I have my index.php form and if a valid student name and student number are entered I'd like "Student name and number are valid." to be echoed.
I have validated the student names and student numbers. However, even when entering a valid student name and student number the message echoed is "The information you have entered is not valid. Please enter your information again."
I'm calling the function validateStudent but I must be calling it in the wrong place or incorrectly. This function is called towards the end of the PHP scrip and just before the HTML starts. Thank you.
<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);
// Define and set variables
$student = "";
$studentname = "";
$studentnumber = "";
$studentfile = "student.txt";
$course = "";
$coursename = "";
$coursenumber = "";
$coursemax = 0;
$coursefile = "course.txt";
$in = fopen ('course.txt', 'r') or die ("course.txt cannot be opened for reading.");
// Sanitization and Validation coding will go here
if (isset($_POST['submit'])) {
$studentname = $_POST['studentname'];
$studentnumber = $_POST['studentnumber'];
}
if (isset($_POST['studentname'])) {
$studentname = strip_tags ($_POST['studentname']);
$studentname = htmlentities ($_POST['studentname']);
}
if (isset($_POST['studentnumber'])) {
$studentnumber = strip_tags ($_POST['studentnumber']);
$studentnumber = htmlentities ($_POST['studentnumber']);
}
if (isset($_POST['course'])) {
$course = strip_tags ($_POST['course']);
$course = htmlentities ($_POST['course']);
}
$studentname = trim($_POST['studentname']);
$studentnumber = trim($_POST['studentnumber']);
// Validate student name/number against text file
function validateStudent($studentName, $studentNumber)
{
$found = false;
$fh = fopen('student.txt', 'r');
while(($line = fgetcsv($fh, null, ':')) != false) {
if(count($line) > 1) {
if($line[0] == $studentName and $line[1] == $studentNumber) {
$found = true;
break;
}
}
}
return $found;
}
// Validate course name/number against text file
function validateCourse($courseName, $courseNumber, $courseMax)
{
$found = false;
$fh = fopen('course.txt', 'r');
while(($line = fgetcsv($fh, null, ':')) != false) {
if(count($line) > 1) {
if($line[0] == $courseName and $line[1] == $courseNumber and $line[2] == $courseMax) {
$found = true;
break;
}
}
}
return $found;
}
//$DB = fopen ($coursefile, 'r') or die ("$coursefile cannot be opened for reading.");
//while ($record = fgets ($DB) ) {
//$field = explode (":", htmlentities (trim ($record)));
//echo "<option value=\"$field[1]\">$field[0] $field[1] $field[2]</option>\n";
//}
//fclose ($DB);
if (isset ($_POST[$studentname], $_POST[$studentnumber])) {
validateStudent($_POST['$studentname'], $_POST['$studentnumber']);
echo 'Student name and number are valid.\n';
}
else {
echo '<p style="color: red; text-align: center; font-size: 15px; font-weight: bold;">**The information you have entered is not valid. Please enter your information again.**</p>';
}
?>
<html>
<head>
<title>Registration Form</title>
<style>
body{background-color: #ffffe6; width:610px;}
h1 {color: #29a3a3;}
.inputbox {padding: 7px; border: #FF9966 1px solid; border-radius: 4px;}
.btn {padding: 10px; background-color: #29a3a3; border: solid 1px #FF9966; border-radius: 4px; color: #FFFFFF; font-weight: bolder; cursor: pointer;}
</style>
</head>
<body>
<h1>Course Registration</h1>
<form method="post" action="index.php">
<fieldset><legend><strong>Student Information</strong></legend>
<dl>
<dt>Student Name:</dt>
<dd><input class="inputbox" name="studentname" type="text" id="studentname" value='<?php echo htmlentities($studentname) ?>' required autofocus placeholder="Please enter your first and last name" tabindex="10" size="50"></dd>
<br>
<br>
<dt>Student Number:</dt>
<dd><input class="inputbox" name="studentnumber" type="text" id="studentnumber" value='<?php echo htmlentities($studentnumber) ?>' required placeholder="Please enter using the following format: PX-03-046" tabindex="20" size="50"></dd>
</dl>
<br>
</fieldset>
<br>
<fieldset><legend><strong>Course Selection</strong></legend>
<br>
Select a Course:<select name="course" tabindex="30">\n";
<option value="-1" >Available Courses...</option>
<?php
while(($fields = fgetcsv($in, null, ':')) != false) {
if (count($fields) > 1) {
echo "
<option value=\"$fields[1]\">$fields[0] $fields[1]</option>";
}
}
?>
</select>
<br>
<br>
<br>
<br>
<br>
<br>
</fieldset>
<div>
<p>
<input name="reset" type="reset" tabindex="40" value="Clear Form" class="btn">
<input name="submit" type="submit" tabindex="50" value="Submit Form" class="btn">
</p>
</div>
</form>
</body>
</html>
Your code has a logical error:
if (isset ($_POST[$studentname], $_POST[$studentnumber])) {
validateStudent($_POST['$studentname'], $_POST['$studentnumber']);
echo 'Student name and number are valid.\n';
}
else {
echo '<p style="color: red; text-align: center; font-size: 15px; font-weight: bold;">**The information you have entered is not valid. Please enter your information again.**</p>';
}
your code should be:
if (isset ($_POST['studentname'], $_POST['studentnumber'])) {
if (validateStudent($_POST['studentname'], $_POST['studentnumber'])){
echo 'Student name and number are valid.\n';
}
else {
echo '<p style="color: red; text-align: center; font-size: 15px; font-weight: bold;">**The information you have entered is not valid. Please enter your information again.**</p>';
}
}
also you need a form to post your variables studentname and studentnumer like:
<form method="post">
<input type="text" name="studentname"/>
<input type="text" name="studentnumber"/>
<input type="submit" name="submit"/>
</form>
Your output is because your variables $_POST['studentname'] and $_POST['studentnumber'] are not set.
