I need to test if a checkbox is checked. I've searched for the solution and found it, but it still don't work for me.
Here's my form :
<form method="post" class="form-horizontal" role="form">
<div class="input-group">
<div class="checkbox">
<label>
<input id="remember" type="checkbox" name="remember" value="1"> Remember me
</label>
</div>
</div>
<div style="margin-top:10px" class="form-group">
<div class="col-sm-12 controls">
<button type="submit" class="btn btn-success" name="loginform">Login</button>
</div>
</div>
</form>
and my PHP code :
if (isset($_POST["loginform"])) {
if(isset($_POST['remember'])) {
$month = time() + 2592000;
debug_to_console($month); // function equivalent to console.log in JS
setcookie('remember_me', $_POST['username'], $month);
}
}
EDIT , debug_to_console() function :
function debug_to_console( $data ) {
if ( is_array( $data ) )
$output = "<script>console.log( 'Debug Objects: " . implode( ',', $data) . "' );</script>";
else
$output = "<script>console.log( 'Debug Objects: " . $data . "' );</script>";
echo $output;
}
EDIT 2 (Whole PHP code) :
<?php
session_start();
if(isset($_COOKIE['remember_me']))
$_SESSION['user'] = $_COOKIE['remember_me'];
$success = true;
if (isset($_POST["loginform"])) {
if(isset($_POST['remember'])) {
$month = time() + 2592000;
echo "<h1>Month: $month</h1>";
setcookie('remember_me', $_POST['username'], $month);
}
$password = $_POST['password'];
$email = $_POST['email'];
// Form Validation
if (!$email || !$password || !filter_var($email, FILTER_VALIDATE_EMAIL))
$success = false;
else
{
Db_connect($connection);
$email = stripslashes($email);
$password = stripslashes($password);
$email = mysqli_real_escape_string($connection, $email);
$password = mysqli_real_escape_string($connection, $password);
$query = mysqli_query($connection, "select * from users where email='$email'");
$rows = mysqli_num_rows($query);
if ($rows == 1) {
$row = mysqli_fetch_array($query);
$hashpass = $row['password'];
if ( hash_equals($hashpass, crypt($password, $hashpass)) ) {
$_SESSION['user'] = $row['username'];
header("location: login.php");
}
else
$success = false;
} else
$success = false;
mysqli_close($connection);
}
}
function Db_connect(&$connection){
$connection = mysqli_connect("localhost","root","", "project_web");
if (mysqli_connect_errno())
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
function debug_to_console( $data ) {
if ( is_array( $data ) )
$output = "<script>console.log( 'Debug Objects: " . implode( ',', $data) . "' );</script>";
else
$output = "<script>console.log( 'Debug Objects: " . $data . "' );</script>";
echo $output;
}
?>
When i submit my form with the checkbox checked, and i look at the console, it is empty, while it is supposed to display the value of $month. Which means $_POST['remember'] is not set while it is supposed to be set due to the form submit.
Can anyone help please ?
Thank's in advance.
$_POST['remember'] would be true or false .... remove value =1 ... you will get value ... true or false ... validate according to that ...
Make an action attribute like
<form method="post" action="" class="form-horizontal" role="form">
The php code
if (isset($_POST)) {
if(isset($_POST['remember'])) {
$month = time() + 2592000;
debug_to_console($month); // function equivalent to console.log in JS
setcookie('remember_me', $_POST['username'], $month);
}
}
Related
I am new in php and payment gateway integration. I have successfully integrated the payment system but the problem is that I am facing to store those information in database. Here is my response.php code.
Right now there are no errors but those information is not storing data in to my database.
