I'm currently having some issues with creating a webpage that's only accessible once a user has logged in.
I've looked through various threads here, but to no avail. Any help with this would be greatly appreciated.
Here's my code:
login.php
<?php
Include('connect.php');
if (isset($_REQUEST['Submit']))
{
if($_REQUEST['user_id']=="" || $_REQUEST['password']=="")
{
echo " Field must be filled";
}
else
{
$sql1= "select * from student where email= '".$_REQUEST['user_id']."' && password ='".$_REQUEST['password']."'";
$result=mysql_query($sql1)
or exit("Sql Error".mysql_error());
$num_rows=mysql_num_rows($result);
if($num_rows>0)
{
session_start($_SESSION['Login']);
Echo "You have logged in successfully";
header("Location: statistics.html");
}
else
{
echo "Wrong username or password.";
}
}
}
?>
<!DOCTYPE html>
<html class="no-js">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>PHP Login Form</title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width">
<link rel="stylesheet" href="css/bootstrap.css">
<link rel="stylesheet" href="css/main.css">
</head>
<body>
<div class="container">
<div class="row" style="margin-top:20px">
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
<form name="form_login" method="post" action="login.php" role="form">
<fieldset>
<h2>Please Sign In</h2>
<hr class="colorgraph">
<div class="form-group">
<input name="user_id" type="text" id="user_id" class="form-control input-lg" placeholder="Email Address">
</div>
<div class="form-group">
<input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password">
</div>
<span class="button-checkbox">
<button type="button" class="btn" data-color="info">Remember Me</button><!-- Additional Option -->
<input type="checkbox" name="remember_me" id="remember_me" checked="checked" class="hidden">
<hr class="colorgraph">
<div class="row">
<div class="col-xs-6 col-sm-6 col-md-6">
<input type="submit" name="Submit" value="Login" class="btn btn-lg btn-success btn-block">
</div>
</div>
</fieldset>
</form>
</div>
</div>
</div>
</body>
</html>
And statistics.html (Page that should only be accessible when logged in)
<?php
include ("login.php")
session_start();
if(!isset($_SESSION['Login']))
{
header("Location:login.php");
die();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Personal Website</title>
<link rel="stylesheet" href="../../CSS/stylesheetmain.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css">
</head>
<body>
<!--Navigation Bar-->
<div class="row">
<div class="darkgrey column col-md-8 col-md-offset-2 col-xs-12 col-s-12">
<nav class="navbar navbar-background-color">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1"><!--Reference: Bootstrap, 2015. getbootstrap.com. [Online] Available at: http://getbootstrap.com/ [Accessed 01 April 2015]-->
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../index.html"></a>
</div>
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav navbar-right">
<li class="active">Home</li><!--Edits made: Removed active button -->
<li>About Me</li>
<li>Blog</li>
<li>Contact Me</li>
<li>Login</li>
</ul>
</div><!-- /.navbar-collapse -->
</div><!-- /.container-fluid -->
</nav>
</div>
</div>
<div class="row">
<div class="navbarbottom column col-md-8 col-md-offset-2 col-xs-12 col-s-12"></div>
</div>
<!--Page Title-->
<div class="row">
<div class="title mediumbluetext col-md-8 col-md-offset-2 col-xs-0 col-s-0">
<center><h1>Statistics</h1></center>
</div>
</div>
<!--Main Body-->
<div class="row">
<!--Left Column Spacer-->
<div class="maintextleftbackground column col-md-2 col-xs-0 col-s-0">
<script type="text/javascript" src="//s7.addthis.com/js/300/addthis_widget.js#pubid=ra-52f8f8c0164b330f" async="async"></script>
</div>
<!--Middle Column-->
<div class="maintext80 column col-md-8 col-xs-12 col-s-8 col-s-offset-2"><br>
<div id="main-chart-container"></div>
<div id="breakdown-chart-container"></div>
<div id="embed-api-auth-container"></div>
<div id="view-selector-container"></div>
</div>
<!--Right Column Spacer-->
<div class="maintextrightbackground column col-md-2 col-xs-0 col-s-0">
</div>
</div>
<!--Footer Bar-->
<div class="row">
<div class="darkgrey column col-md-8 col-md-offset-2 col-xs-12 col-s-12">
<nav class="navbar-background-color">
<div class="container-fluid">
<p class="navbar-text navbar-right">SiteMap</p>
</div>
</nav>
</div>
</div>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>
<script>
(function(w,d,s,g,js,fs){
g=w.gapi||(w.gapi={});g.analytics={q:[],ready:function(f){this.q.push(f);}};
js=d.createElement(s);fs=d.getElementsByTagName(s)[0];
js.src='https://apis.google.com/js/platform.js';
fs.parentNode.insertBefore(js,fs);js.onload=function(){g.load('analytics');};
}(window,document,'script'));
</script>
</body>
</html>
No matter what I try, I can't seem to get the code to work. The files are in the same directory as well.
