So i have a file with PHP and HTML in it. The HTML works fine but when i enter the PHP it does not render anything for some reason. See code for beter refrence.
Also logs don't really say anything about the issue.
This fails to do anything
<?php
echo $_POST['naam'];
die();
?>
<!DOCTYPE html>
<html>
<head>
<title>Scouts Permeke</title>
<link rel="stylesheet" type="text/css" href="siteStyle.css">
</head>
<body>
<H2>Login</H2>
<form action="login.php" method="POST">
<input name="naam" type="text" id="naam" class="form-control" placeholder="Gebruikersnaam"/><br>
<input name="psw" type="password" id="psw" class="form-control" placeholder="Passwoord"/><br>
<button type="submit">Login</button>
</form>
</body>
</html>
But this shows my HTML as intended.
<!DOCTYPE html>
<html>
<head>
<title>Scouts Permeke</title>
<link rel="stylesheet" type="text/css" href="siteStyle.css">
</head>
<body>
<H2>Login</H2>
<form action="login.php" method="POST">
<input name="naam" type="text" id="naam" class="form-control" placeholder="Gebruikersnaam"/><br>
<input name="psw" type="password" id="psw" class="form-control" placeholder="Passwoord"/><br>
<button type="submit">Login</button>
</form>
</body>
</html>
You need to check if the variable is actually set, otherwise it will always print out the content of $_POST['naam'] without bothering if the user already inputted data and pressed the Submit-button.
if(isset($_POST['naam'])) {
echo $_POST['naam'];
die();
}
That is because it is ignoring an error as the $_POST array doesn't have the "naam" variable and your php.ini for display error is off. In php, if the array doesn't contain the key it will throw error and in this the error is ignored because of the production settings. Also, this is the reason why the "die();" line is not interpreted. Please check if php.ini has or commented
display_errors: Off
and make it into
display_errors: On
Restart apache to getting the settings work.
You can also remove/comment the first line of code in PHP tag and see if die() is working. Please do let us know if this fixed your error.
Related
i am making a "login and signup form" actions for my file. i searched about this many times but i cant find the answer and most of the topics are about sql which i don't use for these files.
im looking for a answer without include, sql, or session in my files
here's my codes
html:
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Gleacc</title>
<!-- Load external CSS styles -->
<link rel="stylesheet" href="styles.css">
</head>
<body>
<h1>Gleacc GG</h1>
<br>
<form action="data/signedup.php" method="get">
<label for="usn">
<input placeholder="Username" name="usn" required>
</label>
<br>
<label for="psw">
<input placeholder="Password" name="psw" required>
</label>
<br>
<input type="submit" value="Submit">
</form>
<!-- Load external JavaScript -->
<script src="scripts.js"></script>
</body>
</html>
signuped. php:
<?php
$psw = $_GET['psw'];
$usn = $_GET['usn'];
echo "<form action="data/logined.php" method="post"><input placeholder="Username" name="usn" required><br><input placeholder="Password" name="psw" required><br><input type="submit" value="Submit"></form>";
?>
logined.php: none since we cant compair the input because we cant get the $usn and $psw from signuped.php
I think you are being silly.
Are the users signing up every time they are on the website? If not, then you need to save their username and password in some sort of database.
Any other method used in signuped is exposing data that you shouldn't be exposing.
Here is one way to do what you want and make it a tad secure.
<?php
$psw = encrypt($_POST['psw']);
$usn = encrypt($_POST['usn']);
echo "<form action='data/logined.php' method='post'>
<input placeholder='Username' name='usn' required><br>
<input placeholder='Password' name='psw' required><br>
<input class='hidden' value='$usn' name='encusn'><br>
<input class='hidden' value='$psw' name='encpsw'><br>
<input type='submit' value='Submit'></form>";
?>
Where you use CSS to hide the two inputs. Be warned that it is not hard to expose them in the browser by anyone with even a little knowledge of CSS.
In your logined file you encrypt the entered values and compare them with encrypted values from the hidden inputs. I wouldn't use a two-way algorithm and try to decrypt the encrypted values.
first make sure that signuped.php is placed inside the folder data which placed same level as the html file.
then change the action in the html file from get to post and try var_dump($_POST) to see if the inputs has been submited.
Hey i'm having a problem where I cannot seem to get the value of an input using PHP, I have a form in HTML and another file named "handle.php" which i prints the value of username but when I submit It directs me to the file "handle.php" and does not print anything, just shows the script.
I tried doing the script inside the HTML but I got the same result, nothing happened so I thought maybe I need to make a function and then call it onclick but it didn't do anything eventually I made a separate file named "handle.php" and in the form I did "action="handle.php" which lead to the first problem.
