The page is unable to see the login form whose code is written under the isset function statement. I have written the code correctly and have executed it many times , but now the code written inside the isset statement does not works. here is the code:-
<?php
session_start();
echo "<p style=\"font-color: #ff0000;\"> Catogoies </p>";
echo '<link href="var/www/html/sample.css" rel="stylesheet">';
require_once('../html/conn.php');
$query = "select * from catogories";
mysqli_select_db($dbc, 'odit');
$retrieve = mysqli_query($dbc, $query);
if(!$retrieve)
{
die(mysqli_error($query));
}
while($row=mysqli_fetch_array($retrieve, MYSQL_ASSOC)){
echo "<p style=\"font-color: #ff0000;\">".''.$row["Name"].''."</p>";
$_SESSION['cat']=$row["Name"];
}
if(!($_SESSION)) {
session_start();
}if(isset($_SESSION['lgout']))//the variable logout intialization line
{
if($_SESSION['lgout']!=1||$_SESSION['signup']){
echo "Hello : ".''.$_SESSION['unme'].''; echo "<br><br>";
echo '<a href="logout.php">'."Logout";}
else {
include 'lform.php'; echo "<br><br>";
echo '<a href="Sign_up.php">'."Sign up"."<br>";
} }
mysqli_close($dbc);
//include 'lform.php';
?>
<br>
<a href = 'adding_catogory.php'>Create a New Catogory</a><br><br>
<a href = 'Log_in.php'></a>
<?php
$db = #mysqli_connect("localhost", "oddittor", "Odit#123", "odit");
if(isset($_POST['login'])){
$username=mysqli_real_escape_string($db, $_POST['l_id']);
$password=mysqli_real_escape_string($db, $_POST['pswd']);
$sql="SELECT * from users where usrName='$username' and pswrd = '$password'";
$result = mysqli_query($db, $sql) or die(mysqli_error($db));
$count=mysqli_num_rows($result) or die(mysqli_error($db));
if($count>0) {
$_SESSION['unme']=$username; //This is the global session variable...used for storing the variables across the pages.
$_SESSION['lgout']=0;
header('Location : session.php'.$_SESSION['unme']);
header("Location : Homepage.php".$_SESSION['unme'].$_SESSION['lgout']); header( "refresh:0;url=Homepage.php" );
$_SESSION['unme']=$username;
}
else {
$error = "Invalid Details! Please Renter them"; }
}
?>
Here the problem is in the
if(isset($_SESSION['lgout']))
line if, I remove this line i can see the login page form but by doing so, I get the error of undefined variable logout whenever, I open the page for the first time.
here is the logout script
<html>
<?php
session_start();
$_SESSION['lgout']=1;
$_SESSION['signup']=0;
echo ' You have been successfully logged out';
header('Location : Homepage.php'.$_SESSION['lgout']);header( "refresh:0;url=Homepage.php" );
?>
</html>
You need to put your
session_start();
globally on the start of page. As it's not able to get $_SESSION object.
Just remove
session_destroy();
As you can access all $_SESSION values.
Your queries not secured. Use Prepared Statements instead of your all queries.
http://php.net/manual/en/mysqli.quickstart.prepared-statements.php
Related
Please i want logged in user to be able to view and edit their previous details in a mysql database..here is my code so far
<?php session_start(); include 'dpconfig.php';
if (isset($_SESSION['uid']))
{
echo $_SESSION['uid'];
}
else
{
echo "You are not Logged In!"; header("Location: header.php");
}
$n = mysqli_query($conn,"Select * from user");
$run = mysqli_query($conn,"Select * from user");
$row = mysqli_fetch_array($run, MYSQLI_BOTH);
{
$showid = $row[0];
$showfirst = $row[1];
$showlast = $row[2];
$showuid = $row[3];
echo $showid;
echo $showfirst;
}
?>
Thanks
What you need to do when your user have log in you then need to have links in the dashboard to profile page then you need to have a query string in your link
eg
<?php
session_start();
include 'dpconfig.php';
if (isset($_SESSION['uid']))
{
echo $_SESSION['uid'];
echo "<a href=\"profile.php?id=".$_SESSION['uid']."&action=view\">View Profile<a/>";
echo "Edit Profile";
}else{
// not allowed redirect
}
?>
The above code is just a basic dashboard after the user have loggedin, we display to links to profile.php with two query string parameters, namely id we will use this to identify the current user, and action, this one will help us to know what action the user is doing(viewing/editing) their profile
Then once they on any of the link, it will go to the profile.php page with url params. then we use GET method to do our proccessing
Read about Get method here
profile.php
<?php
session_start();
include 'dpconfig.php';
if(isset($_GET['id']) && isset($_GET['action'])){
if($_GET['action'] === "view"){
// show user profile
}
if(isset($_GET['action']) ==="edit"):?>
show html form with profile info to edit then process
<?php
endif;
}else{
// not allowed do something
}
?>
Hope this will atleast point you to the correct direction.