Any help with this would be greatly appreciated.
A few things wrong here but you're on the right track.
You are VERY susceptible to SQL injection. Please read about it.
Your form uses POST so your PHP should use $_POST and not $_REQUEST
You cannot set a session variable by passing it through to session_start. You need to set the variable like so: $_SESSION['isLoggedIn'] = true.
You are echoing right before you issue a header command. You cannot output anything before redirecting.
Related
I have a problem with the bootstrap modal, it doesn't insert data in MySQL even though i have a similar modal in the same page that updates the data.. The data is represented in tables with delete and update buttons for each row... Which both work well in the same page.. I am not using Ajax and i was hoping this would work without using any other technologies.. it's kinda odd as the update query uses the same technique and still works regardless
<?php
require_once "../db.php";
session_start();
if(!isset($_SESSION['admin'])){
header('location:login.php');
}
function redirect($url)
{
if (!headers_sent())
{
header('Location: '.$url);
exit;
}
else
{
echo '<script type="text/javascript">';
echo 'window.location.href="'.$url.'";';
echo '</script>';
echo '<noscript>';
echo '<meta http-equiv="refresh" content="0;url='.$url.'" />';
echo '</noscript>'; exit;
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
<link rel="stylesheet" href="../css/all.css">
<link rel="stylesheet" href="../css/bootstrap.min.css">
<script src="../js/jquery-3.5.1.min.js"></script>
<script srC="../js/bootstrap.min.js"></script>
<style>
.nav-link{
font-size:18px;
font-weight:bold;
}
</style>
</head>
<body>
<?php
if(isset($_POST['confirmadd'])){
$code = $_POST['voyage'];
$newrow0 = $_POST['depart'];
$newrow1 = $_POST['villedep'];
$newrow2 = $_POST['arrivee'];
$newrow3 = $_POST['villearr'];
$newrow4 = $_POST['price'];
$addTrip = mysqli_query($sql,"INSERT INTO voyage VALUES('$code','$newrow0','$newrow1',$newrow2','$newrow3','$newrow4');");
if($addTrip){
redirect('dashboard.php');
}else{
echo "error";
}
}
?>
<div class="container-fluid bg-info sticky-top">
<div class="row d-flex align-items-center">
<div class="col-6 offset-1">
<h2 class="display-4 text-white">AnouBus</h2>
</div>
<div class="col-4">
<div class="navbar navbar-expand-lg navbar-light navbar-fixed-top">
<ul class="navbar navbar-nav">
<li class="nav-item"><a class="nav-link" href="logout.php">Logout</a></li>
</ul>
</div>
</div>
</div>
</div>
<h1 class="text-center">Your Trips</h1>
<button class="btn btn-primary mx-2" style="float:right;" data-toggle="modal" data-target="#addmodal">Add Trip</button>
<div class="modal fade" id="addmodal">
<div class="modal-dialog modal-dialog-centered">
<div class="modal-content">
<div class="modal-header"><h2 class="text-center">Update Trip</h2></div>
<div class="modal-body">
<form method="post">
<div class="form-row">
<div class="form-group col-12">
<input type="text" name="voyage" class="form-control" placeholder="Trip Code">
</div>
<div class="form-group col-12">
<input type="text" name="depart" class="form-control" placeholder="Departure Time" ?>
</div>
<div class="form-group col-12">
<input type="text" name="villedep" class="form-control" placeholder="Departure City">
</div>
<div class="form-group col-12">
<input type="text" name="arrivee" class="form-control" placeholder="Arrival Time">
</div>
<div class="form-group col-12">
<input type="text" name="villearr" class="form-control" placeholder="Arrival City">
</div>
<div class="form-group col-12">
<input type="text" name="price" class="form-control" placeholder="Price">
</div>
<div class="form-group col-12">
<input type="submit" class="form-control btn btn-success" name="confirmadd" value="confirm">
</div>
</div>
</form>
</div>
</div>
</div>
</div>
I have a page named as add_administrator.php in this php i am checking if the status value is given using the GET method and if so that display the header with the value in status Now i am getting the value form a page add_administrator_code.php But the problem is that i am getting the header more then once i.e. Three times with the same message What should i do?
