I already searched for an answer here, but none of them could help me fix my problem.
I have a form with the following HTML code at the beginning:
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" id="registration_form">
Standard form, whenever there is an error, the user will be redirected back to to registration form. Everytime, he is on that page, the following PHP code will be executed:
<?php
$fnameErr = $lnameErr = $emailErr = $pwErr = $pw_confErr = "";
$fname = $lname = $email = $pw = $pw_conf = "";
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["fname"])) {
$fnameErr = "(Please submit first name)";
}
else {
$fname = test_input($_POST["fname"]);
}
if (empty($_POST["lname"])) {
$lnameErr = "(Please submit last name)";
}
else {
$lname = test_input($_POST["lname"]);
}
if (empty($_POST["email"])) {
$emailErr = "(Please submit email address)";
}
else {
$email = test_input($_POST["email"]);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "(Email address is not valid)";
}
}
include ("script/registration_email_compare.php");
if (empty($_POST["pw"])) {
$pwErr = "(Please submit password)";
}
else {
$pw = test_input($_POST["pw"]);
$pwHash = password_hash($pw, PASSWORD_DEFAULT);
}
if (empty($_POST["pw_conf"])) {
$pw_confErr = "(Please confirm password)";
}
else {
$pw_conf = test_input($_POST["pw_conf"]);
}
if ($_POST["pw"] !== $_POST["pw_conf"]) {
$pwErr = "(Please confirm password)";
$pw_confErr = "";
}
if (empty($fnameErr) && empty($lnameErr) && empty($emailErr) && empty($pwErr) && empty($pw_confErr))
{
ob_start();
include ("script/registration_db_add.php");
include ("script/registration_send_mail.php");
header("Location: registration_success.php");
exit;
}
}
?>
My problem now is that the user is added to my database, but he is not redirected to registration_success, but instead is redirected back to registration.php, where an empty page is returned.
I have no idea how to fix that error and couldn't find any suitable solutions, so I'm happy for any help.
Another extra info: my script is working on localhost, but not after I published it, that's pretty weird actually.
Related
I want to change page after validation in PHP but, it appears on the same page with the validation.
Here is the logical process i want
if validation didnt complete/invalid input
display error messages, and user must input again in the same page.
if form is validated complete with no invalid input.
User will be moved to a new page for reviewing the inputed data.
And this is my PHP
<?php
// define variables and set to empty values
$nameErr = $emailErr = $genderErr = $websiteErr = "";
$name = $email = $gender = $comment = $website = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["name"])) {
$nameErr = "Name is required";
} else {
$name = test_input($_POST["name"]);
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = test_input($_POST["email"]);
}
if (empty($_POST["website"])) {
$website = "";
} else {
$website = test_input($_POST["website"]);
}
if (empty($_POST["comment"])) {
$comment = "";
} else {
$comment = test_input($_POST["comment"]);
}
if (empty($_POST["gender"])) {
$genderErr = "Gender is required";
} else {
$gender = test_input($_POST["gender"]);
}
}
if($nameErr == "" && $emailErr == "" && $genderErr == "" && $websiteErr == "") {
header('Location: http://subc.chaidar-525.com');
exit();
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
I use some referance from W3School, and it makes the review of data is in the same page as the form and validation, and i want the user will be transfered to another new page for reviewing their inputed data.
Use a session, roughly like this:
session_start();
if($nameErr == "" && $emailErr == "" && $genderErr == "" && $websiteErr == "") {
$_SESSION['inputdata'] = $_POST;
//A neater version would be to assign all vars, like:
//$_SESSION['gender'] = $gender;
header('Location: http://subc.chaidar-525.com');
exit();
}
on the next page, use this:
session_start();
$input_data = $_SESSION['inputdata'];
Using PHP, the validation on my form is correct and I even use a redirect header when the form is submitted correctly, this part works just fine, however, when the form is validated or showing errors a entry is submitted when it should not, is their anything I need to be added to my code base to fix this bug, take a look at my code below..