Related
I´m not very expirence in programming.
I want to build a login system in PHP with some security mesures on it. I consult a video on youtube to help me and I found this one: https://www.youtube.com/watch?v=pIO0pmMTJ6Y&list=PLiJgIxJAg1VZqxDFL1Lp9VTm8PRfFeQ-o&index=18&t=5666s
The question is that don´t include any password hashing function, so i add it myself on the signup.php ant it works !!! But now, i´m not able to login to the site with a password created on th signup page. I try to chang the login.php code but don´t have success. What I have to do to resolve?
signup.php
<?php
require "../private/autoload.php";
$Error ="";
$email = "";
$username = "";
if($_SERVER["REQUEST_METHOD"]=="POST")
{
$email =$_POST["email"];
if(!preg_match("/^[\w\-]+#[\w\-]+.[\w\-]+$/",$email))
{
$Error = "Please enter a valid email";
}
$date = date ("Y-m-d H:i:s");
$url_address = get_random_string(60);
$username = trim($_POST["username"]);
if(!preg_match("/^[a-zA-Z]+$/",$username))
{
$Error = "Please enter a valid username";
}
$username = esc($username);
$password = esc($_POST["password"]);
$passwordhashed = password_hash($password,PASSWORD_DEFAULT);
$arr = false;
$arr['email']= $email;
$query = "SELECT * FROM USERS WHERE email = :email limit 1";
$stm = $connection->prepare($query);
$check = $stm->execute($arr);
if($check)
{
$data = $stm->fetchAll(PDO::FETCH_OBJ);
if(is_array($data) && count ($data) > 0)
{
$Error = "Someone is already using that email";
}
}
if($Error =="")
{
$arr['url_address'] = $url_address;
$arr['date'] = $date;
$arr['username'] = $username;
$arr['password'] = $passwordhashed;
$arr['email'] = $email;
$query = "insert into users(url_address,username,password,email,date) values(:url_address,:username,:password,:email,:date)";
$stm = $connection->prepare($query);
$stm->execute($arr);
header ("Location: login.php");
die;
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>
Signup
</title>
<h1 style="text-align:center"><span style="font-family:Arial,Helvetica,sans-serif"><strong>Bem-Vindo ao Website</strong></span></h1>
<h2 style="text-align:center"><span style="color:#999999"><span style="font-family:Arial,Helvetica,sans-serif"><strong>Faz o teu signup para acederes ao site</strong></span></span></h2>
<p><span style="font-family:Arial,Helvetica,sans-serif"><strong> </strong></span></p>
<p style="text-align:center"> </p>
<p style="text-align:center"> </p>
<body style="font-family: verdana">
<style type="text/css">
form {
margin: auto;
border: solid thin #aaa;
padding: 1px;
max-width: 200px;
}
#title {
background-color: #256972;
padding: 1cm;
text-align: center;
color: white;
}
#textbox {
border: solid thin #aaa;
margin-top: 6px;
width: 98%;
}
</style>
<form method="post">
<div><?php
if(isset($Error) && $Error != "")
{
echo $Error;
}
?>
<div id="title">Signup</div>
<input id="textbox" type="text" name="username" value="<?=$username?>" placeholder="username" required><br>
<input id="textbox" type="email" name="email" value="<?=$email?>" placeholder="email" required><br>
<input id="textbox" type="password" name="password" placeholder="password" required><br><br>
<input type="submit" value="Signup">
</form>
</body>
</head>
</html>
login.php
<?php
require "../private/autoload.php";
$Error = "";
if($_SERVER["REQUEST_METHOD"]=="POST" && isset ($_SESSION ['token']) && isset ($_POST ['token']) && $_SESSION ['token'] == $_POST["token"])
{
$email =$_POST["email"];
if(!preg_match("/^[\w\-]+#[\w\-]+.[\w\-]+$/",$email))
{
$Error = "Please enter a valid email";
}
$password = ($_POST["password"]);
$passwordhashed = password_hash($password,PASSWORD_DEFAULT);
if($Error ==""){
$arr['password'] = $passwordhashed;
$arr['email'] = $email;
$query = "SELECT * FROM USERS WHERE email = :email && password = :password limit 1";
$check = $stm->execute($arr);
if($check){
$data = $stm->fetchAll(PDO::FETCH_OBJ);
if(is_array($data) && count ($data) > 0){
$data = $data[0];
$_SESSION['username'] = $data->username;
$_SESSION['url_address'] = $data->url_address;
header ("Location: index.php");
die;
}
}
}
$Error = "Wrong email or password";
}
$_SESSION ['token'] = get_random_string(60);
?>
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
<body style="font-family: verdana">
<style type="text/css">
form {
margin: auto;
border: solid thin #aaa;
padding: 1px;
max-width: 200px;
}
#title {
background-color: #256972;
padding: 1cm;
text-align: center;
color: white;
}
#textbox {
border: solid thin #aaa;
margin-top: 6px;
width: 98%;
}
</style>
<form method="post">
<div><?php
if(isset($Error) && $Error != "")
{
echo $Error;
}
?>
<div id="title">Login</div>
<input id="textbox" type="email" name="email" placeholder="email" required><br>
<input id="textbox" type="password" name="password" placeholder="password" required><br><br>