here is the add_administrator.php
<?php
session_start();
session_regenerate_id(true);//regenerating session id on every reload or refresh so to avoid the session hijack
if (isset($_GET['status'])) {
$sta = $_GET['status'];
echo "<script type='text/javascript'>alert('$sta');</script>";
}
if($_SESSION['alogin'])
{
}
else
{
header("location:../index.php");
}
?>
<!doctype html>
<html class="no-js" lang="">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>Smart Ambulance</title>
<link rel="stylesheet" href="assets/css/normalize.css">
<link rel="stylesheet" href="assets/css/bootstrap.min.css">
<link rel="stylesheet" href="assets/css/font-awesome.min.css">
<link rel="stylesheet" href="assets/css/themify-icons.css">
<link rel="stylesheet" href="assets/css/flag-icon.min.css">
<link rel="stylesheet" href="assets/css/cs-skin-elastic.css">
<!-- <link rel="stylesheet" href="assets/css/bootstrap-select.less"> -->
<link rel="stylesheet" href="assets/scss/style.css">
<link href="assets/css/lib/vector-map/jqvmap.min.css" rel="stylesheet">
<link href='https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800' rel='stylesheet' type='text/css'>
<!-- Fav and touch icons -->
<?php include 'logo.php';?>
</head>
<body>
<!-- Left Panel -->
<aside id="left-panel" class="left-panel"style="background-color:#004466">
<nav class="navbar navbar-expand-sm navbar-default">
<?php include 'left_menu.php';?>
</nav>
</aside><!-- /#left-panel -->
<!-- Left Panel -->
<!-- Right Panel -->
<div id="right-panel" class="right-panel">
<!-- Header-->
<header id="header" class="header">
<?php include 'header_menu.php';?>
</header><!-- /header -->
<!-- Header-->
<div class="breadcrumbs">
<div class="col-sm-4">
<div class="page-header float-left">
<div class="page-title">
<h1>Dashboard</h1>
</div>
</div>
</div>
<div class="col-sm-8">
<div class="page-header float-right">
<div class="page-title">
<ol class="breadcrumb text-right">
<li class="active">Dashboard / User Details / Adminsitrator / Add</li>
</ol>
</div>
</div>
</div>
</div>
<div class="content mt-3">
<!--********************************************** Content Start **********************************************-->
<div class="col-lg-6">
<div class="card">
<div class="card-header">
<strong>Add Adminsitrator</strong>
</div>
<div class="card-body card-block">
<form action="add_administrator_code.php" method="post" enctype="multipart/form-data" class="form-horizontal">
<div class="row form-group">
<!--<div class="col col-md-3"><label class=" form-control-label">Static</label></div> -->
<div class="col-12 col-md-9">
<!-- <p class="form-control-static">Username</p> -->
</div>
</div>
<div class="row form-group">
<div class="col col-md-3"><label for="text-input" class=" form-control-label">Name</label></div>
<div class="col-12 col-md-9"><input type="text" id="adm_name" name="adm_name" placeholder="Name" class="form-control"><small class="form-text text-muted"></small></div>
</div>
<div class="row form-group">
<div class="col col-md-3"><label for="email-input" class=" form-control-label">Contact Number</label></div>
<div class="col-12 col-md-9"><input type="text" id="adm_mob" name="adm_mob" placeholder="Enter Contact Number" class="form-control"><small class="help-block form-text"></small></div>
</div>
<div class="row form-group">
<div class="col col-md-3"><label for="email-input" class=" form-control-label">Email Id</label></div>
<div class="col-12 col-md-9"><input type="email" id="adm_mail_id" name="adm_mail_id" placeholder="Enter Email" class="form-control"><small class="help-block form-text"></small></div>
