If I echo $codeee outside of the if loop, the value shows, but the value does not exist inside the loop which causes the UPDATE query to fail. How can I use the variable inside the loop?
PHP Code
require('connect.php');
$codeee = htmlspecialchars($_GET["recov"]);
echo $codeee;
$paso = $confpaso = "";
$pasoErr = $confpasoErr = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["paso"])) {
$pasoErr = "Password is required";
} else {
$paso = md5(test_inputing($_POST["paso"]));
}
$confpaso = md5(test_inputing($_POST["confpaso"]));
if ($confpaso != $paso) {
$confpasoErr = "Passwords do not match";
}
$emailing = test_inputing($_POST["emailing"]);
if ($pasoErr == $confpasoErr && $confpasoErr == "") {
$changepaso = "UPDATE users SET password='$paso' WHERE forgotcode = '$codeee'";
if ($conn->query($changepaso) === TRUE) {
$tellthem = "Your password was changed";
} else {
$tellthem = "Something Happened, the password was not changed";
}
}
}
HTML CODE
<form action=<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) ?> method="post">
<div class="register-top-grid">
<h3>FILL OUT YOUR INFORMATION TO CHANGE YOUR PASSWORD</h3>
<div>
<span>Email<label>*</label></span>
<input type="text" name="emailing" >
</div>
<div>
<span>Password<label>*</label><p style="color:red"><?php echo $pasoErr ?></p></span>
<input type="password" name="paso" >
</div>
<div>
<span>Confirm Password<label>*</label><p style="color:red"><?php echo $confpasoErr ?></p></span>
<input type="password" name="confpaso" >
</div>
</div></br></br>
<input type="submit" value="submit">
<p><?php echo $tellthem ?></p>
</form>
Related
I'm trying to add form data into my database table on Xampp ,but while My echo displays everything properly ,it doesn't input anything into the database table and I wonder if I'm missing something here.I made sure to spell everything the same ,so I doubt it's a spelling error atleast....Any help,suggestions and or corrections are greatly appreciated !
<!DOCTYPE HTML>
<html>
<head>
</head>
<body>
<?php
// define variables and set to empty values
$VarErr = $PavErr = $AdErr = $PkErr = $KiekErr = "";
$Vardas = $Pavarde = $Adresas = $Pk = $Kiekis = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["Vardas"])) {
$VarErr = "Įveskite vardą";
} else {
$Vardas= test_input($_POST["Vardas"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$Vardas)) {
$VarErr = "Galima vesti tik su raidėmis";
}
}
if (empty($_POST["Pavarde"])) {
$PavErr = "Įveskite pavardę";
} else {
$Pavarde = test_input($_POST["Pavarde"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$Pavarde)) {
$PavErr = "Galima vesti tik su raidėmis";
}
}
if (empty($_POST["Adresas"])) {
$AdErr = "Įveskite adresą";
} else {
$Adresas= test_input($_POST["Adresas"]);
}
if (empty($_POST["Pk"])) {
$Pk = "Įveskite prekės kodą";
} else {
$Pk = test_input($_POST["Pk"]);
}
if (empty($_POST["Kiekis"])) {
$KiekErr = "Įveskite kiekį";
} else {
$Kiekis = test_input($_POST["Kiekis"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Vardas: <input type="text" name="Vardas" value="<?php echo $Vardas;?>">
<span class="error">* <?php echo $VarErr;?></span>
<br><br>
Pavarde: <input type="text" name="Pavarde" value="<?php echo $Pavarde;?>">
<span class="error">* <?php echo $PavErr;?></span>
<br><br>
Adresas: <input type="text" name="Adresas" value="<?php echo $Adresas;?>">
<span class="error"><?php echo $AdErr;?></span>
<br><br>
Pk: <input type="number" name="Pk" value="<?php echo $Pk;?>">
<span class="error"><?php echo $PkErr;?></span>
<br><br>
Kiekis:<input type="number" name="Kiekis" value="<?php echo $Kiekis;?>">
<span class="error"><?php echo $KiekErr;?></span>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo "<h2>Your Input:</h2>";
echo $Vardas;
echo "<br>";
echo $Pavarde;
echo "<br>";
echo $Adresas;
echo "<br>";
echo $Pk;
echo "<br>";
echo $Kiekis;
$host = "localhost";
$user = "root";
$password ="";
$database = "uzsakymas";
try{