<?php
$e_first = ""; $e_last = ""; $e_email = ""; $success = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
require_once("config.php");
require_once("database.php");
require_once("controller.php");
$firstname = sanitize($_POST['firstname']);
$lastname = sanitize($_POST['lastname']);
$email = sanitize($_POST['email']);
$submit = sanitize($_POST['submit']);
if (empty($firstname)) {
$e_first = "First Name is required";
} else {
$firstname;
if (!preg_match("/^[a-zA-Z ]*$/", $firstname)) {
$e_first = "Only letters and white space allowed";
}
}
if (empty($lastname)) {
$e_last = "Last Name is required";
} else {
$lastname;
if (!preg_match("/^[a-zA-Z ]*$/", $lastname)) {
$e_last = "Only letters and white space allowed";
}
}
if (empty($email)) {
$e_email = "Email Address is required";
} else {
$email;
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$e_email = "Invalid Email Address";
}
}
$users = [
'firstname' => $firstname,
'lastname' => $lastname,
'email' => $email
];
$control = new Controller();
$control->addCustomer($users);
if (isset($submit)) {
switch (false) {
case !empty($firstname) || $firstname == $e_first :
$success = "";
break;
case !empty($lastname) || $lastname == $e_last :
$success = "";
break;
case !empty($email) || $email == $e_email :
$success = "";
break;
default :
$success = "Thank you $firstname $lastname";
header("Location: success.php");
break;
}
}
}
function sanitize($data) {
$data = htmlspecialchars($data);
$data = stripslashes($data);
$data = strip_tags($data);
$data = trim($data);
return $data;
}
?>
The bit where you add the user should be after you check for errors
default :
$control = new Controller();
$control->addCustomer($users);
$success = "Thank you $firstname $lastname";
header("Location: success.php");
break;
I'm still starting to learn PHP and i don't know which part did i miss why i can't access the variable from other php file even though i include this in my index file.
Here's how i include the other php into my index file
index.php
<?php
include 'includes/signup.inc.php';
?>
With in this index.php I have this form:
<form id="form" action="includes/signup.inc.php" method="POST">
<div id="form1">
<label for="fname">First Name:</label>
<input type="text" name="fname"><span><?php echo $fnameerr?></span>
<br>
</div>
</form>
the variable $fnameerr is a variable from other php file inside includes folder named signup.inc.php if I only have this code inside signup.inc.php
<?php
include 'dbh.inc.php';
$fname = $lname = $email = $uid = $pw = "";
$fnameerr = $lnameerr = $emailerr = $uiderr = $pwerr = "";
this variable $fnameerr can be seen from index.php. But when i start to include this code:
<?php
include 'dbh.inc.php';
$fname = $lname = $email = $uid = $pw = "";
$fnameerr = $lnameerr = $emailerr = $uiderr = $pwerr = "";
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (empty($_POST['fname']))
{
$fnameerr = "First Name Required";
}
else
{
$fname = cleandata($_POST['fname']);
}
if (empty($_POST['lname']))
{
$lnameerr = "Last Name Required";
}
else
{
$lname = cleandata($_POST['lname']);
}
if (empty($_POST['email']))
{
$emailerr = "Email Required";
}
else
{
$email = cleandata($_POST['email']);
}
if (empty($_POST['uid']))
{
$uiderr = "User ID Required";
}
else
{
$uid = cleandata($_POST['uid']);
}
if (empty($_POST['pw']))
{
$pwerr = "Password Required";
}
else
{
$pw = cleandata($_POST['pw']);
}
}
function cleandata($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if (!empty($fname) || !empty($lname) || !empty($email) || !empty($uid) || !empty($pw))
{
$sql = "INSERT INTO userlist(fname, lname, email, uid, pw) VALUES('$fname', '$lname', '$email', '$uid', '$pw');";
}
mysqli_query($conn, $sql);
header("location:../index.php");
?>
I can't access my index.php instead i am redirected to dashboard.
