I have a HTML form where data is filled and submitted.Now i want to limit the users to hit submit i.e i want only set of users whom i want to hit submit,if any other person hits the submit a message should display as "You are not authorized to submit".
Example form is :
<html>
<?php echo ( !empty($_SESSION ['user']) ) ? $_SESSION ['user'] : 'USER'; ?>
<body>
<form action="action_page.php">
First name:<br>
<input type="text" name="firstname" value="firstname">
<br>
Last name:<br>
<input type="text" name="lastname" value="lastname">
<br><br>
<input type="submit" value="Submit">
</form>
</body>
</html>
Here i would get the usernames from :
<?php echo ( !empty($_SESSION ['user']) ) ? $_SESSION ['user'] : 'USER'; ?>
This "user" am collecting from the login page.Who ever logs in with their credentials their user name will be passed through the pages for the sake of session.
Here "user" i want only particular users to be able to submit.
Thanks in advance.
Try this :
EDIT :
Since the OP wants to show button to only MANAGERS, we'll write a query to get those users.
$sel='Select `usergroup` from table_name where user_id='.$_SESSION['user'];
$res=mysqli_query($con,$sel);
$row=mysqli_fetch_assoc($res);
?>
<form action="action_page.php">
First name:<br>
<input type="text" name="firstname" value="firstname">
<br>
Last name:<br>
<input type="text" name="lastname" value="lastname">
<br><br>
<?php
// did changes here
if($row['usergroup']=='manager') // those users who are manager
{
?>
<input type="submit" name="submit" value="Submit">
<?php
} ?>
</form>
</body>
</html>
you need a database table where user specific permission store . After getting login user from session then write a select query if the user has this permission then show the form otherwise hide the form and display message
... and remove the form-node for users that are not allowed to submit, since you can trigger the submit by pressing enter for example.
Basically sepearte the whole thing into two templates:
one with the form for the users u want to be able to submit,
and one without any form-elements (use regular nodes instead: divs, spans, ...) for the ones u only want to show data.
because it doesn't make sense to have/change an input-field if it does nothing.
Related
I am making a training course signoff page.
I am submitting a list of users and documents that have attended and been trained. Now i wish to make a signoff page for each user (from post data) that attended.
I would like to create a form that shows the user and requests their password to continue. (this will submit a mysql query into the db), if there are more users in the post data then to produce a form for the next person to sign, and so on until all users in the post data array have completed. Then return to a standard page once all have completed. (or skipped). I would like the ability to skip a user and move to the next if they decide not to sign.
I have tried a number of loops, and foreach and used hidden inputs to see if i can cycle through users, however after the first one i always seem to come unstuck.
<?php if(isset($_POST['submit'])){ ?><div class="card-box">
<?php
$posttrainer=$_POST['trainer'];
$postlocation=$_POST['location'];
$postdatetrained=$_POST['datetrained'];
$postaddnotes=$_POST['additionalnotes'];
$posttdocs=$_POST['tdocs'];
$posttusers=$_POST['tusers'];
$totaldocs=sizeof($posttdocs); // do not worry about this for now
$totalusers=sizeof($posttusers); // key factor
for($i=0;$i<$totalusers;$i++){
$TUSERS=$posttusers[$i];
print"<input value=".$TUSERS." name='user[]'><BR>";
?><form method="post" name="submit" id="" action="gotonextuser.php">
<label>User Name:
<input class="form-control" type="text" size="10" value="<?php echo $TUSERS; ?>" id="trainer" required="true" readonly></label>
<label>Location of Training:
<input class="form-control" type="text" value="?php echo $postlocation; ?>" id="location" name="location" required="true"></label>
<label>Disclaimer:
<textarea readonly> Lots of disclaimer text in here</textarea>
<input class="form-control" type="checkbox" value="" id="location" name="disclaimer" required="true"></label> </form>
<?php } ?> </div>
<?php
}
In the above example i have posted from a previous sheet:
4 users as an array. The code above, is looping through each of those (as expected, but all on one page. I want to deal with 1 user, then press submit then see the inputs for the next user, if I press submit i'll insert a sql query to the db and move to user 2, if i press skip ill move to user 2 (without an insert to mysql_db), and so on.