<?php
header("Pragma: no-cache");
header("Cache-Control: no-cache");
header("Expires: 0");
// following files need to be included
require_once("./lib/config_paytm.php");
require_once("./lib/encdec_paytm.php");
$paytmChecksum = "";
$paramList = array();
$isValidChecksum = "FALSE";
$paramList = $_POST;
$paytmChecksum = isset($_POST["CHECKSUMHASH"]) ? $_POST["CHECKSUMHASH"] :
""; //Sent by Paytm pg
//Verify all parameters received from Paytm pg to your application. Like MID
received from paytm pg is same as your application’s MID, TXN_AMOUNT and
ORDER_ID are same as what was sent by you to Paytm PG for initiating
transaction etc.
$isValidChecksum = verifychecksum_e($paramList, PAYTM_MERCHANT_KEY,
$paytmChecksum); //will return TRUE or FALSE string.
if($isValidChecksum == "TRUE") {
echo "<b>Checksum matched and following are the transaction details:</b>" .
"<br/>";
if ($_POST["STATUS"] == "TXN_SUCCESS") {
echo "<b>Transaction status is success</b>" . "<br/>";
//Process your transaction here as success transaction.
//Verify amount & order id received from Payment gateway with your
application's order id and amount.
}
else {
echo "<b>Transaction status is failure</b>" . "<br/>";
header("Location: ../wallet.php?wallet");
}
if (isset($_POST) && count($_POST)>0 )
{
var_dump($_POST);
include("db.php");
$TRANS_DATE_TIME= date('Y-m-d H:i:s');
#$ORDERID = $_POST["ORDERID"];
#$TXNID= $_POST["TXNID"];
$GETTING_INFO="INSERT INTO `wallet_transaction`
(`ORDERID`,`TXNID`,`TRANS_DATE_TIME`) VALUES ('".$_POST['ORDERID']."',
'".$_POST['TXNID']."','$TRANS_DATE_TIME')";
$dbsuccess=$conn->query($GETTING_INFO);
if($dbsuccess){
header("Location: ../wallet.php?wallet");
}
}
}
else {
echo "<b>Checksum mismatched.</b>";
//Process transaction as suspicious.
header("Location: ../wallet.php?wallet");
}
?>
Redirect page
<?php
header("Pragma: no-cache");
header("Cache-Control: no-cache");
header("Expires: 0");
// following files need to be included
require_once("./lib/config_paytm.php");
require_once("./lib/encdec_paytm.php");
$checkSum = "";
$paramList = array();
$ORDER_ID = $_POST["ORDER_ID"];
$CUST_ID = $_POST["CUST_ID"];
$INDUSTRY_TYPE_ID = $_POST["INDUSTRY_TYPE_ID"];
$CHANNEL_ID = $_POST["CHANNEL_ID"];
$TXN_AMOUNT = $_POST["TXN_AMOUNT"];
$MSISDN = $_POST["MSISDN"];
$EMAIL = $_POST["EMAIL"];
// Create an array having all required parameters for creating checksum.
$paramList["MID"] = PAYTM_MERCHANT_MID;
$paramList["ORDER_ID"] = $ORDER_ID;
$paramList["CUST_ID"] = $CUST_ID;
$paramList["INDUSTRY_TYPE_ID"] = $INDUSTRY_TYPE_ID;
$paramList["CHANNEL_ID"] = $CHANNEL_ID;
$paramList["TXN_AMOUNT"] = $TXN_AMOUNT;
$paramList["WEBSITE"] = PAYTM_MERCHANT_WEBSITE;
$paramList["CALLBACK_URL"] =
"https://shareworld.com/PaytmKit/pgResponse.php";
$paramList["MSISDN"] = $MSISDN; //Mobile number of customer
$paramList["EMAIL"] = $EMAIL; //Email ID of customer
$paramList["VERIFIED_BY"] = "EMAIL"; //
$paramList["IS_USER_VERIFIED"] = "YES"; //
//Here checksum string will return by getChecksumFromArray() function.