I thought of using php header to redirect upon validation successful. However it's seems broken to me. How do I implement one then. Condition is when all the validation is validated then it would only redirect.
<?php
// define variables and set to empty values
$nameErr = $lastnameErr = $emailErr = $passwordErr = $confirmpasswordErr = $checkboxErr= "";
$name = $lastname = $email = $password = $confirmpassword = $checkbox = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["firstname"])) {
$nameErr = "First Name is required";
}else {
$name = test_input($_POST["firstname"]);
}
if (empty($_POST["lastname"])) {
$lastnameErr = "Last Name is required";
}else {
$name = test_input($_POST["lastname"]);
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
}else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
if(!empty($_POST["password"]) && ($_POST["password"] == $_POST["confirmpassword"])) {
$password = test_input($_POST["password"]);
$confirmpassword = test_input($_POST["confirmpassword"]);
if (strlen($_POST["password"]) <= '8') {
$passwordErr = "Your Password Must Contain At Least 8 Characters!";
}
elseif(!preg_match("#[0-9]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Number!";
}
elseif(!preg_match("#[A-Z]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Capital Letter!";
}
elseif(!preg_match("#[a-z]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Lowercase Letter!";
}
}
elseif(empty($_POST["password"])) {
$passwordErr = "Password not filled at all";
}
elseif(!empty($_POST["password"])) {
$confirmpasswordErr = "Password do not match";
}
if(!isset($_POST['checkbox'])){
$checkboxErr = "Please check the checkbox";
}
else {
$checkbox = test_input($_POST["checkbox"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
header('Location: http://www.example.com/');
Set $error = 1 if any condition get failed , and at the bottom check if($error!=1) then redirect
and you can also use javascript redirect if header is not working
Look at the closing "?>"-Tab. header will generate a html-header, but is a php-function and should be inside the ?php ?> bracket.
Consider using html5 input validation - saves some code and server roundtrips to let the browser do the validation
Omit the closing "?>" altogether. Its not necessary and can lead to hard to see errors when there is content - even blanks - after the "?>"
Consider using the filter_input function with appropriate parameters to access $_POST and set your variables.
I have a simple login form that allows a user to login, although the form is working fine, but there is one condition where i wish to redirect it to someother page, instead of regular index page.
piece of code where i am facing issue is
if($spid=="")
{
header('Location:index.php');
}
else
{
header('Location:new.php?id=$spid');
}
the issue is even if the $spid has a value it is getting redirected to index.php page. can anyone please tell why this is happening
the whole code from which the above code has been extracted is
<?php
$spid=$_GET['spid'];
$emailErr = $pswrdErr = $loginErr = "";
$email = $password = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["email"])) {
$emailErr = "Email is required";
}
else {
$email = test_input($_POST["email"]);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
if (empty($_POST["password"])) {
$pswrdErr = "password is required";
}
else {
$password = test_input($_POST["password"]);
}
$sql = "SELECT * FROM usertable where email='".$email."' and password='".$password."' ";
$result = mysqli_query($con, $sql);
if (mysqli_num_rows($result) > 0) {
while($row = mysqli_fetch_assoc($result)) {
$_SESSION['loggedin'] = true;
$_SESSION['email'] = $email;
if($spid=="")
{
header('Location:index.php');
}
else
{
header('Location:new.php?id=$spid');
}
}
}
else {
$loginErr = "Invalid Credentials";
}
}
function test_input($data) {
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="POST" role="form">
<input type="text" class="form-control" name="email">
<input type="password" class="form-control" name="password">
</form>
As you said you are getting value in $spid=$_GET['spid']; So instead of following above mentioned method take your $spid as hidden i/p text inside form and then pass it in your code as
$finalspid=$_POST["spid"]
and then put your if else condition according to $finalspid
Try this:
if(!isset($spid) && $spid==''){
header('Location:index.php');
} else {
header("Location:new.php?id=".$spid);
}