<input type="hidden" name="token" value="<?=$_SESSION ['token']?>">
<input type="submit" value="Login">
</form>
</body>
</head>
</html>
function.php
<?php
function get_random_string ($length)
{
$array = array (0,1,2,3,4,5,6,7,8,9,'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z');
$text = "";
$lenght = rand(4,$length);
for ($i=0;$i<$lenght;$i++) {
$random = rand(0,61);
$text .=$array[$random];
}
return $text;
}
function esc($word)
{
return addslashes ($word);
}
function check_login ($connection)
{
if(isset($_SESSION['url_address']))
{
$arr['url_address'] = $_SESSION['url_address'];
$query = "SELECT * FROM USERS WHERE url_address = :url_address limit 1 && password = :password limit 1";
$stm = $connection->prepare($query);
$check = $stm->execute($arr);
if($check)
{
$data = $stm->fetchAll(PDO::FETCH_OBJ);
if(is_array($data) && count ($data) > 0)
{
return $data[0];
}
}
}
header("Location: login.php");
die;
}
I won't answer directly, but here is the doc for hashing password with php:
first
// let's say you have a $passwordToHash variable
$passwordHashed = password_hash($passwordToHash, PASSWORD_DEFAULT);
then, you could verify that you passwordHashed is equal to passwordToHash (when you want to check if a password is in your db for ex)
// true or false
password_verify($passwordToHash, $passwordHashed)
I have a php contact form with validation but I have my .htaccess set so it strips the .php from the url so the url looks cleaner (like wp urls). The form works great except that when the user commits a validation error and presses "submit", the form validates fine, but it reloads the url with the .php extension and so if they fix their errors and submit again, my "outside url" hacking php code kicks in and doesn't send the form because the url's no longer match.
How can I either perform the validation without the page "reloading" or make it validate and reload without the .php extension in the url??
PHP:
<?php
// define variables and set to empty values
$nameErr = $fromErr = $messageErr = $subjectErr = $phoneErr = $verif_boxErr = "";
$inquiries = $name = $from = $subject = $message = $verif_box = "";
$errors = 0;
if ($_SERVER["REQUEST_METHOD"] == "POST") { //check if form has been submitted
//Get the inquiries field
$inquiries =$_POST['inquiries'];
if (empty($_POST["name"])) {
$nameErr = " * Name is missing";
$errors = 1;
echo '<style type="text/css"> input#name {border: 1px solid #F00; box-shadow: 0px 0px 5pt .1pt #F00 inset;}</style>';
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/", $name)) {
$nameErr = "Only letters and white space allowed";
$errors = 1;
echo '<style type="text/css"> input#name {border: 1px solid #F00; box-shadow: 0px 0px 5pt .1pt #F00 inset;}</style>';
}
}
if (empty($_POST["from"])) {
$fromErr = " * Email is missing";
$errors = 1;
echo '<style type="text/css"> input#from {border: 1px solid #F00; box-shadow: 0px 0px 5pt .1pt #F00 inset;}</style>';
} else {
$from = test_input($_POST["from"]);
// check if e-mail address is well-formed
if (!filter_var($from, FILTER_VALIDATE_EMAIL)) {
$fromErr = "Invalid email format";
$errors = 1;
echo '<style type="text/css"> input#from {border: 1px solid #F00; box-shadow: 0px 0px 5pt .1pt #F00 inset;}</style>';
}
}
if (empty($_POST["subject"])) {
$subjectErr = " * Subject is missing";
$errors = 1;
echo '<style type="text/css"> input#subject {border: 1px solid #F00; box-shadow: 0px 0px 5pt .1pt #F00 inset;}</style>';
} else {
$subject = test_input($_POST["subject"]);
}
if (empty($_POST["message"])) {
$messageErr = " * Message is missing";
$errors = 1;
echo '<style type="text/css"> textarea#message {border: 1px solid #F00; box-shadow: 0px 0px 5pt .1pt #F00 inset;}</style>';
} else {
$message = test_input($_POST["message"]);
}
if (empty($_POST["verif_box"])) {
$verif_boxErr = " * Security code is missing";
$errors = 1;
echo '<style type="text/css"> input#verif_box {border: 1px solid #F00; box-shadow: 0px 0px 5pt .1pt #F00 inset;}</style>';
} else {
$verif_box = test_input($_POST["verif_box"]);
if (md5($verif_box) . 'a4xn' <> $_COOKIE['tntcon']) {
$verif_boxErr = " * Security code does not match";
$errors = 1;
echo '<style type="text/css"> input#verif_box {border: 1px solid #F00; box-shadow: 0px 0px 5pt .1pt #F00 inset;}</style>';
}
}
if ($errors == 0) { // all fields successfullty validated. final hack check before sending email:
// Stop the form being used from an external URL
$referer = $_SERVER['HTTP_REFERER'] . ".php"; // Get the referring URL
$this_url = "http://" . $_SERVER['HTTP_HOST'] . $_SERVER["REQUEST_URI"]; // Get the URL of this page
// If the referring URL and the URL of this page don't match then
// display a message and don't send the email.
