PHP doesn't redirect to specific page - php

I tried to send password to the PHP commands. But when I echo it to check condition, it works. But if I don't echo but using headers() instead , it won't redirect if the password is correct. But if the password isn't correct, it redirects to an error page to show error.
Here is my code.
<?php
//require_once "condb.php";
?>
<?php
if (isset($_POST['BTN_ENTER']))
{
$password=$_POST['password'];
//echo $password;
if ($password == "test")
{
//echo "ok!";
header('location:survey.php');
}else
{
//echo "not ok!";
header('location:error.php');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Login</title>
<link href="css/bootstrap.min.css" rel="stylesheet">
<script
src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js">
</script>
<script src="js/bootstrap.min.js"></script>
</head>
<style>
div#index
{
height: 100px;
position: absolute;
top:0;
bottom: 0;
left: 0;
right: 0;
margin: auto;
}
</style>
<body style="background-color:#4da6ff;">
<div align="center" id="index" class="row col-sm-12 col-md-6 col-lg-12 col-xs-12">
<p style="font-size:32px;color:#66ff33;">Please enter passcode.</p>
<form method="POST">
<div align="center" class="row col-sm-12 col-md-12 col-lg-12 col-xs-12"
style="margin:0 auto;">
<input type="password" class="form-control input-lg" placeholder="Please enter a passcode." style="width:40%;height:50%" name="password" autofocus><br>
</div>
<button type="submit" class="btn btn-success btn-lg" name="BTN_ENTER"
style="height:50%;width:20%;">ตกลง
</button>
</form>
</div>


Can you try this?
if ($password == "test")
{
header('Location: survey.php', true, 302);
die();
}
else
{
header('Location: error.php', true, 302);
die();
}


First thing you should use session or cookie if you want to access the value globally.
Try using javascript snippet for redirection
echo "<script>window.location='survey.php';"</script>";

Related

How to delete data in the current page then redirecting to another page with a back button

My current page is displayitems.php. I got a button type='hidden' with a style and a background image of the button and a hidden input type='hidden .'
I can retrieve the id of the image when clicked. Whenever I click on the button (with image) it displays the the exact image of the button in another page which is userdetails.php and I got a back button that will redirect to displayitems.php.
Now my problem here is if I click another button (image) it display the past image instead of a new one can any of you delete the past image then display the current button that I click
This is my homepage
<?php
require 'header.php';
?>
<main>
<?php
require 'uploaditems.php';
echo "<br>";
require 'loginlogout.php';
echo "<div>";
require 'displayitems.php';
echo "</div>";
?>
</main>
My displayitems.php
<?php
if(isset($_SESSION['userId'])){
require "includes/dbh.php";
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>Page Title</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="style.css" type="text/css" media="screen" href="style.php"/>
<script src="main.js"></script>
<style>
.product{
border:1px solid
margin:-1px 19px 3px -1px;
padding: 10px;
text-align:center;
bacgkround-color:#efefef;
}
</style>
</head>
<body>
<?php
include_once 'includes/dbh.php';
$sql="SELECT * FROM gallery ORDER BY orderitems DESC;";
$stmt=mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt,$sql)){
echo "sql statement failed in displayitems.php";
}else{
mysqli_stmt_execute($stmt);
$result=mysqli_stmt_get_result($stmt);
if(mysqli_num_rows($result)>0){
while($row=mysqli_fetch_assoc($result)){
?>
<div class="col-md-3">