what is the best way to direct the user to another page given the IF statement is true. i want the page to direct the user to another page using PHP, when the IF statement is run, i tired this but it doesn't work??
if ( mysqli_num_rows ( $result ) > 0 )
{
header('Location: exist.php');
die();
}
Below is the full source code for the page.
<?php
// starts a session and checks if the user is logged in
error_reporting(E_ALL & ~E_NOTICE);
session_start();
if (isset($_SESSION['id'])) {
$userId = $_SESSION['id'];
$username = $_SESSION['username'];
} else {
header('Location: index.php');
die();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<body>
<p><span>Room No: </span><?php $room = $_SESSION['g'];
echo $room; // echo's room ?>
</p>
<p><span>Computer No: </span><?php
$select3 = $_POST['bike'];
echo $select3;
?>
</p>
<p><span>Date: </span><?php $date = $_POST['datepicker'];
echo $date; // echo's date
?>
</p>
<p><span>Start Session: </span>
<?php
if(isset($_POST['select1'])) {
$select1 = $_POST['select1'];
echo $select1;
echo "";
}
else{
echo "not set";
}
?>
</p>
<p><span>End Session: </span>
<?php
if(isset($_POST['select2'])) {
$select2 = $_POST['select2'];
echo $select2;
echo "";
}
else{
echo "not set";
}
?>
</p>
</div>
<div id="success">
<?php
$servername = "localhost";
$name = "root";
$password = "root";
$dbname = "my computer";
// Create connection
$conn = mysqli_connect($servername, $name, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$query = "SELECT * FROM `booked` WHERE
`date` = '{$date}' AND
`computer_id` = '{$select3}' AND
`start_time` = '{$select1}' AND
`end_time` = '{$select2}' AND
`room` = '{$room}'
";
$result = mysqli_query($conn, $query);
if ( mysqli_num_rows ( $result ) > 0 )
{
header('Location: exist.php');
die();
}
else
{
$sql = "INSERT INTO booked (date, computer_id, name, start_time, end_time, room)
VALUES ('$date', '$select3', '$username', '$select1', '$select2', '$room')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
}
?>
</div>
<form action="user.php">
<input type="submit" value="book another" class="bookanother" />
</form>
</div>
</body>
</html>
If the header is sent already, for example you have echo something before then the header will not work, because the header cannot be set after data flow has started, (since php would have already set the default headers for you). So, in this case if that is so, I do the redirect using javascript.
PHP Docs:
Remember that header() must be called before any actual output is
sent, either by normal HTML tags, blank lines in a file, or from PHP.
It is a very common error to read code with include, or require,
functions, or another file access function, and have spaces or empty
lines that are output before header() is called. The same problem
exists when using a single PHP/HTML file.
WORK-AROUND: This is a function I have written long back and include in controllers.