</div>
<div class="row form-group">
<div class="col col-md-3"><label for="password-input" class=" form-control-label">Password</label></div>
<div class="col-12 col-md-9"><input type="password" id="adm_pass" name="adm_pass" placeholder="Password" class="form-control"><small class="help-block form-text">Press the Generate Button to generate password</small></div>
</div>
<div class="row form-group">
<div align =center class="col col-md-1"><input type="checkbox" onclick="togglepassword()" ></div>
<label for="text-input" class=" form-control-label">Show Password</label>
</div>
<div>
<button type="submit" class="btn btn-primary btn-sm">
<i class="fa fa-dot-circle-o"></i> Submit
</button>
<button type="reset" class="btn btn-danger btn-sm">
<i class="fa fa-ban"></i> Reset</i>
</button>
<button type="button" onclick="generate()" class="btn btn-success btn-sm">Generate</button>
</div>
</div>
<!--********************************************** Content End **********************************************-->
</div>
</div><!-- /#right-panel -->
<!-- Right Panel -->
<script src="assets/js/vendor/jquery-2.1.4.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js"></script>
<script src="assets/js/plugins.js"></script>
<script src="assets/js/main.js"></script>
<script src="assets/js/lib/chart-js/Chart.bundle.js"></script>
<script src="assets/js/dashboard.js"></script>
<script src="assets/js/widgets.js"></script>
<script src="assets/js/lib/vector-map/jquery.vmap.js"></script>
<script src="assets/js/lib/vector-map/jquery.vmap.min.js"></script>
<script src="assets/js/lib/vector-map/jquery.vmap.sampledata.js"></script>
<script src="assets/js/lib/vector-map/country/jquery.vmap.world.js"></script>
<script>
( function ( $ ) {
"use strict";
jQuery( '#vmap' ).vectorMap( {
map: 'world_en',
backgroundColor: null,
color: '#ffffff',
hoverOpacity: 0.7,
selectedColor: '#1de9b6',
enableZoom: true,
showTooltip: true,
values: sample_data,
scaleColors: [ '#1de9b6', '#03a9f5' ],
normalizeFunction: 'polynomial'
} );
} )( jQuery );
</script>
<script>
function togglepassword() {
var x = document.getElementById("adm_pass");
if (x.type === "password") {
x.type = "text";
} else {
x.type = "password";
}
}
</script>
<script>
function generate(){
//set password length/complexity
let complexity = 8;
//possible password values
let values = "ABCDEFGHIJKLMNOPQRSTUVWZYZabcdefghijklmnopqrstuvwxyz1234567890!##$%^&*()_+";
let password = "";
//create for loop to choose password characters
for(var i = 0; i <= complexity; i++){
password = password + values.charAt(Math.floor(Math.random() * Math.floor(values.length - 1)));
}
//add password to textbox/display area
document.getElementById("adm_pass").value = password;
}
</script>
</body>
</html>
here is the add_administrator_code.php
<?php include '../database.php';
// create a variable
$adm_name=$_POST['adm_name'];
$adm_mob=$_POST['adm_mob'];
$adm_mail_id=$_POST['adm_mail_id'];
$adm_pass=$_POST['adm_pass'];
mysqli_query($con,"INSERT INTO admin_details (adm_name,adm_mob,adm_mail_id,adm_pass)
VALUES ('$adm_name','$adm_mob','$adm_mail_id','$adm_pass')");
if(mysqli_affected_rows($con) > 0){
$status = "New Admin added Sucessfully";
header("location: add_administrator.php?status=".$status);
} else {
$status = "Error in adding New Admin";
header("location: add_administrator.php?status=".$status);
}
?>
You need to stop the script after you redirect to make sure nothing else runs:
{
header("location: ...");
exit;
}
Also, your code is vulnerable to both XSS and SQL injection. Read about escaping HTML and prepared statements.