<form method="POST" action="userdetails.php">
<input type="hidden" name="hiddenId" value=<?php echo $row['idGallery'];?>>
<div class="product" style="float: left;">
<button type="hidden" name='displaydetails'
style='background-
image:url(images/<?php echo $row['imgFullNameGallery'];?>
);width:150px; height:200px; margin:auto; background-size:100% 100%; b
ackground-repeat:no-repeat;>
</button>
</form>';
<br>
<br><br><h3><?php echo $row['nameitem']?></h3>
<h3><?php echo $row['price']?></h3>
<br>
</div>
</div>
<?php
}
}
}
}
?>
</body>
</html>
and my userdetails.php
<?php
session_start();
if(isset($_POST['displaydetails'])){
if(isset($_SESSION['userId'])){
This is how I got the hidden id of the image
$idofimg=$_POST['hiddenId'];
require 'includes/dbh.php';
And i've created a query where I want all the data of the hidden id
$sql="SELECT * FROM gallery WHERE idGallery=? ;";
$stmt=mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt,$sql)){
echo "sql statement failed in displayitems.php";
}else{
mysqli_stmt_bind_param($stmt,'i',$idofimg);
mysqli_stmt_execute($stmt);
$result=mysqli_stmt_get_result($stmt);
if(mysqli_num_rows($result)>0){
while($row=mysqli_fetch_assoc($result)){
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>Page Title</title>
<meta name="viewport" content="width=device-width, initial-
scale=1">
<link rel="stylesheet" type="text/css" media="screen"
href="main.css" />
<script src="main.js"></script>
</head>
<body>
<img src="images/<?php echo $row['imgFullNameGallery'];?>" style
=width:330px; height:300px; margin:auto; background-size:100% 100%;
background-repeat:no-repeat;>
<div>
<h3>Details</h3>
<table>
<tr>
<td>Condition:</td>
<td>ha</td>
</tr>
</div>
This is where I want to put my condition where I will delete all this current data and go back to index2.php and then when clicked another image button it will display the current image not the past image
<form action='index2.php' method='POST'>
<button type='submit'>BACK</button>
<?php
$count=1;
?>
</form>
<?php
}
}
}
} else{
echo "fail";
}}
?>
</body>
</html>

here in my displayitems.php my input type="hidden" name="hiddenId" value=> is only getting 1 value when the button type="hidden" name='displaydetails'> is not getting any value when clicked. So when I go to userdetails.php it only display 1 details because of the input type. so I should remove the input type in displayitems.php and just give the button a value so whenever it was click it will generate a new id and display also a new details.
just change this to displayitems.php
<input type="hidden" name="hiddenId" value=<?php echo $row['idGallery'];?>>
<div class="product" style="float: left;">
<button type="hidden" name='displaydetails'
style='background-
image:url(images/<?php echo $row['imgFullNameGallery'];?>
);width:150px; height:200px; margin:auto; background-size:100% 100%; b
ackground-repeat:no-repeat;>
</button>
to this
<div class="product" style="float: left;">
<button type="hidden" name='displaydetails' value=<?php echo
$row['idGallery'];?>
style='background-
image:url(images/<?php echo $row['imgFullNameGallery'];?>
);width:150px; height:200px; margin:auto; background-size:100% 100%; b
ackground-repeat:no-repeat;>
</button>
and to userdetails.php
if(isset($_POST['displaydetails'])){
if(isset($_SESSION['userId'])){
$idofimg=$_POST['hiddenId'];
to this
if(isset($_POST['displaydetails'])){
if(isset($_SESSION['userId'])){
$idofimg=$_POST['displaydetails'];

My code is working on local but doesnt work in server [duplicate]

This question already has answers here:
How do I get PHP errors to display?
(27 answers)
Closed 3 years ago.