$connect = mysqli_connect($host,$user,$password,$database);
}
catch(mysqli_sql_exception $ex){
echo 'database connection error';
}
if(isset($_POST['insert'])) {
$Vardas = $_POST['Vardas'];
$Pavarde = $_POST['Pavarde'];
$Adresas = $_POST['Adresas'];
$Pk = $_POST['Pk'];
$Kiekis = $_POST['Kiekis'];
$insert_query = "INSERT INTO uzsakymai (Vardas,Pavarde,Adresas,Pk,Kiekis)VALUES('$Vardas','$Pavarde','$Adresas','$Pk','$Kiekis')";
try {
$insert_result = mysqli_query($connect,$insert_query);
if($insert_result){
if(mysqli_affected_rows($connect) > 0)
{
echo 'Data Inserted';
}else{
echo'Data not Inserted';
}
}
} catch(Exception $ex) {
echo 'Error Insert'.$ex->getMessmessage();
}
}
?>
</body>
</html>
hi your are checking value in insert isset($_POST['insert']) but insert name not assign in any control so assign insert name to your submit control check below :
<input type="submit" value="Submit" name="insert">
I'm kinda confused with your code but I think the wrong part is in here:
<input type="submit" name="submit" value="Submit">
You have this submit but look at this:
if(isset($_POST['insert']))
You are trying to check if POST is set to insert instead of submit.
Have this code i want to check if record exist in $pas before processing result
then try to verify $pas by form input
I have tried this:
$pas = "1234";
$text = "12345678910111213141516";
if(empty($pas)) {
echo $text;
}
else
{
if (isset($_POST["subscribe"]))
{
$phone = $_POST["phone"];
if ($phone == $pas)
{
echo $text;
}
else
{
if ($phone != "$pass")
{
echo erro;
}
}
}
}
if(!isset($_POST["phone"]) || $_POST["phone"] != $pas)
{
echo '<form action="#" method="POST">
Your Phone Number <br />
<input type="text" name="phone" value="080"/>
<input type="submit" name="subscribe" value="SEND PAYMENT"/>
</form>';
}
But I get result even when 'pas' is not there what am I doing Wrong?
<?php
$pas = "1234";
$text = "12345678910111213141516";
if(empty($pas)) {
echo $text;
}
else
{
if (isset($_POST["subscribe"]))
{
$phone = $_POST["phone"];
if ($phone == $pas)
{
echo $text;
}
else
{
if ($phone != "$pass")
{
echo erro;
}
}
}
if(!isset($_POST["phone"]) || $_POST["phone"] != $pas)
{
echo '<form action="#" method="POST">
Your Phone Number <br />
<input type="text" name="phone" value="080"/>
<input type="submit" name="subscribe" value="SEND PAYMENT"/>
</form>';
}
}
Your else bracket was closing sooner than you wanted so your echo would be executed anyway as it was outside of your if/else
In my code below i have two form section first one is to fetch information from database and second one is verify a record in the database my problem is how do verify a record and redirect to error page or if the input form do not march any record redirect to index page this my code;
<?php
include_once 'init.php';
$error = false;
//check if form is submitted
if (isset($_POST['book'])) {
$book = mysqli_real_escape_string($conn, $_POST['book']);
$action = mysqli_real_escape_string($conn, $_POST['action']);
if (strlen($book) < 6) {
$error = true;
$book_error = "booking code must be alist 6 in digit";
}
if (!is_numeric($book)) {
$error = true;
$book_error = "Incorrect booking code";
}
if (empty($_POST["action"])) {
$error = true;
$action_error = "pick your action and try again";
}
if (!$error) {
if(preg_match('/(check)/i', $action)) {
echo "6mameja";
}
if (preg_match('/(comfirm)/i', $action)) {
if(isset($_SESSION["user_name"]) && (trim($_SESSION["user_name"]) != "")) {
$username=$_SESSION["user_name"];
$result=mysqli_query($conn,"select * from users where username='$username'");
}
if ($row = mysqli_fetch_array($result)) {
$id = $row["id"];
$username=$row["username"];
$idd = $row["id"];
$username = $row["username"];
$ip = $row["ip"];
$ban = $row["validated"];
$balance = $row["balance"];
$sql = "SELECT `item_name` , `quantity` FROM `books` WHERE `book`='$book'";
$query = mysqli_query($conn, $sql);
while ($rows = mysqli_fetch_assoc($query)) {