for preventing loop the session start: instead of
session_start();
session_regenerate_id(TRUE);
change to this:
if (session_status() == PHP_SESSION_NONE) {
session_start();
session_regenerate_id(TRUE);
}
update me with the result,
Note: dont forget to normalize the $_GET method for the security
improvement
I am trying to get my navbar to change when logged in so that the register and sign in turn into the user's username I have my code for this and I am not understanding why it's not working...
signin.php
<?php
include 'header.php';
include 'ini.php';
$username = "";
$password = "";
if(isset($_POST['login'])) {
if ($userQuery->execute()) {
while ($row = $userQuery->fetch()) {
$username = $_POST["username"];
$password = $_POST["password"];
$userQuery = $pdo->prepare("SELECT * FROM users WHERE username LIKE :username");
$addUserQuery->bindParam(":username", $username);
if (
username == $row['User_Username'] && password == $row['User_Password']
) {
$_SESSION['loggedin'] = "true";
$_SESSION['username'] = $username;
}
}
}
}
?>
<div class="container">
<div class="row">
<div class='col-md-3'></div>
<div class="col-md-6">
<div class="login-box well">
<form action="index.php" id="login" name="login">
<legend>Sign In</legend>
<div class="form-group">
<label for="username">Username</label>
<input value='' id="username" placeholder="Username" type="text" class="form-control" />
</div>
<div class="form-group">
<label for="password">Password</label>
<input id="password" value='' placeholder="Password" type="text" class="form-control" />
</div>
<div class="input-group">
<div class="checkbox">
<label>
<input id="login-remember" type="checkbox" name="remember" value="1"> Remember me
</label>
</div>
</div>
<div class="form-group">
<input type="submit" id="login" name="login" class="btn btn-default btn-login-submit btn-block m-t-md" value="Login" />
</div>
<span class='text-center'>Forgot Password?</span>
<div class="form-group">
<p class="text-center m-t-xs text-sm">Do not have an account?</p>
Create an account
</div>
</form>
</div>
</div>
<div class='col-md-3'></div>
</div>
</div>
<?php
include 'footer.php';
?>
header.php
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="Web Development company providing HTML, CSS, PHP and JS in your local area">
<meta name="author" content="Kieran Brownfield">
<title>Web Development Penzance - Providing Web Development in your area</title>
<!-- Bootstrap Core CSS -->
<link href="css/bootstrap.min.css" rel="stylesheet"/>
<link href="css/main.css" rel="stylesheet"/>
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<header class="header">Web Development Penzance</header>
<!-- Navigation -->
<nav class="navbar navbar-inverse navbar-static-top" role="navigation">
<div class="container">
<!-- Brand and toggle get grouped for better mobile display -->
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
</div>
<!-- Collect the nav links, forms, and other content for toggling -->
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
<li>
Home
</li>
<li>
About
</li>
<li>
Contact
</li>
<li>
Gallery
</li>
<li>
Meet the Team
</li>
</ul>
<ul class="nav navbar-nav pull-right">
<?php
if (isset($_SESSION['loggedin'])) { ?>
<li><p class="navbar-text navbar-right">Signed in as: <?php echo $_SESSION["username"] ?> </p></li>
<li>Logout</li>
<li>Account</li>
<?php } else { ?>
<li>Register</li>
<li>Login</li>
<?php } ?>
</ul>
</div>
<!-- /.navbar-collapse -->
</div>
<!-- /.container -->
</nav>
In order to access the $_SESSION variable across page loads, add session_start() to the top of both of these files. Docs.