$checkSum = getChecksumFromArray($paramList,PAYTM_MERCHANT_KEY);
?>
<html>
<head>
<title>Merchant Check Out Page</title>
</head>
<body>
<center><h1>Please do not refresh this page...</h1></center>
<form method="post" action="<?php echo PAYTM_TXN_URL ?>" name="f1">
<table border="1">
<tbody>
<?php
foreach($paramList as $name => $value) {
echo '<input type="hidden" name="' . $name .'" value="' . $value
. '">';
//Database connection will be there
}
?>
<input type="hidden" name="CHECKSUMHASH" value="<?php echo $checkSum
?>">
</tbody>
</table>
<script type="text/javascript">
document.f1.submit();
</script>
</form>
</body>
</html>
if (isset($_POST) && count($_POST)>0 )
{
$servername = "localhost";
$username = "tdccom_triwits";
$password = "triwits#123";
$dbname = "tdccom_paytm";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO response (ORDERID,MID,TXNID,TXNAMOUNT,PAYMENTMODE,CURRENCY,TXNDATE,STATUS,RESPCODE,RESPMSG,GATEWAYNAME,BANKTXNID,BANKNAME,CHECKSUMHASH)
VALUES ('".$_POST['ORDERID']."','".$_POST['MID']."', '".$_POST['TXNID']."','".$_POST['TXNAMOUNT']."','".$_POST['PAYMENTMODE']."','".$_POST['CURRENCY']."','".$_POST['TXNDATE']."','".$_POST['STATUS']."','".$_POST['RESPCODE']."','".$_POST['RESPMSG']."','".$_POST['GATEWAYNAME']."','".$_POST['BANKTXNID']."','".$_POST['BANKNAME']."','".$_POST['CHECKSUMHASH']."')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
foreach($_POST as $paramName => $paramValue) {
echo "<br/>" . $paramName . " = " . $paramValue;
}
}
}
Check this https://github.com/MujmillahammedDafedar/WEB-TECHNOLOGIES/
if($isValidChecksum == "TRUE") {
echo "<b>Checksum matched and following are the transaction details:</b>" . "<br/>";
if ($_POST["STATUS"] == "TXN_SUCCESS") {
echo "<b>Transaction status is success</b>" . "<br/>";
//Process your transaction here as success transaction.
//Verify amount & order id received from Payment gateway with your application's order id and amount.
}
else {
echo "<b>Transaction status is failure</b>" . "<br/>";
}
if (isset($_POST) && count($_POST)>0 )
{
$ORDERID = $_POST['ORDERID'];
$MID = $_POST['MID'];
$TXNID = $_POST['TXNID'];
$TXNAMOUNT = $_POST['TXNAMOUNT'];
$PAYMENTMODE = $_POST['PAYMENTMODE'];
$CURRENCY = $_POST['CURRENCY'];
$TXNDATE = $_POST['TXNDATE'];
$STATUS = $_POST['STATUS'];
$RESPCODE = $_POST['RESPCODE'];
$RESPMSG = $_POST['RESPMSG'];
$GATEWAYNAME = $_POST['GATEWAYNAME'];
$BANKTXNID = $_POST['BANKTXNID'];
$BANKNAME = $_POST['BANKNAME'];
$CHECKSUMHASH =$_POST['CHECKSUMHASH'];
$query = "INSERT into transaction (`ORDERID`,`MID`,`TXNID`,`TXNAMOUNT`,`PAYMENTMODE`,`CURRENCY`,`TXNDATE`,`STATUS`,`RESPCODE`,`RESPMSG`,`GATEWAYNAME`,`BANKTXNID`,`BANKNAME`,`CHECKSUMHASH`)
VALUES ('$ORDERID','$MID','$TXNID','$TXNAMOUNT','$PAYMENTMODE','$CURRENCY','$TXNDATE','$STATUS','$RESPCODE','$RESPMSG','$GATEWAYNAME','$BANKTXNID','$BANKNAME','$CHECKSUMHASH')";
$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
}
}
I am making a hotel booking system for a school project.