i have 6 php pages, all work perfectly on pc and on host. except one, my search.php doesn't work on host (by the way it works on pc perfectly too). Somehow when i try to run search.php i don't even get error, only thing which i get is white screen. Here my codes ;
<?php
session_start();
if(!$_SESSION['auth'])
{
echo 'bu sayfaya erişim izniniz yok.';
header("Location: uyegirisi.html");
}
?>
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
<title>First try</title>
<link rel="stylesheet" type="text/css" href="css/bootstrap.css">
<link rel="stylesheet" type="text/css" href="css/style.css">
<script type="text/javascript" src="js/bootstrap.min.js"></script>
<script type="text/javascript" src="js/bootstrap.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js"></script>
<style>
li
{
display: inline;
padding: 0px 20px 0px 20px;
}
ul
{
padding:10px;
background: rgba(0,0,0,0.5);
}
a
{
color: black;
font-size: 30px;
}
p
{
color: #0f0f0f;
font-size: 24px;
font-family: Helvetica;
}
.bor
{
font-size: 23px;
border:2px;
}
.hr
{
color : #0000F8;
size : 4;
}
</style>
</head>
<body>
<div class="row">
<div class="col-md-4"></div>
<div class="col-md-4" align="center">
<header>
<ul>
<li>Kayıt ekranı</li>
<li> Çıkış Yap</li>
</ul>
</header>
<form action="musteriarama.php" method="get">
<div class="hiza">
<label for="Arama"></label>
<input type="text" class="form-control" id="Arama" name="Arama">
</br>
</br>
<input class="but btn btn-primary btn-lg" type="submit" name="gonder" value="Müşteri Ara">
</div>
</form>
</div>
<div class="col-md-4"></div>
</div>
</body>
</html>
<?php
$db =new mysqli('localhost', 'root', '' , 'musteritakip');
if($db->connect_errno) die ('Bağlantı hatası:' . $db->connect_errno);
if(isset($_GET['gonder'])){
#Ekleme işlemi
$stmt = $db ->prepare("select * from musteri_bilgileri where (isim like ?)");
if($stmt === FALSE) die("Sorgu hatası". $db ->error);
$ara ='%'.$_GET['Arama'].'%';
$stmt->bind_param("s", $ara);
$stmt->execute();
$sonuc =$stmt->get_result();
if($sonuc -> num_rows <1) die("<p>"."bulunamadı");
while ($row = $sonuc->fetch_array())
{
echo '<div>';
echo '<p>'.$row['isim'];
echo '&nbsp&nbsp ';
echo $row['soyad'];
echo '&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp';
echo '<form action="detaylar.php" method="post">';
echo'<input type="hidden" value="'.$row['id'].'" name="gelenid">';
echo '<input type ="submit" value="Detaylar" style="margin-bottom:-35px;" name="detaylargonder"></input>';
echo '<hr width="100%" >';
echo '</form>';
echo '</br>';
echo '</br>';
echo '</div>';
}
}
?>

You must have missed something while you were uploading it. You haven't clearly described what's not working or about the error, we can only advice you.Follow below steps to solve your issue:
First add error_reporting(E_ALL); ini_set('display_errors', 'On'); at top of your script.
Check the browser's console log's, it will display relevant errors.
As you are getting blank page, please check your code, you might be getting 500 internal server error when you haven't code it correctly.
Check your syntax.
Check your application & DB configuration.

Information not being submitted into the database

I'm not quite sure what's going on, I've done almost everything I can think of to try and resolve this issue but I'm still stuck where I left off.
So the recovery questions are being submitted into the DB but when you are set to cancel them the cancel value doesn't change whatsoever.. I'm absolutely confused.