you can use $_SESSIONS, i will demonstrate:
<?php
session_start();
$_SESSION['tusers']=array();
array_push( $_SESSION['tusers'] , 'user1');
array_push( $_SESSION['tusers'] , 'user2');
array_push( $_SESSION['tusers'] , 'user3');
var_dump($_SESSION);
array_pop($_SESSION['tusers']);
var_dump($_SESSION);
array_pop($_SESSION['tusers']);
var_dump($_SESSION);
?>
now what you can do is to put this code in tow different files, for example you can populate the $_SESSION['tusers'] with the $_POST['tusers'] in build_users_array.php
so in build_users_array.php
<?php
session_start();
$_SESSION['tusers']=array();
array_push( $_SESSION['tusers'] , 'user1');
array_push( $_SESSION['tusers'] , 'user2');
array_push( $_SESSION['tusers'] , 'user3');
and when you click on a user you can activate the pop_from_users_array.php
pop_from_users_array.php:
$current_pop_user = array_pop($_SESSION['tusers']);
echo $x;
var_dump($_SESSION);
as you can see $current_pop_user is : user3, and the $_SESSION['tusers'] now only holds the user1 and user2 values
I have a form with few input fields and a update option ,suppose if i have 10 fields and i update only first two fields and not the rest who can i display a message that only the first to field A and B are updated using PHP and Mysqli
in the screenshot if i update the value of bill id and origin i should display message out in some other page that says that bill id and origin has been updated with "xyz " value
One way is to fetch fields with real and old name i.e.
Select name,name as old_name from table
In html
<input type="text" name="name" value="name from db">
<input type="hidden" name="old_name" value="old_name from db">
After submit form you can check it by.
And check after post.
If(post['name']==post['old_name'])
Something like this.
Another way is from js by checking onchange event
well it'll be something like this ..
html:
<html>
<body>
//action is defining the php file's name which the form will be sent to ;
//method is defining the method which the form will be sent with
<form action="updateCheck.php" method="post">
<input type="text" name="input-filed-1"/>
<input type="text" name="input-filed-2"/>
<input type="text" name="input-filed-3"/>
<input type="text" name="input-filed-4"/>
<input type"text" name="input-filed-5"/>
<input type="submit" value="submit/>
</form>
</body>
</html>
create a file named updateCheck.php in the same directory and enter the following code
<?php $updateMessage = "you have updated the following fields";
for($x = 0 ; $x<=5 ; $x++)
{
// trim for erasing the whitespaces
// that if clause checks if there was data entered in the update input fields
if(isset($_POST["input-field-".$x]) && trim($_POST["input-field-".$x]))
{
$updateMessage.= "input-field-".$x ;
}
}
echo "<script type='text/javascript'>alert('".$updateMessage."')</script>"
?>
I haven't tested the code .. but study it carefully and you'll see how it's done
My company want to make things easier. We always create a letter for our customers to say our thank you. We have a letter that has the same content. As an example:
hi (customer_name),
thank you for doing business with us! we will contact u at (customer
number)
What I want to do is to let my staff edit the content of the letter from a form like:
Customer name: _________________
phone: _________________
[submit button]
On click of the submit button, the data from here will be saved into a DB and append to the letter just now and the letter will also saved into a DB.
<?php
if($_SERVER['REQUEST_METHOD']=='POST') {
$letter = 'hi (customer_name),
thank you for doing business with us! we will contact u at (customer_number)';
$letter = str_replace('(customer_name)', $_POST['customer_name'], $letter);
$letter .= str_replace('(customer_number)', $_POST['customer_number'], $letter);
//db save code here..
//save $letter variable into db
}
?>
<form method="post">
<input type="text" name="customer_name" /><br />
<input type="text" name="customer_number" /><br />
<input type="submit" value="Submit" />
</form>
It isn't that hard. Firstly, you need to create a form.
<form method="post" action="path/to/file.php">
<input type="text" name="customerName" placeholder="Customer Name">
<input type="text" name="phoneNumber" placeholder="Phone Number">
<input type="submit" value="Generate">
</form>
So, now when the button is clicked, the data will be sent through a POST request to the URL specified in the action attribute defined in the <form> tag. So, to fetch a value from what was entered in the form, you have to access the $_POST super global. Every single form that is submitted with the method attribute set to post, all the input fields data is moved on to the $_POST super global, and to access a specific value for a specific input field, you will have to fetch it from the index in the $_POST super global which is equal to the value specified in the input field name attribute. So, for example, to get the customer name, you would try to get it from $_POST['customerName'.