if ($referer != $this_url) {
echo "You do not have permission to use this script from another URL, nice hacking attempt moron.";
exit;
} else { // send the email
$message = "Subject: " . $subject . "\n\nMessage: " . $message;
$message = "Inquiry: " . $inquiries . "\n" . $message;
$message = "Name: " . $name . "\n" . $message;
$message = "From: " . $from . "\n" . $message;
mail("milkytech#gmail.com", 'ContactUs: ' . $subject, $_SERVER['REMOTE_ADDR'] . "\n\n" . $message, "From: Contact#AntiqueCafeBakery.com");
setcookie('tntcon', ''); // delete the cookie so it cannot sent again by refreshing this page
header('Location: success'); // redirect to success page
exit();
}
}
}
function test_input($data)
{
$data = trim($data); // strip unnecessary characters (extra space, tab, newline) from the user input data
$data = stripslashes($data); // remove backslashes (\) from the user input data
$data = htmlspecialchars($data); // pass all variables through PHP's htmlspecialchars() function
return $data;
}
?>
HTML:
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" id="contactform">
<div>
<label for="name"><strong>Inquries:</strong></label>
<select name="inquiries" id="inquiries">
<option value="Catering">Catering</option>
<option value="Cookie Gift Tins">Cookie Gift Tins</option>
<option value="Retail Stores">Retail Stores</option>
<option value="Employment">Employment</option>
<option value="Investment">Investment</option>
</select>
</div>
<div>
<label for="name"><strong>Name:</strong></label>
<input type="text" size="50" name="name" id="name" value="<?php echo $name;?>"/><span class="error"><?php echo $nameErr;?></span>
</div>
<div>
<label for="email"><strong>Email:</strong></label>
<input type="text" size="50" name="from" id="from" value="<?php echo $from;?>"/><span class="error"><?php echo $fromErr;?></span>
</div>
<div>
<label for="subject"><strong>Subject:</strong></label>
<input type="text" size="50" name="subject" id="subject" value="<?php echo $subject;?>" />
</div>
<div>
<label for="message"><strong>Message:</strong></label>
<textarea rows="5" cols="69" name="message" id="message"><?php echo $message;?></textarea>
</div>
<div id="verif">
<span>Captcha Code:</span>
<input name="verif_box" type="text" size="10" id="verif_box"/>
<img id="imageid" class="verifbox" src="verificationimage.php?<?php echo rand(0,9999);?>" alt="verification image, type it in the box" />
<input type="button" value="Reload Captcha" id="reload" onclick="reloadImg()" />
<span class="error"><?php echo $verif_boxErr;?></span>
</div>
<div>
<input type="submit" value="Send Message" name="submit" />
<br /><br />
</div> <!--end form-->
</form>
I figured out a solution. I went back to w3 School to see exactly what $_SERVER["PHP_SELF"] does in form validation and it says this:
What is the $_SERVER["PHP_SELF"] variable?
The $_SERVER["PHP_SELF"] is a super global variable that returns the filename of the currently executing script.
What is the htmlspecialchars() function?
The htmlspecialchars() function converts special characters to HTML entities. This means that it will replace HTML characters like < and > with < and >. This prevents attackers from exploiting the code by injecting HTML or Javascript code (Cross-site Scripting attacks) in forms.
So I thought, if the variable $_SERVER["PHP_SELF"] is returning the filename (in this case - contact.php, there lies my problem so just replace $_SERVER["PHP_SELF"] with contact without the .php extension like below:
<form method="post" action="<?php echo htmlspecialchars(contact);?>" id="contactform">
And Voilà, it worked! But I'm not sure if this workaround creates a vulnerability for hackers.
Remove action value to submit on self page.
<form method="post" action="" id="contactform">
I hope this will work
I am creating a PHP registration form using AJAX, the below code that I have pasted isn't working properly. I am literally new to this AJAX concept
When I click the register button it won't respond and do anything, and even in the database the values are not getting stored. I have searched a lot for this AJAX concept.
