I need to keep two forms for login and Logout in one single page including PHP and HTML like
<html>
<body>
<form action="" method="post">
<input type="text" name="username">
<input type="submit" name="SubmitButton" value="Get in"/>
</form>
<form action="" method="post">
<input type="submit" name="logoutButton" value="Logout"/>
</form>
</body>
</html>
on PHP part I have
<?php
if(isset($_POST['SubmitButton'])){
$inputuser = $_POST['username'];
$_SESSION['user'] = 'A';
}
if(isset($_POST['logoutButton'])){
unset($_SESSION['user']);
header('Location: http://somewhere.com/');
}
As I said I have to keep everything on one single page but this looks like causing conflict between the POST(s) can you please let me know how to stop this and target each Post properly?
Related
I have two PHP files: index.php with a form, and data.php for further data manipulation.
Here is index.php:
<?php
session_start();
require_once("../index.conf");
$language = new Language();
$lang = $language->getLanguage(#$_POST['lang']);
?>
...
<form name="myForm" action="data.php" method="post" onsubmit="return validateForm()">
<input type="text" name="title" placeholder="e.g.: my_title" value="<?php echo isset($_POST['title']) ? $_POST['title'] : '' ?>">
...
<button class="btn_r" name="submit" type="submit">
<?php echo $lang['submit-button']; ?>
</button>
Here is data.php:
// success message
echo sprintf('
<div class="success">Good job! Your file <em>'.$file.'</em> was successfully created with this HTML content:<br>
<form name="goto_preview" method="post">
<input type="hidden" name="img_title" value="'.$title.'">
<button class="btn_l" name="reset" type="submit" name="logout" formaction="preview.php">PREVIEW RESULTS</button>
<button class="btn_r" name="submit" type="submit" name="continue" formaction="index.php">CORRECT DATA</button>
</form>
</div>',$img_name);
I try to return the user to the form, with the original values filled in if correction is needed. But the form always opens empty. What is wrong with my code?
Nothing is wrong with your code. That's just the way php forms work, you're redirecting to a new page therefore the form isn't filled out. To change that you could pass the POST arguments that you receive in the data.php and pass them back to index.php where you set them as default values (if present)
I updated the question.
Since the last code was pretty complex and even after fixing the stuff it didn't work, I executed the below simple code to check if things work. Even this code doesn't work. Whenever I click on the submit button, it again returns a 404 error.
Yes, I placed the PHP code in the body as well to check if this work but it doesn't.
<?php
if(isset($_POST['submit'])) {
echo("Done!!!!");
} else {
?>
<html>
<head>
<title>Echo results!</title>
</head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
<input name="submit" type="submit" value="submit"/>
</form>
<?php
}
?>
</body>
</html>
Try giving the button_create as name of the submit button
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
if(isset($_POST['button_create'])) {
<td><input type="submit" name="button_create" id="button_create" value="Create Table!"></td>
change these lines see how you go from there
There are a couple of things wrong here, method should be POST instead of GET. The name attribute of text fields should be used when receiving the values. The submit button name should be used to check whether the button is clicked or not. See the example given below.
<?php
if (isset($_POST['submit'])) {
$ex1 = $_POST['ex1'];
$ex2 = $_POST['ex2'];
echo $ex1 . " " . $ex2;
}
?>
<form action="" method="post">
Ex1 value: <input name="ex1" type="text" />
Ex2 value: <input name="ex2" type="text" />
<input name="submit" type="submit" />
</form>
Echo results!
<?php
if(isset($_POST['submit'])) {
echo("Done!!!!");
} else {
?>
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
<input name="submit" type="submit" value="submit"/>
</form>
<?php
}
?>
this is for your updated question
I'm trying to get to grips with sessions as it's a part of PHP I'm not very good with. Could you help me in explaining what is happening here on the two pages that I have? It is giving an undefined index and I've no idea why.
Thanks
File 1
<strong>Test Form</strong>
<form action="test2.php" method"post">
<input type="text" name="picturenum"/>
<input type="submit" name="Submit" value="Submit!" />
</form>
<?php
// starting the session
session_start();
if (isset($_POST['Submit'])) {
$_SESSION['picturenum'] = $_POST['picturenum'];
}
?>
File 2
<?php
session_start();
echo $_SESSION['picturenum'];
?>
session_start() must go at the top of the page:
<?php
session_start();
// Opening <html>, etc goes below
?>
<strong>Test Form</strong>
<form action="test2.php" method"post">
<input type="text" name="picturenum"/>
<input type="submit" name="Submit" value="Submit!" />
</form>
<?php
if (isset($_POST['Submit'])) {
$_SESSION['picturenum'] = $_POST['picturenum'];
}
?>
This works:
Form (teste1.php)
<?php
session_start();
// Opening <html>, etc goes below
?>
<strong>Test Form</strong>
<form action="test2.php" method"post">
<input type="text" name="picturenum"/> <!-- make sure you type something here -->
<input type="submit" name="Submit" value="Submit!" />
</form>
File 2 (test2.php)
<?php
if (isset($_POST['picturenum'])) {
$_SESSION['picturenum'] = $_POST['picturenum'];
echo $_SESSION['picturenum'];
}else{
echo "something wrong with the POST";
}
?>
As far as I can see, you're starting session after the form in the first file. The rule is: you should start the session before any echo or any HTML output, even before a space. So, basically, session_start() should be your first line after <?php.