/**
* Safely redirect by first trying header method but if headers were
* already sent then use a <script> javascript method to redirect
*
* #param string
* #return null
*/
public function safeRedirect($new_url) {
if (!headers_sent()) {
header("Location: $new_url");
} else {
echo "<script>window.location.href = '$new_url';</script>";
}
exit();
}
add the function and simply call:
safeRedirect('index.php');
This is my PHP code page
<?php
session_start();
//include database connection
include_once("dbconn.php");
//afetr click the submit button the below code will be impelemnted
if(isset($_POST['id'])){
$id=$_POST['id'];
$Type=$_POST['Type'];
$Avalibility=$_POST['Avalibility'];
# insert data into MySQL database
$sql1 =" update $Type set Reserve=1 where APP_ID=$id ";
$sql2="INSERT INTO appointment_summary
SELECT Fname,Dep_Name,".$_SESSION['login_user'] .",D_ID,Hospital_Name,Hospital_Type,'".$_SESSION['Reason']."',APP_ID,Avalibility
FROM $Type
where APP_ID=$id";
$sql3="select * from appointment_summary where P_ID=".$_SESSION['login_user'] ." and Availability ='$Avalibility' ";
$result=$conn->query($sql3);
if ($result->num_rows != 1) {
$conn->query($sql2);
$conn->query($sql1);
echo "<script>
alert('Your appointment has been succssfuly add');
window.location.href='CheckAppoinmnets.php';
</script>";
} else {
$Invalid="<p style=\"color:red;\"> You alrredy have an appointment in this time</p>";
$_SESSION['Invalid']=$Invalid;
}
}
//enter code here
$conn->close();
This code which I used in HTML page
<?php
if(isset($_POST['id'])){
echo $_SESSION['Invalid'];
}
?>
try the following code
<?php
session_start();
if(isset($_REQUEST['id'])){
echo isset($_SESSION['Invalid'])?$_SESSION['Invalid']:'';
}
?>
it should print if you have value in ID and also in SESSION
I have a form that only opens if you're logged in, or at least thats what I'm trying to do, but it opens without having to do it. When I go to the log in page it sends me to the other page like if I was logging in, but it doesn't even show me the login page, heres the code:
this one is for the log in:
<?php
include ("conexion/conexion.php");
include("usuarios.class.php");
$usuario= $_POST['usuario'];
$clave= $_POST['clave'];
$objUsuario = new usuarios;
$srt= $objUsuario->autenticar_usuario($usuario,$clave,1);
$num =mysql_num_rows($srt);
if($usuario=="" || $clave==""){
$mensaje="campos en blanco";
header("location:loginusuario.php?mensaje=$mensaje");
}else
{
$objUsuario = new usuarios;
$srt= $objUsuario->autenticar_usuario($usuario,$clave,1);
$num =mysql_num_rows($srt);
}
if($num <= 0){
$mensaje="Usuario y/o clave Incorrectos";
header("location:loginusuario.php?mensaje=$mensaje");
}else{
$row=mysql_fetch_array($srt);
session_start();
$_SESSION['log'] = 's';
$_SESSION['nombre'] = $row['nombre'];
header("location:contrataciones.php");
}
?>
this is for the security file:
<?php
session_start();
if($_SESSION['log']!= 's'){
$mensaje="Iniciar sesion";
header("location:loginusuario.php?mensaje=$mensaje");
}
?>
and this is the class I'm using
<?php
class usuarios
{
function usuarios() {
}
function autenticar_usuario($usuario,$clave){
$sel="select usuario,clave from usuarios where usuario='".$usuario."' and clave='".$clave."' ";
$srt=mysql_query($sel) or die($sel);
return $srt;
}
?>
please tell me what am I doing wrong I'm a noob in this so I dont really get whats the problem
Why don't you try with
if(isset($_SESSION)){
//statement
//statement
}
or
if(isset($_SESSION['session_var_name'])){
//statement
//statement
}
My links are of the sort : http://example.com/events.php?slug=xyz
where the [slug] fields are imported from the database.
The starting lines in my events.php page is:
$slug = $_GET['slug'];
$url="events.php?slug=".$slug."/";
....
....
My logout function:
if(isset($_GET['logout']))
{
$_SESSION = array();
session_destroy();
header('Location: ' . $url);
exit;
}
<?php if(isset($_SESSION['id'])){?>
<a href="?logout" ><button>Log Out</button></a>
<?php }?>
But on clicking the logout "http://example.com/events.php?slug=/" is displayed.
My whole php script at the starting of the page is:
<?php
define('INCLUDE_CHECK',true);
require_once('13/functions/db.php');
$slug = $_GET['slug'];
$url="events.php?slug=".$slug."/";
$result = mysql_query("SELECT * FROM event WHERE slug='".$slug."'");
if ($result == true){
$row=mysql_fetch_assoc($result);
$id=$row['id'];
if($id>=13 && $id<=40 && $id!=17){//some checks.
$var=1;
$name=$row['name'];
}
else {
$var=0;
$name="404";
}
}
session_name('fewiui');
session_set_cookie_params(3*7*24*60*60);
session_start();
if(isset($_GET['logout']))
{
$_SESSION = array();
session_destroy();
header('Location: ' . $url);
exit;
}
$sess_uid = $_SESSION['id'];
$sess_email = $_SESSION['email'];
$sess_name = $_SESSION['name'];
if(isset($_POST['submit'])&&$_POST['submit']=='Register')
require_once('13/functions/eventlogin.php');
?>
Everything else (like login, etc.) works. Where am I doing the mistake? I'm a newbie in php.
<a href="?slug=<?php echo $slug; ?>&logout" ><button>Log Out</button></a>