Guests first need to create an account:
<?php
if (isset($_POST['submit'])) {
include_once 'dbh.inc.php';
$signupdate = mysqli_real_escape_string($conn, $_POST['signupdate']);
$first = mysqli_real_escape_string($conn, $_POST['firstname']);
$last = mysqli_real_escape_string($conn, $_POST['lastname']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$phone = mysqli_real_escape_string($conn, $_POST['phone']);
$address = mysqli_real_escape_string($conn, $_POST['address']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
$hoteluserkey = uniqid('', true);
//Error handlers
//Check for empty fields
if (empty($signupdate) || empty($first) || empty($last) || empty($email) || empty($phone) || empty($address) || empty($pwd)) {
header("Location: ../index.php?signup=empty");
exit();
} else {
//Check if input characters are valid
if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last)) {
header("Location: ../index.php?signup=invalid");
exit();
} else {
//Check if email is valid
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../index.php?signup=invalidemail");
exit();
} else {
//Hashing the password
$hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
//Insert the user into the database
$sql = "INSERT INTO hotelusers
(hotelusers_signupdate, hotelusers_hoteluserkey, hotelusers_first, hotelusers_last, hotelusers_email, hotelusers_phone, hotelusers_address, hotelusers_pwd)
VALUES ('$signupdate', '$hoteluserkey', '$first', '$last', '$email', '$phone', '$address', '$hashedPwd');";
mysqli_query($conn, $sql);
header("Location: ../index.php?signup=success");
exit();
}
}
}
} else {
header("Location: ../index.php");
exit();
}
This code works.
Now to problem comes. When someone books a room they see these input fields:
<div class="book">
<p class="main_p_ex">Book a room</p>
<form class="book" action="includes/book.inc.php" method="post">
<input type="hidden" name="bookdate" value="<?php echo date("Y-m-d h:i:sa"); ?>">
<input type="text" name="userkey" placeholder="your key">
<input type="password" name="pwd" placeholder="password">
<p>room</p>
<select name="room">
<option value="1">one</option>
<option value="2">two</option>
<option value="3">three</option>
<option value="4">four</option>
<option value="5">five</option>
<option value="6">six</option>
<option value="7">seven</option>
<option value="8">eight</option>
<option value="9">nine</option>
<option value="10">ten</option>
</select>
<p>from</p>
<input type="date" name="from" min="<?php echo date("Y-m-d");?>">
<p>to</p>
<input type="date" name="to" min="<?php echo date("Y-m-d");?>">
<textarea name="otherguests" placeholder="full names of all other
guests"></textarea>
<textarea name="comments" placeholder="any comments?"></textarea>
<button type="submit" name="submit">Book!</button>
</form>
</div>
This also works fine.
I have this code for inserting these inputs into a database:
<?php
if (isset($_POST['submit'])) {
include_once 'dbh.inc.php';
$bookdate = mysqli_real_escape_string($conn, $_POST['bookdate']);
$userkey = mysqli_real_escape_string($conn, $_POST['userkey']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
$room = mysqli_real_escape_string($conn, $_POST['room']);
$from = mysqli_real_escape_string($conn, $_POST['from']);
$to = mysqli_real_escape_string($conn, $_POST['to']);
$otherguests = mysqli_real_escape_string($conn, $_POST['otherguests']);
$comments = mysqli_real_escape_string($conn, $_POST['comments']);
$bookingkey = uniqid('', true);
//Error handlers
//Check if inputs are empty
if (empty($userkey) || empty($pwd) || empty($room) || empty($from) || empty($to) || empty($pwd)) {
header("Location: ../index.php?login=empty");
exit();
} else {
$sql = "SELECT * FROM hotelusers WHERE hotelusers_hoteluserkey='$userkey'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck < 1) {