But I don't seem to get the result what I want. Please, can any one help me. Where am I actually doing the wrong thing? Thanks in advance!
index.php
<!DOCTYPE HTML>
<html>
<head>
<script src="http://code.jquery.com/jquery-1.9.1.js"></script>
<script src="script.js"></script>
<style>
.error {
color:red;
}
.button {
background-color: #4CAF50;
border: none;
color: white;
padding: 10px 25px;
text-align: center;
text-decoration: none;
display: inline-block;
font-size: 16px;
margin: 4px 2px;
cursor: pointer;
}
.div1 {
margin-top: -19px;
margin-bottom: -25px;
margin-left: -19px;
}
.copy {
border-radius: 4px;
padding: 6px 20px;
border-style: ridge;
}
.copy1{
border-radius: 4px;
padding: 6px 28px;
border-style: ridge;
}
.copy2{
border-radius: 4px;
padding: 4px 2px;
}
</style>
</head>
<body style="background-color: #f2f2f2;">
<?php
// define variables and set to empty values
include_once 'connect.php';
$nameErr = $emailErr = $usernameErr = $passwordErr = $ageErr = "" ;
$name = $email = $username = $password = $age = "";
if (isset($_POST['submit'])) {
if (empty($_POST["name"])) {
$nameErr = "Name is required";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "Only letters";
}
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
if (empty($_POST["username"])) {
$usernameErr = "Username is required";
} else {
$username = test_input($_POST["username"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$username)) {
$usernameErr = "Only letters";
}
}
if (empty($_POST["password"])) {
$passwordErr = "Password is required";
} else {
$password = test_input($_POST["password"]);
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
// check weather password is alphanumeric
if(!preg_match('/^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!##$%]{6,}$/', $password))
{
$passwordErr = "Password must be alphanumeric and atleast 6 characters long!";
}
}
if (empty($_POST["age"])) {
$ageErr = "Age is required";
}
elseif($_POST["age"]< 17 ) {
$ageErr = "Age should be above 18 years";
}
else {
$age = $_POST["age"];
}
if($nameErr == "" && $emailErr == "" && $usernameErr == "" && $passwordErr == "" && $ageErr == "")
{
$check="SELECT * FROM users WHERE username = '$_POST[username]'";
$rs = mysqli_query($mysqli,$check);
$da = mysqli_fetch_array($rs, MYSQLI_NUM);
if($da[0] > 0) {
echo "Username Already in Exists<br/>";
}
else
{
$sql = "INSERT INTO users(`userid`,`username`, `password`, `email` , `name` , `age` )
VALUES ('','".$username."', '".$hashed_password."', '".$email."' , '".$name."' , '".$age."' )";
if (mysqli_query($mysqli, $sql)) {
echo "Registered successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($mysqli);
}
mysqli_close($mysqli);
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<div style="padding-left: 250px" class="div1">
<h2 style="color:#009999">Registration Form :</h2>
<p><span class="error">All fields are required </span></p>
<form action="" method="post" enctype="multipart/form-data">
<span style="color:#0099ff">Name: </span>
<input type="text" name="name" class= "copy" style="margin-left: 52px" value ="<?php
if (isset($name))
echo $name;
?>">
<span class="error"> <?php echo $nameErr;?></span>
<br><br>
<span style="color:#0099ff"> E-mail: </span>
<input type="text" name="email" class= "copy" style="margin-left: 48px" value ="<?php
if (isset($email))
echo $email;
?>">
<span class="error"><?php echo $emailErr;?></span>
<br><br>
<span style="color:#0099ff"> Username: </span>
<input type="text" name="username" class= "copy" style="margin-left:26px" value ="<?php
if (isset($username))
echo $username;
?>">
<span class="error"> <?php echo $usernameErr;?></span>
<br><br>
<span style="color:#0099ff"> Password: </span>
<input type="password" name="password" class= "copy" style="margin-left:30px">
<span class="error"> <?php echo $passwordErr;?></span>
<br><br>
<span style="color:#0099ff"> Age : </span>
<input type="number" name="age" class= "copy" style="margin-left:62px" value ="<?php
if (isset($age))
echo $age;
?>">
<span class="error"> <?php echo $ageErr;?></span>
<br><br>
<input type="button" class="submit" name="submit" value="submit">
</form>
</div>
</body>
</html>
script.js
$(document).ready(function(){
$(".submit").click(function(){
var name = $("name").val();
var email = $("email").val();
var username = $("username").val();
var password = $("password").val();
var age = $("age").val();
// Returns successful data submission message when the entered information is stored in database.
var dataString = 'name='+ name + '&email='+ email + '&username='+ username + '&password='+ password + '&age='+ age;
var dataString = $("form").serialize();
if(name==''|| email==''|| username==''|| password==''|| age=='')
{
// AJAX Code To Submit Form.
$.ajax({
type: "POST",
url: "index.php",
data: dataString,
cache: false,
success: function(result){
alert(result);
}
});
}
return false;
});
});
connect.php
<?php
$databaseHost = 'localhost';
$databaseName = 'ajax1';
$databaseUsername = 'root';
$databasePassword = '';
$mysqli = mysqli_connect($databaseHost, $databaseUsername, $databasePassword, $databaseName);
?>
Try this... I hope it will help you..