HTML:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title> Hide/Show Password Login Form</title>
<meta name="viewport" content="initial-scale=1.0, width=device-width" />
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css">
<link rel="stylesheet" href="./style.css">
</head>
<body>
<div class="login_form">
<section class="login-wrapper">
<div class="logo">
<img src="logo.png" alt=""></a>
</div>
<form id="login" method="post" action="handle.php">
<label for="username">User Name</label>
<input required name="login[username]" type="text" autocapitalize="off" autocorrect="off" />
<label for="password">Password</label>
<input class="password" required name="login[password]" type="password" />
<div class="hide-show">
<span>Show</span>
</div>
<button type="submit">Sign In</button>
</form>
</section>
</div>
</body>
</html>
handle.php:
<?php
echo $_POST['login[username]'];
?>
By using this name="login[password]" you can get the values in PHP as:
print($_POST['login']['password']);
One more solution, store input array in a variable like:
$post = $_POST['login'];
then, use like:
echo $post['password']
$_POST['login']; will return a php array with all keys you used in your form. So you get the username key of this array like this:
echo $_POST['login']['username'];
first try to print only $_POST then you see what is you get in request.
always help to you for following this method. debug step by step then get the data into array.
<?php
$request=$_POST['login'];
echo $request["username"];
echo $request["password"];
?>
Replace textbox name as username in html code and Change php code as echo $_POST['username']; in handle.php
In Html code,
<input required name="username" type="text" autocapitalize="off" autocorrect="off" />
In php code( handle.php),
echo $_POST['username'];
I've written some html code, and once i tried to place some PHP inside it, anything below this sign ?> wouldn't appear!!! I have some pictures and text that wouldn't appear unless I place it above. I'm writing with Bootstrap 2.3 and phpMyAdmin 4.10. all languages. Thank you for your time in advance.
here is my code so far:
<!DOCTYPE html>
<html>
<head>
<link type="text/css" rel="stylesheet" href="bootstrap/css/bootstrap.css">
<link type="text/css" rel="stylesheet" href="bootstrap/css/myStyle.css">
<title>OJRA - Registration</title>
</head>
<body>
<div style="width:400px; height:400px; border-radius:5px; background-color:#aaa; margin-left:100px;">
<form action="" method="post" style="margin-left:20px;">
<h6>Username</h6>
<input type="text" name="username" placeholder="Your Username">
<h6>Password</h6>
<input type="password" name="usrPassowrd" placeholder="Your password">
<h6>Email</h6>
<input type="email" name="usrEmail" placeholder="Your Email"><br>
<input class = "btn btn-default" type="submit" value = "Register">
</form>
</div>
<div style="width:400px; height:400px; border-radius:5px; background-color:#aaa; margin-left:100px;">
<form action="" method="post" style="margin-left:20px;">
<h6>Username:</h6> <input type="text" name="username" placeholder="Your username">
<h6>Password:</h6> <input type="password" name="usrPassowrd" placeholder="Your password">
<input class = "btn btn-default" type="submit" value="Sign in">
</form>
<?php
define('INCLUDE_CHECK',true);
require 'connect.php';
$username = $_POST['username'];
if($username == "")
{
die("cannot go empty");
header("location:index.php");
exit;
}
$password = $_POST['usrPassword'];
$email = $_POST['usrEmail'];
$query = "insert into tz_members values('$username', '$password', '$email')";
mysql_query($query) or die(mysql_error());
?>
</div>
<img src="sexymotivation.jpg" style="margin-top:-800px; margin-right:10px;" class="pull-right">
</body>
</html>
A few things have already been outlined (as answers) that do make sense, however I spotted a few typos in your inputs that will prevent your form from working, plus a few other points.
Here are a few of my recommendations:
First, this (in 2 instances) has a typo in it name="usrPassowrd" which should read as name="usrPassword" to go with your existing $password = $_POST['usrPassword'];
As I stated in my original comments:
Comment #1: die("cannot go empty"); header("location:index.php"); exit; Your header won't do anything, because it DIE()'d and that will cease to go any further.
Comment #2: What I suspect is going on is, because you've got your entire code inside one big clump, and that if certain conditions aren't met... it still wants to keep going. Now, I suggest that you put a conditional statement wrapped around your PHP....
such as if(isset($_POST['submit'])){ // PHP } then add this to your submit button name="submit" --- I also suggest you split up your form and your PHP/SQL altogether and make it submit to another page instead, with the same conditional statement I've already outlined.
If you absolutely want to execute everything in one page, try the following:
Note: I borrowed the img src from user3009875's answer also.