header("Location: ../index.php?key=error");
exit();
} else {
if ($row = mysqli_fetch_assoc($result)) {
//De-hashing the password
$hashedPwdCheck = password_verify($pwd, $row['hotelusers_pwd']);
if ($hashedPwdCheck == false) {
header("Location: ../index.php?key=error");
exit();
} elseif ($hashedPwdCheck == true){
$sql = "SELECT * FROM hotelrooms WHERE hotelrooms_id='$room'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck > 0) {
while ($row = mysqli_fetch_assoc($result)) {
$roomnew = $row['hotelrooms_name']; }
}
$fromnew = strtotime($from);
$tonew = strtotime($to);
$datediff = $tonew - $fromnew;
$days = round($datediff / 86400);
$sql = "SELECT * FROM hotelrooms WHERE hotelrooms_id='$room'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck > 0) {
while ($row = mysqli_fetch_assoc($result)) {
$pricepd = $row['hotelrooms_price']; }
}
$price = $days * $pricepd;
echo $roomnew . " -- " . $price . " -- " . $days . " -- " . $bookdate . " -- " . $userkey . " -- " . $room . " -- " . $otherguests . " -- " . $comments;
$sql = "INSERT INTO hotelbookings
(hotelbooking_bookingkey, hotelbooking_bookdate, hotelbooking_userkey, hotelbooking_room, hotelbooking_from, hotelbooking_to, hotelbooking_days, hotelbooking_price, hotelbooking_paid, hotelbooking_otherguests, hotelbooking_comments)
VALUES ('$bookingkey', '$bookdate', '$userkey', '$roomnew', '$from', '$to', '$days', '$price', '$otherguests', '$comments');";
mysqli_query($conn, $sql);
//header("Location: ../index.php?booking=success");
exit();
}
}
}
}
} else {
header("Location: ../index.php?booking=error");
exit();
}
NOTE: I disabled the last header function for debugging. Un-commenting it changes nothing. Also tried clearing browser history, cookies and all that. Nothing works.
What am I missing here?
I don't get any errors, and the echo $roomnew . " -- " . $price . " -- " . $days . " -- " . $bookdate . " -- " . $userkey . " -- " . $room . " -- " . $otherguests . " -- " . $comments; works fine. It just doesn't insert anything.
solved it myself by just making everything again... kinda weird I know
I'm trying to create a search bar for my website on my local server, but when I submit the page generated is just blank. I've been following a couple of guides online but can't seem to figure out why it is not connecting to my MySQL db and getting the results. This is my first time attempting db and PHP so appreciate all advice.
<form action="./search.php" method="get">
<input type="text" name="q">
<input type="submit" value="Search">
</form>
Search.php
<?php
$conn = mysqli_connect("localhost", "root", "root", "womendig_search");
if(mysqli_connect_errno()){
echo "Failed to connect: " . mysqli_connect_error();
}
error_reporting(0);
$output = '';
if(isset($_GET['q']) && $_GET['q'] !== ' '){
$searchq = $_GET['q'];
$q = mysqli_query($conn, "SELECT * FROM search WHERE keywords LIKE '%$searchq%' OR title LIKE '%$searchq%'") or die(mysqli_error());
$c = mysqli_num_rows($q);
if($c == 0){
$output = 'No search results for <b>"' . $searchq . '"</b>';
} else {
while($row = mysqli_fetch_array($q)){
$id = $row['id'];
$city = $row['city'];
$country = $row['country'];
$descriptions = $row['descriptions'];
$output .= '<h3>' . $title . '</h3>
<p>' . $desc . '</p>
';
}
}
} else {
header("location: ./");
}
print("$output");
mysqli_close($conn);
?>
The $title and $desc were not defined so you have empty <h3> and empty <p> tags.
Also i think it's better to make a few changes in your code.
Use !empty($_GET['q']) instead of $_GET['q'] !== ' ' and use extract($row); instead of
$id = $row['id'];
$city = $row['city'];
$country = $row['country'];
$descriptions = $row['descriptions'];
I have a little Problem with my Update query to chnage the Profile Infos
Problem now:
My Update Query is not working completly, the E-Mail query work but the status query is not working.