index.php
<!DOCTYPE HTML>
<html>
<head>
<script src="http://code.jquery.com/jquery-1.9.1.js"></script>
<script src="script.js"></script>
<style>
.error {
color:red;
}
.button {
background-color: #4CAF50;
border: none;
color: white;
padding: 10px 25px;
text-align: center;
text-decoration: none;
display: inline-block;
font-size: 16px;
margin: 4px 2px;
cursor: pointer;
}
.div1 {
margin-top: -19px;
margin-bottom: -25px;
margin-left: -19px;
}
.copy {
border-radius: 4px;
padding: 6px 20px;
border-style: ridge;
}
.copy1{
border-radius: 4px;
padding: 6px 28px;
border-style: ridge;
}
.copy2{
border-radius: 4px;
padding: 4px 2px;
}
</style>
</head>
<body style="background-color: #f2f2f2;">
<div style="padding-left: 250px" class="div1">
<h2 style="color:#009999">Registration Form :</h2>
<p><span class="error">All fields are required </span></p>
<form action="" method="post" enctype="multipart/form-data">
<span style="color:#0099ff">Name: </span>
<input type="text" name="name" class= "name copy" style="margin-left: 52px" value ="">
<span class="namee error"> </span>
<br><br>
<span style="color:#0099ff"> E-mail: </span>
<input type="text" name="email" class= "email copy" style="margin-left: 48px" value ="">
<span class="emaile error"></span>
<br><br>
<span style="color:#0099ff"> Username: </span>
<input type="text" name="username" class= "username copy" style="margin-left:26px" value ="">
<span class="usernamee error"></span>
<br><br>
<span style="color:#0099ff"> Password: </span>
<input type="password" name="password" class= "password copy" style="margin-left:30px">
<span class="passworde error"> </span>
<br><br>
<span style="color:#0099ff"> Age : </span>
<input type="number" name="age" class= "age copy" style="margin-left:62px" value ="">
<span class="agee error"> </span>
<br><br>
<input type="button" class="submit" name="submit" value="submit">
</form>
</div>
</body>
<script>
$(document).ready(function(){
$(".submit").click(function(){
var name = $(".name").val();
var email = $(".email").val();
var username = $(".username").val();
var password = $(".password").val();
var age = $(".age").val();
if(name==''){$('.namee').text('fill value'); return false}
if(email==''){$('.emaile').text('fill value'); return false}
if(username==''){$('.usernamee').text('fill value'); return false}
if(password==''){$('.passworde').text('fill value'); return false}
if(age==''){$('.agee').text('fill value'); return false}
// Returns successful data submission message when the entered information is stored in database.
var dataString = 'name='+ name + '&email='+ email + '&username='+ username + '&password='+ password + '&age='+ age;
// AJAX Code To Submit Form.
$.ajax({
type: "POST",
url: "gethint.php",
data: dataString,
cache: false,
success: function(result){
alert(result);
}
});
});
});
</script>
</html>
gethint.php
<?php
$mysqli = mysqli_connect("localhost","root","","test");
$username =$_POST["username"];
$hashed_password=$_POST["password"];
$email=$_POST["email"];
$name=$_POST["name"];
$age=$_POST["age"];
$check="SELECT * FROM users WHERE username = '$_POST[username]'";
$rs = mysqli_query($mysqli,$check);
$da = mysqli_fetch_array($rs, MYSQLI_NUM);
if($da[0] > 0) {
echo "Username Already in Exists<br/>";
}
else
{
$sql = "INSERT INTO users(`userid`,`username`, `password`, `email` , `name` , `age` )
VALUES ('','".$username."', '".$hashed_password."', '".$email."' , '".$name."' , '".$age."' )";
if (mysqli_query($mysqli, $sql)) {
echo "Registered successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($mysqli);
}
mysqli_close($mysqli);
}
?>
The problem is when you run your index.php file for the first time , the php part gets executed.So make a new file for php part.
Get extra help From w3schools.com
https://www.w3schools.com/php/php_ajax_php.asp
Title of this question can be confusing. I'm clarifying it here. I've 2 forms: One for timeline and another one for events.
HTML code:
<link rel="stylesheet" type="text/css" href="jquery-ui.css">
<script type="text/javascript" src="jquery.min.js"></script>
<script type="text/javascript" src="jquery-ui.js"></script>
<style>
.error {color: #FF0000;}
/* The Modal (background) */
.modal {
display: none; /* Hidden by default */
position: fixed; /* Stay in place */
z-index: 1; /* Sit on top */
padding-top: 100px; /* Location of the box */
left: 0;
top: -75px;
width: 100%; /* Full width */
height: 100%; /* Full height */
overflow: auto; /* Enable scroll if needed */
background-color: rgb(0,0,0); /* Fallback color */
background-color: rgba(0,0,0,0.4); /* Black w/ opacity */
}
/* Modal Content */
.modal-content {
position: relative;
background-color: #fefefe;
margin: auto;
padding: 0;
border: 1px solid #888;
width: 80%;
box-shadow: 0 4px 8px 0 rgba(0,0,0,0.2),0 6px 20px 0 rgba(0,0,0,0.19);
-webkit-animation-name: animatetop;
-webkit-animation-duration: 0.4s;
animation-name: animatetop;
animation-duration: 0.4s
}
/* Add Animation */
#-webkit-keyframes animatetop {
from {top:-300px; opacity:0}
to {top:0; opacity:1}
}
#keyframes animatetop {
from {top:-300px; opacity:0}
to {top:0; opacity:1}
}
/* The Close Button */
.close {
color: white;
float: right;
font-size: 28px;
font-weight: bold;
}
.close:hover,
.close:focus {
color: #000;
text-decoration: none;
cursor: pointer;
}
.modal-header {
padding: 2px 16px;
background-color: #5cb85c;
color: white;
}
.modal-body {padding: 2px 16px;}
.modal-footer {
padding: 2px 16px;
background-color: #5cb85c;
color: white;
}
</style>
<div id="btnDiv">
<button id="btn">Click here to create a new time line!</button>
<button id="btnOne">Click here to create a new Event!</button>
</div>
<div id="myModal" class="modal">
<!-- Modal content -->
<div class="modal-content">
<div class="modal-header">
<span class="close">X</span>
<h2>Modal Header</h2>