(Rewrite)
<!DOCTYPE html>
<html>
<head>
<link type="text/css" rel="stylesheet" href="bootstrap/css/bootstrap.css">
<link type="text/css" rel="stylesheet" href="bootstrap/css/myStyle.css">
<title>OJRA - Registration</title>
</head>
<body>
<div style="width:400px; height:400px; border-radius:5px; background-color:#aaa; margin-left:100px;">
<form action="" method="post" style="margin-left:20px;">
<h6>Username</h6>
<input type="text" name="username" placeholder="Your Username">
<h6>Password</h6>
<input type="password" name="usrPassword" placeholder="Your password">
<h6>Email</h6>
<input type="email" name="usrEmail" placeholder="Your Email"><br>
<input class = "btn btn-default" type="submit" value = "Register">
</form>
</div>
<div style="width:400px; height:400px; border-radius:5px; background-color:#aaa; margin-left:100px;">
<form action="" method="post" style="margin-left:20px;">
<h6>Username:</h6> <input type="text" name="username" placeholder="Your username">
<h6>Password:</h6> <input type="password" name="usrPassword" placeholder="Your password">
<input class = "btn btn-default" name="submit" type="submit" value="Sign in">
</form>
<?php
// this below, will prevent a premature execution of code
if(isset($_POST['submit'])){
define('INCLUDE_CHECK',true);
require 'connect.php';
$username = $_POST['username'];
if($username == "")
{
die("cannot go empty");
// header("location:index.php"); // commented out
exit;
}
$password = $_POST['usrPassword'];
$email = $_POST['usrEmail'];
$query = "insert into tz_members values('$username', '$password', '$email')";
mysql_query($query) or die(mysql_error());
} // end brace for if(isset($_POST['submit']))
?>
</div>
<!-- commented out original img src -->
<!--
<img src="sexymotivation.jpg" style="margin-top:-800px; margin-right:10px;" class="pull-right">
-->
<!-- new img src by user3009875 in an answer given -->
<img src="sexymotivation.jpg" style="margin-top:100px; margin-right:10px;" class="pull-right">
</body>
</html>
You can't use header() there to perform a redirection because you've already outputted some HTML and PHP has flushed HTTP headers.
The reason that <img> disappeared is probably that you called die(). This function terminates the whole page at once.
If you see cannot go empty, you should check the form to make sure you posted username field. If you see some error message about MYSQL, it is mysql_query($query) that fails.
By the way, your code has a SQL Injection problem.
IT doesn't load below ?> because script fails. This is common behaviour when there is a bug.
Check tail -f /var/log/apache2/error.log on linux (terminal)
Check tail -f /var/log/apache2/error_log on max (terminal)
windows -> I have no idea... somewhere in C:\\
At this point:
die("cannot go empty");
you stop the script. The following PHP code will not be executed and the HTML will not be sent to the user.
It's possible that there is an error when executing your PHP code, that would prevent it from going through the rest of the file.
Using your browser's Developer Tools, check the contents of the HTML that was returned, it's possible that the last line could be an error message. If you have erorr_reporting off then it would write to your error log only.
/var/log/apache2/error.log is a common location for the error log file if you are using Apache on a Linux machine.
As a side note, that code you have is very dangerous, do not use data sent from the client directly in a SQL statement, you need to sanitize otherwise you make your web app vulnerable to SQL injection.
Consider using a prepared statement
http://php.net/manual/en/pdo.prepare.php
Try:
<img src="sexymotivation.jpg" style="margin-top:100px; margin-right:10px;" class="pull-right">
I think setting the top margin to -800px will cause it to disappear from the screen.
Also, make sure your image is of .jpg.
So I have a very simple login-form in html/php
login1.php
<?php include('settings.php'); ?>
<!DOCTYPE html>
<html>
<head>
<title>login</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<form id="form1" name="form1" method="post" action="<?=$basehttp;?>/login_auth1.php">
<input name="ahd_username" type="text" id="ahd_username" size="35" maxlength="255" />
<input name="ahd_password" type="password" id="ahd_password" size="35" maxlength="35" />
<input type="submit" name="Submit" value="Login" />
</form>
</body>
</html>
login_auth1.php
<?php
include('settings.php');
print_r($_POST);
print_r(getallheaders());
if(isset($_POST['ahd_username']) && isset($_POST['ahd_password'])){
//database queries and stuff, send user elsewhere if login correct
}
?>
<!DOCTYPE html>
<html>
<head>
<title>login</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<form id="form1" name="form1" method="post" action="<?=$basehttp;?>/login_auth1.php">
<input name="ahd_username" type="text" id="ahd_username" size="35" maxlength="255" />
<input name="ahd_password" type="password" id="ahd_password" size="35" maxlength="35" />
<input type="submit" name="Submit" value="Login" />
</form>
</body>
</html>
When running login1.php (in some) web browsers the POST in login_auth1.php will be empty. But when submiting the exact same form again from login_auth1.php it works just fine. What might be the cause of this error? How to debug further? FYI The server is running Varnish.