I am trying to create a simple blog entry form where a user enters the title, blog entry and submits it. The form should then insert the 'blog entry' into MYSQL using the insert query.
I am getting NO errors.
When I submit form nothing is changed, the database has no new entry.
<?php
session_start();
date_default_timezone_set('America/Mexico_City');
if (!isset($_SESSION['usuario_usuario'])) {
header("Location: login");
} else {
include_once 'config.php';
$guardar_post = $conn -> prepare("INSERT into entries (post_title, post_content, created_at, updated_at) VALUES (:titulo_post, :contenido_post, :created_at, :updated_at);");
$guardar_post ->bindParam(":titulo_post", $titulo_post);
$guardar_post ->bindParam(":contenido_post", $contenido_post);
$guardar_post ->bindParam(":created_at", $created_at);
$guardar_post ->bindParam(":updated_at", $updated_at);
if (isset($_POST['enviar'])) {
$titulo_post = $_POST['titulo'];
$contenido_post = $_POST['editor1'];
$created_at = date("Y-m-d H:i:s");
$updated_at = date("Y-m-d H:i:s");
$guardar_post -> execute();
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<title>SB Admin 2 - Bootstrap Admin Theme</title>
<!-- Bootstrap Core CSS -->
<link href=" bower_components/bootstrap/dist/css/bootstrap.min.css" rel="stylesheet">
<!-- MetisMenu CSS -->
<link href=" bower_components/metisMenu/dist/metisMenu.min.css" rel="stylesheet">
<!-- Custom CSS -->
<link href=" dist/css/sb-admin-2.css" rel="stylesheet">
<!-- Custom Fonts -->
<link href=" bower_components/font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
<!-- CKEditor -->
<script src="ckeditor/ckeditor.js"></script>
</head>
<body>
<div id="wrapper">
<!-- Navigation -->
<?php include_once 'nav.php'; ?>
<!-- Page Content -->
<div id="page-wrapper">
<div class="container-fluid">
<div class="row">
<div class="col-lg-12">
<h1 class="page-header">Nuevo Post</h1>
</div>
<!-- /.col-lg-12 -->
</div>
<!-- /.row -->
<div class="row">
<div class="col-lg-12">
<div class="panel panel-default">
<div class="panel-heading">
Redactar nuevo post
</div>
<div class="panel-body">
<div class="row">
<div class="col-lg-10">
<form role="form">
<div class="form-group">
<label>Título</label>
<input class="form-control" name="titulo">
<p class="help-block">Entre el titulo del post.</p>
</div>
</form>
</div>
<div class="col-lg-10">
<div class="form-group">
<label>Text area</label>
<textarea name="editor1" id="editor1" class="form-control" rows="15"></textarea>
</div>
</div>
</div>
<div class="row">
<div class=" col-lg-5">
<p>
<button type="button" class="btn btn-outline btn-success" name="enviar">Enviar</button>
<button type="button" class="btn btn-outline btn-danger">Borrar</button>
</p>
</div>
</div>
</div>
</div>
</div>
</div>
<!-- /.container-fluid -->
</div>
<!-- /#page-wrapper -->
</div>
<!-- /#wrapper -->
<!-- jQuery -->
<script src=" bower_components/jquery/dist/jquery.min.js"></script>
<!-- Bootstrap Core JavaScript -->
<script src=" bower_components/bootstrap/dist/js/bootstrap.min.js"></script>
<!-- Metis Menu Plugin JavaScript -->
<script src=" bower_components/metisMenu/dist/metisMenu.min.js"></script>
<!-- Custom Theme JavaScript -->
<script src=" dist/js/sb-admin-2.js"></script>
<!-- Replace the <textarea id="editor1"> with a CKEditor -->
<script>CKEDITOR.replace( 'editor1' );</script>
the config.php file is:
<?php
$base = "mysql:host=localhost;dbname=bworld";
try {
$conn = new PDO($base, 'diego', 'diego');
} catch (PDOException $e) { echo $e; }
Does anybody know what I'm doing wrong. I am new to PHP and I have no idea how to debug a problem when I'm getting no errors!