</div>
<div class="modal-body">
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="name">
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
E-mail: <input type="text" name="email">
<span class="error">* <?php echo $emailErr;?></span>
<br><br>
Website: <input type="text" name="website">
<span class="error"><?php echo $websiteErr;?></span>
<br><br>
Comment: <textarea name="comment" rows="5" cols="40"></textarea>
<br><br>
Gender:
<input type="radio" name="gender" value="female">Female
<input type="radio" name="gender" value="male">Male
<span class="error">* <?php echo $genderErr;?></span>
<br><br>
qwe: <textarea name="qwe" rows="5" cols="40"></textarea>
<br><br>
rty: <textarea name="rty" rows="5" cols="40"></textarea>
<br><br>
abc: <textarea name="abc" rows="5" cols="40"></textarea>
<br><br>
def: <textarea name="def" rows="5" cols="40"></textarea>
<br><br>
dob: <input type="text" id="dob" name="dob">
<br><br>
<input type="submit" value="Submit">
</form>
</div>
<div class="modal-footer">
<h3>Modal Footer</h3>
</div>
</div>
</div>
<div id="myModalOne" class="modal">
<!-- Modal content -->
<div class="modal-content">
<div class="modal-header">
<span class="close">X</span>
<h2>Modal Header</h2>
</div>
<div class="modal-body">
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="name">
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
E-mail: <input type="text" name="email">
<span class="error">* <?php echo $emailErr;?></span>
<br><br>
Website: <input type="text" name="website">
<span class="error"><?php echo $websiteErr;?></span>
<br><br>
Comment: <textarea name="comment" rows="5" cols="40"></textarea>
<br><br>
dob: <input type="text" id="dobOne" name="dob">
<br><br>
<input type="submit" value="Submit">
</form>
</div>
<div class="modal-footer">
<h3>Modal Footer</h3>
</div>
</div>
</div>
<script>
$(function() {
$( "#dob" ).datepicker();
$( "#dobOne" ).datepicker();
});
//modal for timeline
// Get the modal
var modal = document.getElementById('myModal');
// Get the button that opens the modal
var btn = document.getElementById("btn");
// Get the <span> element that closes the modal
var span = document.getElementsByClassName("close")[0];
// When the user clicks the button, open the modal
btn.onclick = function() {
modal.style.display = "block";
}
// When the user clicks on <span> (x), close the modal
span.onclick = function() {
modal.style.display = "none";
}
// When the user clicks anywhere outside of the modal, close it
window.onclick = function(event) {
if (event.target == modal) {
modal.style.display = "none";
}
}
//modal for events
// Get the modal
var modalOne = document.getElementById('myModalOne');
// Get the button that opens the modal
var btn = document.getElementById("btnOne");
// Get the <span> element that closes the modal
var span = document.getElementsByClassName("close")[0];
// When the user clicks the button, open the modal
btn.onclick = function() {
modalOne.style.display = "block";
}
// When the user clicks on <span> (x), close the modal
span.onclick = function() {
modalOne.style.display = "none";
}
// When the user clicks anywhere outside of the modal, close it
window.onclick = function(event) {
if (event.target == modal) {
modalOne.style.display = "none";
}
}
function alertjson(e) {
var file = new XMLHttpRequest();
var file_path =
file.open(validation-data.json, r);
}
</script>
PHP code:
<?php
// define variables and set to empty values
$nameErr = $emailErr = $genderErr = $websiteErr = "";
$name = $email = $gender = $comment = $website = $qwe = $rty = $abc = $def = $dob = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["name"])) {
$nameErr = "Name is required";
} else {
$name = test_input($_POST["name"]);
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = test_input($_POST["email"]);
}
if (empty($_POST["website"])) {
$website = "";
} else {
$website = test_input($_POST["website"]);
}
if (empty($_POST["comment"])) {
$comment = "";
} else {
$comment = test_input($_POST["comment"]);
}
if (empty($_POST["gender"])) {
$genderErr = "Gender is required";
} else {
$gender = test_input($_POST["gender"]);
}
if (empty($_POST["qwe"])) {
$qweErr = "Gender is required";
} else {
$qwe = test_input($_POST["qwe"]);
}
if (empty($_POST["rty"])) {
$rtyErr = "Gender is required";
} else {
$rty = test_input($_POST["rty"]);
}
if (empty($_POST["abc"])) {
$abcErr = "Gender is required";
} else {
$abc = test_input($_POST["abc"]);
}
if (empty($_POST["def"])) {
$defErr = "Gender is required";
} else {
$def = test_input($_POST["def"]);
}
if (empty($_POST["dob"])) {
$dobErr = "Gender is required";
} else {
$dob = test_input($_POST["dob"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
// echo $data; //print data
}
$file = dirname(__FILE__).'/validation-data.json';
$file_content = file_put_contents($file, json_encode($_REQUEST, JSON_PRETTY_PRINT));
//echo $file_content;
//var_dump($file_content);
?>
<?php
echo "<h2>Your Input:</h2>";
echo $name;
echo "<br>";
echo $email;
echo "<br>";
echo $website;
echo "<br>";
echo $comment;
echo "<br>";
echo $gender;
echo "<br>";
echo $qwe;
echo "<br>";
echo $rty;
echo "<br>";
echo $abc;
echo "<br>";
echo $def;
echo "<br>";
echo $dob;
?>
PHP code which writes form data to json is:
$file = dirname(__FILE__).'/validation-data.json';
$file_content = file_put_contents($file, json_encode($_REQUEST, JSON_PRETTY_PRINT));
Whenever I submit the data of any one form, it gets written to json file successfully. This is the example json:
{
"name": "asd",
"email": "test#attendize.website",
"website": "esdfs",
"comment": "qasdas",
"dob": "08\/03\/2016"
}
If I fill the data of another form and submit, then old values are just replaced by new values. But I want new data to written into same json file as nested values. How can I do it?