<?php
/*
* #CANCEL
* ~~~~~~~~~~~~
* #FILE DESCRIPTION: Cancels set recovery questions
* #LAST MODIFIED: August 29, 2015
*/
require('../includes/config.php');
require('../structure/database.php');
require('../structure/base.php');
require('../structure/user.php');
$database = new database($db_host, $db_name, $db_user, $db_password);
$base = new base($database);
$user = new user($database);
//get config settings from db
$config = $base->loadConfig();
//set some basic vars
$username = $user->getUsername($_COOKIE['user'], 2);
$rank = $user->getRank($username);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:IE>
<head>
<meta http-equiv="Expires" content="0">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta name="MSSmartTagsPreventParsing" content="TRUE">
<title><?php
echo $data['wb_title'];
?></title>
<link href="../css/basic-3.css" rel="stylesheet" type="text/css" media="all">
<link href="../css/main/title-5.css" rel="stylesheet" type="text/css" media="all">
<link href="../css/kbase-2.css" rel="stylesheet" type="text/css" media="all" />
<link rel="shortcut icon" href="../img/favicon.ico" />
<?php
include('../includes/google_analytics.html');
?>
<style>
fieldset {
text-align: left;
border: 2px solid #625437;
width: 95%;
position: relative;
margin: 10px;
padding-left: 10px;
background-color:transparent;
}
legend {
color: #625437;
font-weight: bold;
font-size: 15px;
}
</style>
<script type="text/javascript">
function goBack()
{
window.history.back();
}
</script>
</head>
<div id="body">
<?php
$base->getNavBar($username, $path, $rank);
?><br/><br/>
<br/><br/>
<div style="text-align: center; background: none;">
<div class="titleframe e">
<b>Cancel recovery questions</b><br />
Main Menu
</div>
</div>
<img class="widescroll-top" src="../img/scroll/backdrop_765_top.gif" alt="" width="765" height="50" />
<div class="widescroll">
<div class="widescroll-bgimg">
<div class="widescroll-content">
<?php
if (!$user->isLoggedIn()) {
echo 'You must be logged in to access this content.';
} else {
$info = $database->processQuery("SELECT `cancel` FROM `recoveries` WHERE `userid` = ?", array($user->getUserId($_COOKIE['user'])), true);
//if ($database->getRowCount() == 1) {
//echo 'You need to have recovery questions in order to cancel them. You can set them here or return to the homepage.';
if ($info[0]['cancel'] >= 1) {
echo 'Your recovery questions have already been set to cancel.';
} elseif (isset($_GET['confirm'])) {
//cancel the recovery questions
$database->processQuery("UPDATE `recoveries` SET `cancel` = ? WHERE `userid` = ?", array(
time(),
$user->getUserId($_COOKIE['user'])
), false);
echo '<center>Your recovery questions have successfully been set to cancel.<br><center>Main page</center>';
} else {
?>
<b>Are you sure you wish to cancel your recovery questions?</b> Once you confirm this action your recovery questions will be active
for another two weeks, after that they will be deleted.<br><br> This action can be reversed by clicking the "Set recovery questions" link on the website homepage.
<br/><br/>
<center>I wish to continue | I wish to go back</center>
<?php
}
}
?>
<center><img src="../img/kbase/scroll_spacer.gif" ></center>
<div style="clear: both;"></div>
</div>
</div>
</div>
<img class="widescroll-bottom" src="../img/scroll/backdrop_765_bottom.gif" alt="" width="765" height="50" />
<div class="tandc"><?php
echo $data['wb_foot'];
?></div>
</div>
</body>
</html>
As for this being commented out
//if ($database->getRowCount() == 1) {
//echo 'You need to have recovery questions in order to cancel them. You can set them here or return to the homepage.';
It's because if it is, when the page is loaded that's all that shows...nothing else, even if the recovery options are set in the database.
Any ideas? really stuck here.

Button CSS Query

I have a page that lists 3 buttons, outputted by a PHP if statement, each wrapped in a separate "a" tag. My problem is, when i update the CSS, the width of the buttons change, but the height will not.
I'm seriously baffled, I've checked all other id's and classes to check for conflicts etc, but cannot see anything obvious. The width alters when changed within the developer tools on chrome, but the height will not.
I may be missing something obvious, as i tend to do that, but cannot for the life in me see the issue.
Any help is appreciated.
Code: (Note: I am using an "admin" account, so $admin = 1.)