PHP CODE
if(!empty($_POST)) {
$query = "UPDATE users SET";
if(!empty($_POST['email']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) && $_POST['email'] != $_SESSION['u']['email']) {
$s_mail = $_POST['email'];
$row = mysql_num_rows(mysql_query("SELECT email FROM users WHERE email='$s_mail'"));
if($row != 0) {
header("Location: ".$l['settings']."?msg=2");
die("REDIRECT");
}
$query .= " `email`='".$_POST['email']."'";
$_SESSION['u']['email'] = $_POST['email'];
} else if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
header("Location: ".$l['settings']."?msg=3");
die("REDIRECT");
}
//PROBLEM starts here
if(!empty($_POST['status'])) {
$query .= ",`status`='".$_POST['status']."'";
$_SESSION['u']['status'] = $_POST['status'];
}
//AND ends here
$query .= " WHERE id='".$_SESSION['u']['id']."'";
mysql_query($query);
header("Location: ".$l['settings']."?msg=1");
die("REDIRECT");
}
HTML FORM
<input maxlength="200" type="text" class="form-control" placeholder="Status" name="status" value="<?php //ECHO STATUS ?>" />
Maybe someone can help me.
On your $query you have
$query .= ",`status`='".$_POST['status']."'";
remove comma make it like this
$query .= " `status`='".$_POST['status']."'";
You need to set a flag for email condition as
$flag = FALSE;// set a flag
if (!empty($_POST)) {
if (!empty($_POST['email']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) && $_POST['email'] != $_SESSION['u']['email']) {
$s_mail = $_POST['email'];
$row = mysql_num_rows(mysql_query("SELECT email FROM users WHERE email='$s_mail'"));
if ($row != 0) {
header("Location: " . $l['settings'] . "?msg=2");
die("REDIRECT");
}
$flag = TRUE;// set to true if success
$_SESSION['u']['email'] = $_POST['email'];
} else if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
header("Location: " . $l['settings'] . "?msg=3");
die("REDIRECT");
}
//PROBLEM starts here
if (!empty($_POST['status'])) {
$query = "UPDATE users SET";
$query .= " `status`='" . $_POST['status'] . "'";
if ($flag) {// if true then apply email condition
$query .= ",`email`='" . $_POST['email'] . "'";
}
$query .= " WHERE id='" . $_SESSION['u']['id'] . "'";
$_SESSION['u']['status'] = $_POST['status'];
}
//AND ends here
mysql_query($query);
header("Location: " . $l['settings'] . "?msg=1");
die("REDIRECT");
}
Note:- mysql is deprecated instead use mysqli OR pdo
I have a program, that searches a database from a PHP file, linking back to the some file with the output.
It works perfectly in all browsers, excluding IE. I have no idea why.
Here is my code:
<?php
if( isset( $_POST['schoolname'] ) && strlen( trim( $_POST['schoolname'] ) ) > 0 )
{
$school = filter_input(INPUT_POST, 'find', FILTER_SANITIZE_STRING);
$school = $_POST['schoolname'];
#connecting to the database
$conn = mysql_connect("localhost", "root");
mysql_select_db("finalproject");
$sql = "select * from presentations where school like '%$school%'";
$result = mysql_query($sql, $conn) or die(mysql_error());
#this is the array that stores and displays the results of the search
if ( mysql_num_rows($result) >0)
{
while ($newArray = mysql_fetch_array($result))
{
$school = $newArray['school'];
$date = $newArray['date'];
$place = $newArray['place'];
$time = $newArray['time'];
echo $school . ", " . $place . ", " . $date . ", " . $time . "<br />" . "<br />";
}
}
else
{
echo "Record not found" . "<br />" . "<br />";
}
mysql_close($conn);
}
?>
<!-- The form in which the search happens -->
<form action=" " method="post">
School's name: <input type="text" name="schoolname">
<input type="submit" name="button" value="Search">
</form>
This is just my code for within the IFrame.