Link to output with headers for some calls can be found in this textfile.
Edit:
Have no hair left on my head now but I've figured out a way that "works". If I merge my loginfiles to a single file, put that file into a separate folder /login, removing the url in action tag completly (so it will be action="") and configure Varnish to
if (req.url ~ "/login"){
set req.backend = mybackend;
return (pass);
}
it will work. This feels like a really crappy "solution", especially the part with removing the string in the action tag but it's the only way that I've made it work. I've tried tons of different Varnish configurations, including return (pipe). Does anyone have any idea on how to get it to work properly? Or why this weird version above works?
A good and lasting practice, to replace your quick hack, is to not cache any post requests by:
if ( req.request == "POST" ) {
return (hit_for_pass);
}
Varnish' standard behaviour[1] (at least in 3.0, debian) is to pass POST request directly to backend:
sub vcl_recv {
#...
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
#...
}
So if default code is not reached (you call return(xxx) in your vcl_recv) you should take care of this kind of requests in your own VCL code, returning a pass or either a hit_for_pass as suggested by Clarence.
[1] https://www.varnish-cache.org/docs/3.0/reference/vcl.html#examples
I'm building my first PHP website (attempting to, anyway!), and I'm trying to create a contact form whose contents are submitted to me via email. I've got the email part down, but I'm having trouble getting the form ("contact.php") to accept data. It automatically refreshes as soon as I type a character in any field. Here's the relevant code:
<div class="contactform">
<form name="contactform" method="post" action="contact-receiver.php">
<fieldset><legend><strong>Required Information</strong></legend>
First Name: <input type="text" name="firstName" size="35" maxlength="30"/>
Last Name: <input type="text" name="lastName" size="35" maxlength="30"/>
Email: <input type="text" name="emailAddress" size="60" maxlength="55"/>
</fieldset>
<input type="submit" value="Submit"/>
<input type="reset" value="Reset"/>
</form>
</div>
This works fine when tested independent from the rest of the site. However, here's the context:
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<link rel="stylesheet" type="text/css" href="styles.css" />
</head>
<body>
<?php include 'header.php'; ?>
<?php
$id = $_GET['id'];
switch($id)
{
case 'main':
include 'storeinfo.php';
break;
case 'shop':
include 'inventory.php';
break;
case 'cart':
include 'cart.php';
break;
case 'contact':
include 'contact.php';
break;
default:
include 'error.php';
}
?>
<?php include 'footer.php'; ?>
</body>
</html>
"contact.php" works fine when displayed as a separate page, but won't accept any input when accessed as an include file. If I try to enter data in any of the fields, the page immediately refreshes after I type the first character, and the data is lost.
If anyone could point me in the right direction, I would really appreciate it!
EDIT
Disabling Javascript didn't work. I cleared my cache and restarted my browser (Firefox) just to be sure. While I'm working on that voodoo priest, here's the page source for index.php?id=contact:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>Main</title>
<link rel="stylesheet" type="text/css" href="styles.css" />
</head>
<body>
<div>
<p><img src='headerimg.png' class='header'/></p><a href='index.php?id=main'>
<img src='mainbutton.png' class='nav1'</a><a href='index.php?id=shop'>
<img src='shopbutton.png' class='nav2'</a><a href='index.php?id=cart'>
<img src='cartbutton.png' class='nav2'</a><a href='index.php?id=contact'>
<img src='contactbutton.png' class='nav2'</a>
</div>
<div class="contactform">
<form name="contactform" method="post" action="contact-receiver.php">
<fieldset><legend><strong>Required Information</strong></legend>
First Name: <input type="text" name="firstName" size="35" maxlength="30"/>
Last Name: <input type="text" name="lastName" size="35" maxlength="30"/>
Email: <input type="text" name="emailAddress" size="60" maxlength="55"/>
</fieldset>
<input type="submit" value="Submit"/>
<input type="reset" value="Reset"/>
</form>
</div>
<div id = "footer">
<p>©2012</p>
</div>
</body>
</html>
It sounds like a Javascript-related problem.
Check and make sure you're not including any scripts which try to autocomplete, as being misconfigured might cause it to send a request upon key up which would cause the behavior you're mentioning.
An easy way to test this is to disable JavaScript in your browser and see if the issue continues. If it does, it means you have ghosts in your computer and should see a voodoo priest. If the issue doesn't persist, it means it's an issue with some JavaScript on your site.
Posting some contents of header.php will help, as well. OR, you could simply post the complete HTML page source once - that is, visit your index.php?id=contact page, hit view source, and show that here.