<?php
ini_set('display_errors', 'On');
session_start();
if($_SESSION['login'] == 0) {
header('Location: /includes/session_expired.php');
}
$admin = $_COOKIE['admin'];
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../stylesheet/main_stylesheet.css">
<link href="https://fonts.googleapis.com/css?family=Titillium+Web:400,700" rel="stylesheet" type="text/css">
<script type="text/javascript" src="../js/date_time.js"></script>
<script type="text/javascript" src="../js/jquery.js"></script>
<?php
if($admin == 0) {
echo '<script type="text/javascript" src="../js/success_timer.js"></script>';
}
?>
<!--[if lt IE 9]><script src="http://html5shiv.googlecode.com/svn/divunk/html5.js"></script><![endif]-->
</head>
<body id="nauthBody">
<div id="nauth-container">
<div id="nauth-inner-container">
<div id="nauth-content">
<?php
if($admin == 0) {
echo ' <p>You are not authorised to view this page.</p>
<span id="timer"></span>';
} elseif ($admin == 1) {
echo ' <p>Please select an element to manage:</p>
<div id="system_selection">
<input class="system_button" type="button" name="users" value="Users"/>
<input class="system_button" type="button" name="authorised_comps" value="Authorised Computers"/>
<input class="system_button" type="button" name="resource_management" value="Resource Management"/>
</div>';
}
?>
</div>
</div>
</div>
</body>
</html>
And CSS:
.system_button {
height: 35px;
width: 65%;
}
#system_selection a {
cursor: pointer;
}
#system_selection {
height: auto;
width: auto;
}

right click on your button, use inspect element to find the style on this button. You will find which style has effect on it.

In the end I altered the code to the below. This was inspired by #divinecomedian's comment above, made me realise I could use a form wrapped around each button and change it a Submit input.
Problem solved.
Code: (From inside the "nauth-content" div)
<?php
if($admin == 0) {
echo ' <p>You are not authorised to view this page.</p>
<span id="timer"></span>';
} elseif ($admin == 1) {
echo ' <p>Please select an element to manage:</p>
<div id="system_selection">
<form action="user_management.php" method="post">
<input class="system_button" type="submit" name="users" value="Users"/>
</form>
<form action="authorised_devices.php" method="post">
<input class="system_button" type="submit" name="authorised_comps" value="Authorised Computers"/>
</form>
<form action="resource_management.php" method="post">
<input class="system_button" type="submit" name="resource_management" value="Resource Management"/>
</form>
</div>';
}
?>
Thanks to everyone that had some input!

How to add 3 attempts in a login page

hello everyone i just wanna ask on how to add three attempts in my login page here is the code
<?php
include 'connect.php';
?>
<?php
if(isset($_POST) && !empty($_POST))
{
session_start();
include("config_DB.php"); //including config.php in our file
$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = mysql_real_escape_string(stripslashes(md5($_POST['password'])));
$user_type= $_GET['user_type'];
$match = "select * from $table where username = '".$username."' and password = '".sha1($password)."';";
$qry = mysql_query($match);
$row=mysql_fetch_array($qry);
$num_rows = mysql_num_rows($qry);
if($num_rows >= 1){
$_SESSION['user']= $_POST["username"];
$_SESSION['name'] = $row['empName'];
$_SESSION['position'] = $row['empPosition'];
$_SESSION['user_type'] = $row['user_type'];
header("location:index.php/index_controller/home");
} else {
$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = mysql_real_escape_string(stripslashes($_POST['password']));
include("config_DB.php"); //including config.php in our file
$match = "select * from $table where username = '".$username."' and password = '".sha1($password)."';";
$qry = mysql_query($match);
$row=mysql_fetch_array($qry);
$num_rows = mysql_num_rows($qry);
$attemps =0;
if($num_rows <= 0){
echo
"<script type=\"text/javascript\">".
"window.alert('Invalid username/password!');".
'window.location.href="index.php";'.