You have to put all your fields inside <form> tag including your submit button
I also added type="submit" to your Enviar button
<div id="wrapper">
<!-- Navigation -->
<?php include_once 'nav.php'; ?>
<!-- Page Content -->
<div id="page-wrapper">
<div class="container-fluid">
<div class="row">
<div class="col-lg-12">
<h1 class="page-header">Nuevo Post</h1>
</div>
<!-- /.col-lg-12 -->
</div>
<!-- /.row -->
<div class="row">
<div class="col-lg-12">
<div class="panel panel-default">
<div class="panel-heading">
Redactar nuevo post
</div>
<div class="panel-body">
<form role="form">
<div class="row">
<div class="col-lg-10">
<div class="form-group">
<label>Título</label>
<input class="form-control" name="titulo">
<p class="help-block">Entre el titulo del post.</p>
</div>
</div>
<div class="col-lg-10">
<div class="form-group">
<label>Text area</label>
<textarea name="editor1" id="editor1" class="form-control" rows="15"></textarea>
</div>
</div>
</div>
<div class="row">
<div class=" col-lg-5">
<p>
<button type="button" class="btn btn-outline btn-success" name="enviar" type="submit">Enviar</button>
<button type="button" class="btn btn-outline btn-danger">Borrar</button>
</p>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
<!-- /.container-fluid -->
</div>
<!-- /#page-wrapper -->
</div>
<!-- /#wrapper -->
It was resolved with the method = post on the <form> tag
So, sef4eg was kind of right.
Here is the code:
<div class="panel-body">
<form role="form" action="" method="post">
<div class="row">
<div class="col-lg-10">
<div class="form-group">
<label for="titulo">Título</label>
<input id="titulo" class="form-control" name="titulo">
<p class="help-block">Entre el titulo del post.</p>
</div>
</div>
<div class="col-lg-10">
<div class="form-group">
<label for="editor1">Text area</label>
<textarea name="editor1" id="editor1" class="form-control" rows="15"></textarea>
</div>
</div>
</div>
<div class="row">
<div class=" col-lg-5">
<p>
<button type="submit" class="btn btn-success btn-success" name="enviar">Enviar</button>
<button type="button" class="btn btn-outline btn-danger">Borrar</button>
</p>
</div>
</div>
</form>
</div>
I have created a connection between php and mysql ,and i added a username and password on mysql table so i can login and redirect to a "members" page. It works at this point but what i want to do is to display "username" in some places in my "members" page with cookies.