$da = $rows["item_name"]; $qty = $rows["quantity"];
$sqll = mysqli_query($conn, "SELECT * FROM promo WHERE code='$da' LIMIT 1");
while ($prow = mysqli_fetch_array($sqll)) {
$pid = $prow["id"];
$price = $prow["price"];
$count = 0;
$count = $qty * $price;
$show = $count + $show;
}
}
echo "$show";
echo "$balance";
if ($show<$balance) {
if (isset($_POST["verify"])) {
$pass = mysqli_real_escape_string($conn, $_POST["pass"]);
if ($pass != "$username") {
header("location: index.php");
}
elseif ($pass = "$username") {
header("location: ../error.php");
}
}
echo '<form action="#" method="post" name="verify"><input class="text" name="pass" type="password" size="25" /><input class="text" type="submit" name="verify" value="view"></form>';
echo "you cant buy here";
exit();
}
} else {
$errormsg = "Error in registering...Please try again later!";
}
}
}
}
?>
<form role="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="booking">
<fieldset>
<legend>Check Booking</legend>
<div class="form-group">
<label for="name">Username</label>
<input type="text" name="book" placeholder="Enter Username" required value="<?php if($error) echo $book; ?>" class="form-control" />
<span class="text-danger"><?php if (isset($book_error)) echo $book_error; ?></span>
</div>
<input type="submit" name="booking" value="Sign Up" class="btn btn-primary" />
<table>
<input type="radio" name="action" value="comfirm" <?php if(isset($_POST['action']) && $_POST['action']=="comfirm") { ?>checked<?php } ?>>
<input type="radio" name="action" value="check" <?php if(isset($_POST['action']) && $_POST['action']=="check") { ?>checked<?php } ?>> Check booking <span class="text-danger"><?php if (isset($action_error)) echo $action_error; ?></span>
</div>
</table>
</fieldset>
</form>
in achievement am expected to redirect to error or index page but my code above refress back to first form what are my doing wrong. Big thanks in advance
I have got the following problem. It is a simple login and reg surface.
Register:
<form method="post">
Username :
<input type="text" name="username" placeholder="Username">
<br>
E-mail :
<input type="text" name="email" placeholder="E-mail ">
<br>
Password :
<input type="password" name="password" placeholder="Password">
<br>
<?php
if (isset($_POST['email']) && isset($_POST['password']) && isset($_POST['username'])) {
$allDatas = json_decode(file_get_contents('data.json'), true);
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$foundUser = false;
$valid = false;
//check the values
if (empty($_POST["email"])) {
?> <font size="1px"><?php echo "Email is required !"; ?> </font><?php
} else {
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
?> <font size="1px"><?php echo "Invalid email format!"; ?> </font><?php
}
}
if (empty($_POST["password"])) {
?> <br><font size="1px"><?php echo "Password is required !"; ?> </font><?php
}
if (empty($_POST["username"])) {
?> <br><font size="1px"><?php echo "Username is required !"; ?> </font><?php
}
//is it exists
foreach ($allDatas as $value) {
if ($value[0] == $username) {
?> <br><font size="1px"><?php echo "Username exists!"; ?> </font><?php
$foundUser = true;
break;
} elseif ($value[2] == $email) {
?> <br><font size="1px"><?php echo "E-Mail registered!";?> </font><br><?php
$foundUser = true;
break;
}
}
//add to database
if(!empty($_POST["password"]) && !empty($_POST["username"])&& !empty($_POST["email"]) && filter_var($email, FILTER_VALIDATE_EMAIL)){$valid = true;}
if (!$foundUser && $valid) {
$allDatas[] = array($username, $email, $password);
file_put_contents('data.json', json_encode($allDatas));
echo "Done";
}
unset($allDatas);
}
?>
<br>
<input type="submit" value="Registration">
</form>
<br>
<form action="index.php">
<input type="submit" name="back" value="Back">
</form>
and the login:
<form method="post">
Email:
<input type="text" name="email" placeholder="Email">
<br>
Password:
<input type="password" name="password" placeholder="Password">