"</script>";
exit;
}
$_SESSION['user']= $_POST["username"];
$_SESSION['name'] = $row['empName'];
$_SESSION['position'] = $row['empPosition'];
$_SESSION['user_type'] = $row['user_type'];
header("location:index.php/index_controller/home");
}
}else{
?>
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>City Planning and Development Office--Login</title>
<link rel="stylesheet" href="<?php echo base_url();?>assets/css/bootstrap.min.css"/>
<link rel="stylesheet" href="<?php echo base_url();?>assets/css/login-style.css"/>
<link rel="stylesheet/less" href="<?php echo base_url();?>assets/less/icons.less"/>
<!-- Load JavaScript Libraries -->
<script src="<?php echo base_url();?>assets/js/jquery/jquery-1.11.1.min.js"></script>
<script src="<?php echo base_url();?>assets/js/jquery/jquery-ui.js"></script>
<script src="<?php echo base_url();?>assets/js/jquery/jquery.widget.min.js"></script>
<!-- Load Metro JavaScript -->
<script src="<?php echo base_url();?>assets/js/load-metro.js"></script>
<script src="<?php echo base_url();?>assets/js/metro.min.js"></script>
<script src="<?php echo base_url();?>assets/js/metro-calendar.js"></script>
<script src="<?php echo base_url();?>assets/js/metro-datepicker.js"></script>
<!-- Load Bootstrap JavaScript -->
<script src="<?php echo base_url();?>assets/js/bootstrap.min.js"></script>
<script src="<?php echo base_url();?>assets/js/validate.js"></script>
<script src="<?php echo base_url();?>assets/js/condition.js"></script>
<!-- Login parallax -->
<style type="text/css">
body{
background:#000;
}
input.info{
color:#000 !important;
}
.vertical-offset-100{
padding-top:100px;
}
.login{
background:#ed1c24;
color:#fff;
}
body{
background: url(img/back.png);
background-color: #444;
background: url(/cpdo_ci/assets/images/pinlayer2.png),url(/cpdo_ci/assets/images/pinlayer1.png),url(/cpdo_ci/assets/images/back.png);
}
.vertical-offset-100{
padding-top:100px;
}
</style>
</head>
<body>
<script src="<?php echo base_url();?>assets/js/TweenLite.min.js"></script>
<div class="container" >
<div class="row vertical-offset-100">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default">
<div class="panel-heading">
<div class="row-fluid user-row">
<center><img src="/cpdo_ci/assets/images/malolos.png" height="200" width="200" alt="CPDO"></center>
</div>
</div>
<div class="panel-body">
<form accept-charset="UTF-8" id="login" action="<?php $_SERVER['PHP_SELF'] ?>" method="post" name="login" class="form-signin" role="form">
<fieldset>
<div class="form-group">
<input class="form-control info" placeholder="Username" name="username" id="username" required type="text">
</div>
<div class="form-group">
<input class="form-control info" placeholder="Password" name="password" id="password" required type="password" value="">
</div>
<label>
<div style=" font-size:90%" >
</div>
</label>
<input class="btn btn-lg btn-success btn-block" type="submit" value="Login">
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
<script type="text/javascript">
$(document).ready(function(){
$(document).mousemove(function(e){
TweenLite.to($('body'),
.5,
{ css:
{
backgroundPosition: ""+ parseInt(event.pageX/8) + "px "+parseInt(event.pageY/'12')+"px, "+parseInt(event.pageX/'15')+"px "+parseInt(event.pageY/'15')+"px, "+parseInt(event.pageX/'30')+"px "+parseInt(event.pageY/'30')+"px"
}
});
});
});
</script>
</body>
<?php
}
?>
</html>
</html>

Try this to the back-end which receives the login parameters.
if($_POST["password"]) !== $password_stored_in_db) {
if($attempts == 3) {
header('Location: login.php?max_attempt=exceeded');
}
} else if (isset($attempts)) {
$attempts = ++ $attempts;
} else {
$attempts = 0;
}
header('Location: login.php?attempt=' . $attempts);
Also add this to login.php to determine if user has exceeded max attempts:
Make sure that login.php is set to check for max_attempt=exceeded by adding:
if(isset($_GET["max_attempt"])) {
if($_GET["max_attempt"] == "exceeded") {
// Error message
// Use $_SESSION to record the time and to stop user from trying again for a while because if you use cookies, it maybe overridden or re-set.