On first.php , on navbar, blockquote where it says "User" thats where i want to replace it with the username that logins but with cookies and i haven't understood how to do it
My files:
config.php
<?php
$mysql_hostname="localhost";
$mysql_user="root";
$mysql_password="root";
$mysql_database="Electricians";
$bd=mysql_connect($mysql_hostname,$mysql_user,$mysql_password)or die("Bad Connection");
mysql_select_db($mysql_database,$bd)or die("Bad Connection");
?>
index.php
<?php
header("location:login.php");
?>
login.php
<?php
session_start();
include("includes/config.php");
if($_SERVER["REQUEST_METHOD"]=="POST")
{
$myusername=addslashes($_POST ['username']);
$mypassword=md5(addslashes($_POST[ 'password']));
$sql="SELECT userid FROM users WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1)
{
$_SESSION['login_admin']=$myusername;
header("location:http://localhost:8888/offlineproject/first.php");
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="css/theme.css">
<link rel="stylesheet" type="text/css" href="css/bootstrap.css">
<link rel="stylesheet" type="text/csc" href="css/bootstrap-glyphicons.css">
<link rel="stylesheet" type="text/csc" href="css/login.css">
<title>Online Drawing for Electricians</title>
</head>
<body>
<nav class="navbar navbar-inverse navbar-fixed-top" role="navigation">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
</div>
<div class="navbar-header">
<a class="navbar-brand" href="#"><img id="logoattop" src="images/nklogo.png" alt="Logo" >Online Drawing for Electricians </a>
</div>
</div>
</nav><
<div class="jumbotron">
<div class="container text-center">
<h1>Online Drawing for Electricians</h1>
<div class="container">
<form class="form-signin" method="post">
<h2 class="form-signin-heading">Please sign in</h2>
<label for="inputEmail" class="sr-only">Email address</label>
<input name="username" type="email" id="inputEmail" class="form-control" placeholder="Email address" required autofocus>
<label for="inputPassword" class="sr-only">Password</label>
<input name="password" type="password" id="inputPassword" class="form-control" placeholder="Password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
</form>
</div>
Skip
</div>
</div>
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="js/jquery-2.1.3.min.js"></script>
<!-- Include all compiled plugins (below), or include individual files as needed -->
<script src="js/bootstrap.min.js"></script>
</body>
</html>
first.php
<!Doctype html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="css/theme.css">
<link rel="stylesheet" type="text/css" href="css/bootstrap.css">
<link href="css/bootstrap-glyphicons.css"rel="stylesheet">
<title>Online Drawing for Electricians</title>
</head>
<body>
<nav class="navbar navbar-inverse navbar-fixed-top" role="navigation">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
</div>
<!navbar header-->
<div class="navbar-header">
<a class="navbar-brand" href="#"><img id="logoattop" src="images/nklogo.png" alt="Logo" >Online Drawing for Electricians </a>
</div>
<div class="collapse navbar-collapse" id="navbar-collapse">
<ul class="nav navbar-nav navbar-right">
<li></span> <User></li>
<li><span class="glyphicon glyphicon-log-out"></span> Logout</li>
</ul>
</div>
</div><!End-Container-->
</nav><!End-Nav-Bar-->
<div class="jumbotron">
<div class="container text-center">
<h1>Online Drawing for Electricians</h1>
<div class="btn-group">
Search
Upload
</div>
</div>
</div> <!End Jumbotron-->
<!Blockquotes-->
<div class="container">
<section>
<div class= "page-header" id="feedback">
<h2>Recent activity of <small><User></small></h2>
</div>
<div class="row">
<div class="col-lg-12">
<blockquote>
<p>"User" Today job is to fix the cables of the central bank.</p>
<p>Cables need to be fixed as soon as possible </p>
<footer>NK Electrical LTD</footer>
</blockquote>
</div>
<div class="col-lg-12">
<blockquote>
<p>Something Something
SomethingSomething
SomethingSomethingSomething</p>
<footer>Aris Con</footer>
</blockquote>
</div>
</div>
</section>
Skip
</div>
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="js/jquery-2.1.3.min.js"></script>
<!-- Include all compiled plugins (below), or include individual files as needed -->
<script src="js/bootstrap.min.js"></script>
</body>
</html>
logout.php
<?php
session_start();
if(session_destroy())
{
header("location: index.php");
}
?>
Just because a user/pass is set, you can't presume they are an admin, unless there is some further checking done. Either via a flag in the database or by matching a hardcoded value somewhere.
So you need to change this up to something like this:
$sql="SELECT userid FROM users WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
$row = mysql_fetch_assoc($result);
if($row['is_admin'] == '1'){
$_SESSION['login_admin']=$myusername;
header("location:http://localhost:8888/offlineproject/first.php");
exit;
}
else{
// do something else here
}
}
}
Try this for set cookie
$first_name = 'Rilakkuma';
setcookie('first_name',$first_name,time() + (86400 * 7)); // 86400 = 1 day
And for call cookie
$_COOKIE['first_name'];
See more here --> http://davidwalsh.name/php-cookies
$first_name = "user";
then setcookie(); use this one for setting cookie
$COOKIE['first_name']