<br>
<?php
$allDatas = json_decode(file_get_contents('data.json'), true);
$foundUser = false;
$action = "login.php";
if (isset($_POST['email']) && isset($_POST['password']) ) {
$password = $_POST['password'];
$email = $_POST["email"];
if (empty($_POST["email"])) {
?> <font size="1px"><?php echo "Email is required !"; ?> </font><?php
} else {
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
?> <font size="1px"><?php echo "Invalid email format!"; ?> </font><?php
}
}
if (empty($_POST["password"])) {
?> <br><font size="1px"><?php echo "Password is required !"; ?> </font><?php
}
foreach ($allDatas as $value) {
if ($value[2] == $email && $value[1] == $password) {
$foundUser = true;
$username = $value[0];
?> <font size="1px"><?php echo "Success! Welcome ", $username, " !"; ?> </font><?php
$action = "reddragon.html";
}
}
}
if(!$foundUser)
{
?><br> <font size="1px"><?php echo "Please type your datas!"; ?> </font><?php
}
?>
<br>
<input type="submit" value="Log in">
<br>
</form>
<font color="red" size="1px">Before you play, LOG IN!</font>
<form action="<?php echo "$action";?>">
<input type="submit" name="play" value="Play">
</form>
<form action="index.php">
<input type="submit" name="back" value="Back">
</form>
My problem is that, when I add a new member (username, psw, mail), it will be added to the JSON database, but the login surface does not see it! The old ones are ok, but the new one, that I've created by registration is not accepted by the login.
What can be the solution?
flip $email and $password on line #54 of register.php as follows:
$allDatas[] = array($username, $password, $email);
I am making the login page in php.
However, no If worth of blank check of html form is operated (line4)
After entering in the html of the form, even if you press the login does not have moved if statement.
Since the cause is not know, I want you to tell me
if (isset($_POST["login"])) {//PUSH login button
//form blank check
if ($_POST["email"] = '') {
$error['email'] = "blank";
} else if ($_POST["pass"] = '') {
$error['pass'] = "blank";
}
}
if(!empty($_POST['email'])){
//email & password verification
if($_POST['email'] != '' && $_POST['pass'] != ''){
$email = $_POST['email'];
$pass = SHA1($_POST['pass']);
$query = "select * from human";
$result = mysqli_query($dbc,$query);
$data = mysqli_fetch_array($result);
if($data['email'] == $email) { //form email & password
if($data['pass'] === $pass) {
setcookie('email', $email, time()+(60*60*24*3));
setcookie('pass', $pass, time()+(60*60*24*3));
setcookie('name', $date['name'], time()+(60*60*24*3));
exit();
}else{
$error['match'] = "anmatch"; //Mismatch Error
}
}
}
<!DOCTYPE html>
<form action="" method="post">
<dl>
<dt>email</dt>
<dd>
<input type="text" name="email" size="35" maxlength="255"
value="<?php echo htmlspecialchars($_POST['email']); ?>">
<?php if($error['email'] == 'blank'): ?>
<p><font color="red">* Input email</font></p>
<?php endif; ?>
</dd>
<dt>password</dt>
<dd>
<input type="password" name="pass" size="35" maxlength="255"
value="<?php echo htmlspecialchars($_POST['pass']); ?>">
<?php if($error['pass'] == 'blank'): ?>
<p><font color="red">* Input password</font></p>
<?php endif; ?>
</dd>
</dl>
<input type="submit" id="login" name="login" value="sigh in">
</form>
Firstly as mentioned in the comments, you are assigning a value in your if statements. Also as a second point I'd guess because your condition is a nested else if the first assignment is always true so the second condition will never be tested.
//form blank check
if ($_POST["email"] = '') {
$error['email'] = "blank";
} else if ($_POST["pass"] = '') {
$error['pass'] = "blank";
}
The second condition statement will only evaluate when the first is false
You should try checking each variable independently nand make sure you use ==
//form blank check
if ($_POST["email"] == '') {
$error['email'] = "blank";
}
if ($_POST["pass"] == '') {
$error['pass'] = "blank";
}