}
}

You really should store the information of attempts on the DB, but some quick hack by storing the data on the session would be
<?php
include 'connect.php';
if(isset($_POST) && !empty($_POST))
{
session_start();
include("config_DB.php"); //including config.php in our file
$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = mysql_real_escape_string(stripslashes(md5($_POST['password'])));
$user_type= $_GET['user_type'];
$match = "select * from $table where username = '".$username."' and password = '".sha1($password)."';";
$qry = mysql_query($match);
$row=mysql_fetch_array($qry);
$num_rows = mysql_num_rows($qry);
if($num_rows >= 1){
$_SESSION['attemps'] = 0;
$_SESSION['user']= $_POST["username"];
$_SESSION['name'] = $row['empName'];
$_SESSION['position'] = $row['empPosition'];
$_SESSION['user_type'] = $row['user_type'];
header("your_home_page");
} else {
$_SESSION['attemps'] ||= 0;
$_SESSION['attemps'] += 1;
if ($_SESSION['attemps'] > 3) {
header("location:/access_denied.php");
}
$display_warning = true;
}
}else{
?>
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>City Planning and Development Office--Login</title>
<link rel="stylesheet" href="<?php echo base_url();?>assets/css/bootstrap.min.css"/>
<link rel="stylesheet" href="<?php echo base_url();?>assets/css/login-style.css"/>
<link rel="stylesheet/less" href="<?php echo base_url();?>assets/less/icons.less"/>
<!-- Load JavaScript Libraries -->
<script src="<?php echo base_url();?>assets/js/jquery/jquery-1.11.1.min.js"></script>
<script src="<?php echo base_url();?>assets/js/jquery/jquery-ui.js"></script>
<script src="<?php echo base_url();?>assets/js/jquery/jquery.widget.min.js"></script>
<!-- Load Metro JavaScript -->
<script src="<?php echo base_url();?>assets/js/load-metro.js"></script>
<script src="<?php echo base_url();?>assets/js/metro.min.js"></script>
<script src="<?php echo base_url();?>assets/js/metro-calendar.js"></script>
<script src="<?php echo base_url();?>assets/js/metro-datepicker.js"></script>
<!-- Load Bootstrap JavaScript -->
<script src="<?php echo base_url();?>assets/js/bootstrap.min.js"></script>
<script src="<?php echo base_url();?>assets/js/validate.js"></script>
<script src="<?php echo base_url();?>assets/js/condition.js"></script>
<!-- Login parallax -->
<style type="text/css">
body{
background:#000;
}
input.info{
color:#000 !important;
}
.vertical-offset-100{
padding-top:100px;
}
.login{
background:#ed1c24;
color:#fff;
}
body{
background: url(img/back.png);
background-color: #444;
background: url(/cpdo_ci/assets/images/pinlayer2.png),url(/cpdo_ci/assets/images/pinlayer1.png),url(/cpdo_ci/assets/images/back.png);
}
.vertical-offset-100{
padding-top:100px;
}
</style>
</head>
<body>
<script src="<?php echo base_url();?>assets/js/TweenLite.min.js"></script>
<div class="container" >
<div class="row vertical-offset-100">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default">
<div class="panel-heading">
<div class="row-fluid user-row">
<center><img src="/cpdo_ci/assets/images/malolos.png" height="200" width="200" alt="CPDO"></center>
</div>
</div>
<div class="panel-body">
<form accept-charset="UTF-8" id="login" action="<?php $_SERVER['PHP_SELF'] ?>" method="post" name="login" class="form-signin" role="form">
<fieldset>
<div class="form-group">
<input class="form-control info" placeholder="Username" name="username" id="username" required type="text">
</div>
<div class="form-group">
<input class="form-control info" placeholder="Password" name="password" id="password" required type="password" value="">
</div>
<label>
<div style=" font-size:90%" >
</div>
</label>
<input class="btn btn-lg btn-success btn-block" type="submit" value="Login">
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
<script type="text/javascript">
$(document).ready(function(){
<?php if defined($display_warning) : ?>
window.alert('Invalid username/password!');
<?php endif; ?>
$(document).mousemove(function(e){
TweenLite.to($('body'),
.5,
{ css:
{
backgroundPosition: ""+ parseInt(event.pageX/8) + "px "+parseInt(event.pageY/'12')+"px, "+parseInt(event.pageX/'15')+"px "+parseInt(event.pageY/'15')+"px, "+parseInt(event.pageX/'30')+"px "+parseInt(event.pageY/'30')+"px"
}
});
});
});
</script>
</body>
</html>
</html>

Categories