So, you can do something like this:
$string = "hi " . $_POST['customerName'] . ",<br /><br />thank you for doing business with us! we will contact u at " . $_POST['phoneNumber'];
And now, you can save this $string to your database in a table.
More information on this topic can be found here:
http://www.w3schools.com/php/php_forms.asp
http://php.net/manual/en/tutorial.forms.php
http://myphpform.com/
http://www.the-art-of-web.com/php/form-handler/
I have a php registration form and one of the fields on the form is a password field and I want the form to check the password against a database table list of passwords before allowing the form to submit the user's info. So pretty much the user needs a password to register. I have been looking for a solution for this and have not come across one.
HTML
<input type="text" name="promo" required>
PHP
<?php
$promo_codes = ['code1', 'code2'];
if(in_array($_POST['promo'], $promo_codes) {
//in array, continue
} else {
//not in array, exit gracefully
}
Basically create a form entry for the promo code in the html and something like the above to validate the promo codes.
Pseudo code:
<form>
<input name="username" />
<input name="email" />
<input name="promo_code" id="promo" />
<input type="submit" value="Register" />
</form>
<script>
+ use jQuery to fire off an AJAX call with the value in the #promo input of the form
+ if a match is found in the database enable the form or the button on the form so that they can register
+ delete the promo code from the database once the registration takes place
</script>
so if i fill all the fields and submit everything is great,once i do that again everything is ok,but when i press back i can see what was echoed before and once again back and then i can see the result from 1st time. i want that i cant press back or i can press back only once.
<form action="Alauris.php" method="POST">
question1 <input type="text" name="answer1"><br>
question2 <input type="text" name="answer2"><br>
question3 <input type="text" name="answer3"><br>
question4 <input type="text" name="answer4"><br>
question5 <input type="text" name="answer5"><br>
question6 <input type="text" name="answer6"><br>
question7 <input type="text" name="answer7"><br>
question8 <input type="text" name="answer8"><br>
<input type="submit" value="Make">
</form>
<?php
if(isset($_POST['answer1'])&&isset($_POST['answer2'])&&isset($_POST['answer3'])&&isset($_POST['answer4'])&&isset($_POST['answer5'])&&isset($_POST['answer6'])&&isset($_POST['answer7'])&&isset($_POST['answer8'])){
$answer1=$_POST['answer1'];
$answer2=$_POST['answer2'];
$answer3=$_POST['answer3'];
$answer4=$_POST['answer4'];
$answer5=$_POST['answer5'];
$answer6=$_POST['answer6'];
$answer7=$_POST['answer7'];
$answer8=$_POST['answer8'];
if(!empty($answer1)&&!empty($answer2)&&!empty($answer3)&&!empty($answer4)&&!empty($answer5)&&!empty($answer6)&&!empty($answer7)&&!empty($answer8)){
$content = "asdasda" .$answer1. '<br>'."asdas".'<br>'.$answer2."5t64356456a".'<br>'.$answer3. "asdasdasda".$answer4."5t643564".$answer5. "aasda".'<br>'.$answer6."5t64356456as".$answer7. "asdasdas45".$answer8."5t64356456a45";
echo $content;
}else{
echo "fill all fields,my friend!";
}
}
thanks !
Disabling the back button cannot be guaranteed to work (due to browser implementations), but it is discussed here: how to stop browser back button using javascript
There is no way to guarantee that the browser will not submit the same data twice (while loading, the client can press reload). Also, you can't ensure that the browser will not redisplay an old page to the user when pressing back.
If it is important not to process old data, you should design the app for idempotence. This can be achieved with SESSION variables or a database. On easy example is
if (isset($_SESSION['submitted']) {
doWork();
$_SESSION['submitted'] = 1;
}
This code will only run once and it wont hurt if the user reloads the page.
If you want to allow the user to run the action again (e.g. after the transaction is completed) you can just:
unset ($_SESSION['submitted'])