This should be a temporary solution because it's not perfect and it could be achieved in safer and more reliable way. This limits a little bit by how it works, so you should tweak this for better results. But in general it is working and some things were changed quite much.
All PHP code (except with Your Input sentence) was mode above HTML and JS.
This will solve Notice errors because right now I have enabled error_reporting to show all errors and both modals are full of these notices.
In your second modal I also put new line (just before submit line):
<input type="hidden" value="1" name="secondModal">
Finally, modified PHP code (a lot, actually).
All areas that were changed are at the end of PHP code.
if (empty($_POST["dob"])) {
$dobErr = "Gender is required";
} else {
$dob = test_input($_POST["dob"]);
}
// All those ifs above
// Add all values into array
$array = array(
'name' => $name,
'email' => $email,
'website' => $website,
'comment' => $comment,
'gender' => $gender,
'qwe' => $qwe,
'rty' => $rty,
'abc' => $abc,
'def' => $def,
'dob' => $dob
);
// Was this the second modal?
if ($_POST['secondModal'] == 1) {
// Get serialized values from temporary file
$content = file_get_contents('temp_array.txt');
$array = unserialize($content);
// Add into already existing array new values
$array['name2'] = $name;
$array['email2'] = $email;
$array['website2'] = $website;
$array['comment2'] = $comment;
$array['dob2'] = $dob;
// Add newly modified array into .json file
$file = dirname(__FILE__).'/validation-data.json';
file_put_contents($file, json_encode($array, JSON_PRETTY_PRINT));
} else {
// Serializing array for much easier reading when we use this later
$results = serialize($array);
file_put_contents('temp_array.txt', '');
file_put_contents('temp_array.txt', $results);
}
// End of PHP code
The main idea here is that store serialized $array into temporary .txt file. After we fill out second Modal, we retrieve the same array by unserializing it and adding new values. Then we store into .json file.
This will result in 1 array with values from both modals.
I tried to do email code, but I have error that I can't solve. Here is my code.
error:
Notice: Undefined index: action in line 5
code:
<?php
$Datacomment = 'data.txt';
$Key = '[#]';
$Key2 = '/n';
if($_POST['action'] == 'postcomment'){
$Name = str_replace(array($Key,$Key2),'',$_POST['name']);
$Comment = str_replace(array($Key,$Key2),'',$_POST['content']);
$Comment = $Name.$Key.$Comment.$Key2;
$Modwrite = 'a';
if(!file_exists($Datacomment)){
$Modwrite = 'w';
}
$File = fopen($Datacomment,$Modwrite);
fwrite($File,$Comment);
fclose($File);
header("Location: index.php"); /*replace comment.php by your homepage*/
}
/*load coment*/
if(!file_exists($Datacomment)){
$Showcomment = '<div class="showcomment">No comment</div>';
}
else{
$Cm = file_get_contents($Datacomment);
$Array = explode($Key2,$Cm);
$Total = count($Array) -1;
$Showcomment = '<h3 style="margin-left:1%;">'.$Total.' comments</h3>';
for($i = $Total-1;$i >= 0;$i--){
$Arraycm = explode($Key,$Array[$i]);
$Name = $Arraycm[0];
$Comment = $Arraycm[1];
$Showcomment .= '<div class="showcomment"><h4>'.$Name.'</h4>'.$Comment.'</div>';
}
}
?>
<style type="text/css">
.showcomment { width:96%; float:left; border:1px solid #ccc; padding:1%; margin:0 0 10px 1%; color:#333;}
.showcomment h4 { color:#03C; padding:0px; margin:0px;}
.comment {width:400px; height:100px; outline:none;}
.name { width:400px;outline:none}
</style>
<form style="margin-left:1%;" action="comment.php" method="post">
<input type="hidden" name="action" value="postcomment" />
<h3>Enter your name :</h3>
<input type="text" name="name" class="name" />
<h3>Eenter comment :</h3>
<textarea name="content" class="comment"></textarea>
<p>
<input type="submit" name="submit" value="SEND COMMENT" />
</p>
</form>
<?php echo $Showcomment;?>
the first time you enter a comment.php validate
if(isset($_POST['action']) && $_POST['action'] == 'postcomment'){
when press submit send the parameter "action"