Then, how do you get to the second page? If you close the browser and then re-open it, the session of course won't persist and you'll get your undefined index.
Please comment on this if you need any further explanations.
I'm doing php that is textbox a value empty it will open a alertbox (I'm using javascript in here )
this is my code
<?php
include('config.php');
if(isset($_POST['submit'])){
$username=$_POST['username'];
?>
<script>
function validate(){
if(document.forms[0].username.value==""){
window.alert("You must enter both values");
return false;
}
}
</script>
<?php
}
?>
<html>
<div><p>Member Profile</p>
<form action="testing.php" method="POST" onsubmit="return validate();">
Username<br>
<input class="user" type="text" name="username" id="username" /><br>
<input type="submit" name="submit" value="register" />
</form>
</div>
</html>
The problem is i have to click 2 times before the alert show
please help me to solve this problem
It's because the script is inside the php if(isset){} block, one click submits the form, which generates the script and then it works the second time.. try this setup instead:
<?php
include ('config.php');
if (isset($_POST['submit']))
{
$username = $_POST['username'];
}
?>
<html>
<head>
<script>
function validate () {
if (document.forms[0].username.value == "") {
window.alert("You must enter both values");
return false;
}
}
</script>
</head>
<body>
<div>
<p>
Member Profile
</p>
<form action="testing.php" method="POST" onsubmit="return validate();">
Username
<br>
<input class="user" type="text" name="username" id="username" />
<br>
<input type="submit" name="submit" value="register" />
</form>
</div>
</body>
</html>
Edit:
I've moved the script tag inside the head tag. I'm not sure if there are any implications for having the script outside but just to be sure I've moved it.
2nd Edit: (OCD is kicking in)
I've added body tags, not sure if you copied and pasted this code but it looked weird to me :)
I used a login script tutorial here: http://www.astahost.com/info/tilltf-simple-login-script-simple-secure-login-script.html and when I clocked login, there was a 404. When i went back, I was logged in. I followed the the tutorial exactly as it said. Any idea why it is going to this weird page?
<?php
session_start();
require_once 'database.php';
if (isset($_SESSION['user'])){
echo "Welcome ".$_SESSION['user'];
?>
<form name="logout" method="post" action="logout.php">
<input type="submit" name="logout" id="logout" value="Logout">
</form>
<br /><form name="news" method="post" action="news.php">
<input type="submit" name="news" id="news" value="News">
</form>
<?php
}
elseif(isset($_SESSION['admin'])){
echo"Welcome ".$_SESSION['admin'];
echo"<br><br>You are logged in as an Admin";
?>
<form name="logout" method="post" action="logout.php">
<input type="submit" name="logout" id="logout" value="Logout">
</form>
</form>
<?php
}else{
?>
<form name="login_form" method="post" action="login2.php">
<label>
<input name="user" type="text" id="user">ID<br />
<input name="pass" type="password" id="pass">Password<br />
</label>
<input type="submit" name="login" id="login" action="index.php" value="Login">
</label>
</p>
</form>
<form name="Register" method="post" action="reg.php">
<input type="submit" name="register" id="register" value="Register">
</form><br />
<form name="news" method="post" action="news.php">
<input type="submit" name="news" id="news" value="News">
</form>
<?php
}
?>
Glancing at the code you linked to, I noticed login2.php tries to redirect to Index.php in some cases, but to index.php (lowercase i) in other cases. It should be lowercase in both places. That might be the cause of your 404.
That tutorial has a couple header redirects:
header("location:Index.php");
and
header("location:index.php");
Make sure they're not supposed to be pointing to the same file, and make sure that file exists. It's logging you in, and then trying to redirect you to a file it can't find.
Depending on your type of server, this might cause problems:
if(mysql_num_rows($queryN) == 1) {
$resultN = mysql_fetch_assoc($queryN);
$_SESSION['user'] = $_POST['user'];
header("location:Index.php");
}
Specifically because the I in Index.php is capitalized, while all other references to the file utilize a lowercase i.
Also, this code is TERRIBLY formatted... but alas that's a different problem altogether.
Looking over the code at the link you provided, I see a likely cause. At the end of the login processing script, there's a call to header() which redirects back to the index page. One of them has different casing, and many web servers are case-sensitive by default:
header("location:index.php");
header("location:Index.php");
I'm guessing the lower case index.php is the correct one, so update your code accordingly.
just an added warning: the linked example has a serious security hole along these lines
$escaped_username = mysql_real_escape_string($username);
# make a md5 password.
$md5_password = md5($_POST['pass']);
$queryN = mysql_query("select * from user where username = '".$username."' and password = '".$md5_password."' AND level='1'");
$escaped_username is generated correctly, but the sql query still uses $username. this opens up the possibility to inject sql statements. be sure to change it.