
<p class="submit">
<input type="submit" name="login" class="button" value="Log In" />
</p>
<p class="regtext">No account yet? <a href="register.php" >Register Here</a>!</p>
</form>
</div>
</div>
Footnotes:
Your present code is open to SQL injection. Use prepared statements, or PDO.
mysql_* functions deprecation notice:
http://www.php.net/manual/en/intro.mysql.php
This extension is deprecated as of PHP 5.5.0, and is not recommended for writing new code as it will be removed in the future. Instead, either the mysqli or PDO_MySQL extension should be used. See also the MySQL API Overview for further help while choosing a MySQL API.
These functions allow you to access MySQL database servers. More information about MySQL can be found at » http://www.mysql.com/.
Documentation for MySQL can be found at » http://dev.mysql.com/doc/.
Passwords
I noticed that you may be storing passwords in plain text. This is not recommended.
Use one of the following:
CRYPT_BLOWFISH
crypt()
bcrypt()
scrypt()
On OPENWALL
PBKDF2
PBKDF2 on PHP.net
PHP 5.5's password_hash() function.
Compatibility pack (if PHP < 5.5) https://github.com/ircmaxell/password_compat/
Other links:
PBKDF2 For PHP
<?php
session_start();
require_once("includes/connection.php");
include("includes/header.php");
$message = '';
if(isset($_REQUEST["login"])) {
if((isset($_POST['username']) && strlen(trim($_POST['username'])) > 0) && (isset($_POST['password']) && strlen(trim($_POST['password'])) > 0)) {
$username = filter_var($_POST['username'],FILTER_SANITIZE_STRING);
$password = filter_var($_POST['password'],FILTER_SANITIZE_STRING);
$query = mysql_query("SELECT * FROM usertbl WHERE username='".$username."' AND password='".$password."' LIMIT 1");
if(mysql_num_rows($query) == 1) {
$row = mysql_fetch_assoc($query));
$_SESSION['session_username'] = $row['username'];
/* Redirect browser */
header("Location: intropage.php");
} else {
$message = "Invalid username or password!";
}
} else {
$message = "All fields are required!";
}
}
?>
<div class="container mlogin">
<div id="login">
<h1>LOGIN</h1>
<form name="loginform" id="loginform" action="" method="POST">
<p>
<label for="user_login">Username<br />
<input type="text" name="username" id="username" class="input" value="" size="20" />
</label>
</p>
<p>
<label for="user_pass">Password<br />
<input type="password" name="password" id="password" class="input" value="" size="20" />
</label>
</p>
<p class="submit">
<input type="submit" name="login" class="button" value="Log In" />
</p>
<p class="regtext">No account yet? <a href="register.php" >Register Here</a>!</p>
</form>
</div>
</div>
<?php
include("includes/footer.php");
if (!empty($message)) {
echo "<p class=\"error\">" . "MESSAGE: ". $message . "</p>";
}
?>
That won't do it, session_start needs to be at the top of the file to work properly. So either include it at the beginning of the file "includes/header.php" (which you are including in your login page) or in some other include file which you will be using in all of your pages.
Put your session_start() into your top of the page.
i have just commented your code. and its worked for me. Just copy and run this code directly.
<?php session_start();
//require_once("includes/connection.php"); ?>
<?php //include("includes/header.php"); ?>
<?php
if(isset($_POST["login"])){
if(!empty($_POST['username']) && !empty($_POST['password'])) {
$username=$_POST['username'];
$password=$_POST['password'];
/* $query=mysql_query("SELECT * FROM usertbl WHERE username='".$username."' AND password='".$password."'");
$numrows=mysql_num_rows($query);
if($numrows!=0)
{
while($row=mysql_fetch_assoc($query))
{
$dbusername=$row['username'];
$dbpassword=$row['password'];
}
if($username == $dbusername && $password == $dbpassword)
{*/
$_SESSION['session_username']=$username;
print_r($_SESSION);
/* Redirect browser */
/* header("Location: intropage.php");
}
} else {
$message = "Invalid username or password!";
}
*/
} else {
$message = "All fields are required!";
}
}
?>
<div class="container mlogin">
<div id="login">
<h1>LOGIN</h1>
<form name="loginform" id="loginform" action="" method="POST">
<p>
<label for="user_login">Username<br />
<input type="text" name="username" id="username" class="input" value="" size="20" /></label>
</p>
<p>
<label for="user_pass">Password<br />
<input type="password" name="password" id="password" class="input" value="" size="20" /></label>
</p>
<p class="submit">
<input type="submit" name="login" class="button" value="Log In" />
</p>
<p class="regtext">No account yet? <a href="register.php" >Register Here</a>!</p>
</form>
</div>
</div>
<?php include("includes/footer.php"); ?>
<?php if (!empty($message)) {echo "<p class=\"error\">" . "MESSAGE: ". $message . "</p>";} ?>
You are unnecessarily checking session username in intropage.php
you should remove the code
if(!isset($_SESSION["session_username"])){
header("location:login.php");
From intro file and start session only once and it should be in header file's first line.
A php die function question.
when I use die(), it clean all page elements.
Is any way to echo error message and not clean all page, It looks like jump to another page when I use die() to stop code and call out the message.
Here are my code
<?PHP
$message="";
if(isset($_POST['submit'])){
$name=$_POST['name'];
$password=$_POST['password'];
//Field check
if($name && $password){$message=$name . $password;}
else{die($message="please enter name and password");}
//Check name
if($name=="alex" && $password==123){$message="Welcome ". $name;}
else{$message="wrong user or password";}
}
?>
<html>
<p>SIGN UP</p>
<form action="testing.php" method="POST">
<input type="text" name="name" placeholder="Enter Name" />
<input type="password" name="password" placeholder="Enter Password"/>
<input type="submit" name="submit" value="Sign up"/>
</form>
<div><?PHP echo $message?></div>
</html>
You should read your script for top to bottom, including anything outside of <?php ?>. When using die() your script stops then and there.
<?php $a = "something"; ?>
<html>
<p><?php echo $a?></p>
<?php die(); ?>
<p>Never here</p>
</html>
Would output
<html>
<p>something</p>
In your case do
<?php
if(isset($_POST['submit'])){
$name=$_POST['name'];
$password=$_POST['password'];
//Field check
if(!$name || !$password) {
$message="please enter name and password");
//Check name and password
} elseif ($name=="alex" && $password=="alex1") {
$message="Welcome ". $name;
} else {
$message="Username or password incorrect"
}
?>
<html>
<p>SIGN UP</p>
<form action="testing.php" method="POST">
<input type="text" name="name" placeholder="Enter Name" />
<input type="password" name="password" placeholder="Enter Password"/>
<input type="submit" name="submit" value="Sign up"/>
</form>
<div><?php echo $message?></div>
</html>
Also note that I'm using '==' to compare, not '='.