basically I have a simple user page which I access after logging in via a login page. In the user page, there is my personal data displayed from my previous registration. And there is also a form where I can enter new information such as my favourite color and hobby (which I can insert multiple times). All the records goes into the DB succesfully. The problem is, everytime I submit a new data from the form in the user page, my personal data that are displayed in the same page dissapears. When I check the DB, nothing is lost, everything remains there. The only problem is, everytime I submit a data, my personal data which is displayed on the same page dissapears. BUt when I log in, it is there again. I suspect it might be due to non-infinite while looping everytime I press the submit button to insert new information.
How do I create an infinite while loop if this is the problem.??please help. If this is not the problem, please help me. tq so much. Below is partial of my script. tq.
<?php
//useracc-test.php
//start session
session_start();
// require 'lib/password.php';
require 'connect-test.php';
//retrieving part below
$userName= isset($_POST['username']) ? $_POST['username'] : '';
//$id= isset($_POST['id']);
$query = "SELECT id, name, username, telno FROM users WHERE username = ?";
$stmt = $conn->prepare($query);
$stmt->bind_param('s', $userName);
$stmt->execute();
$res = $stmt->get_result();
?>
<html>
<head>
<style type="text/css">
#apDiv2 {
position: absolute;
left: 272px;
top: 148px;
width: 350px;
height: 338px;
z-index: 1;
}
#apDiv3 {
position: absolute;
left: 37px;
top: 379px;
width: 320px;
height: 157px;
z-index: 2;
}
</style>
<link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css">
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
</head>
<body>
<div id="apDiv3">
<div id="TabbedPanels1" class="TabbedPanels">
<ul class="TabbedPanelsTabGroup">
<li class="TabbedPanelsTab" tabindex="0">Tab 1</li>
<li class="TabbedPanelsTab" tabindex="0">Tab 2</li>
</ul>
<div class="TabbedPanelsContentGroup">
<div class="TabbedPanelsContent">
<p>
</p>
<?php while($row = $res->fetch_array()): ?>
<p><?php echo $row['id']; ?></p>
<p><?php echo $row['name']; ?></p>
<p><?php echo $row['username']; ?></p>
<p><?php echo $row['telno']; ?>
<?php endwhile; ?>
<?php
if(isset($_POST['submit']))
{
$id = $_POST['id'];
$name2 = $_POST['name2'];
$color2 = $_POST['color2'];
$hobby2 = $_POST['hobby2'];
$stmt = $conn->prepare("INSERT INTO useradvert (id,name2,color2,hobby2) VALUES (?,?,?,?)");
$stmt->bind_param("isss",$id,$name2,$color2,$hobby2);
$stmt->execute();
// $stmt->close();
// $conn->close();
}
?>
</p>
</div>
<div class="TabbedPanelsContent">
<form name="form2" method="post" action="useracc-test.php">
<p> </p>
<p>id :
<input type="text" name="id" id="id">
</p>
<p>name :
<input type="text" name="name2" id="name2">
</p>
<p>color2 :
<input type="text" name="color2" id="color2">
</p>
<p>hobby2 :
<input type="text" name="hobby2" id="hobby2">
</p>
<p>
<input type="submit" name="submit" id="submit" value="submit">
</p>
</form>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
</div>
</div>
</div>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p>
<script type="text/javascript">
var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1");
</script>
</body>
</html>
When you submit a form, the browser refreshes the page with whatever the submission form returns. So after the script updates the database, it needs to display the new contents of your profile, just like the original profile page does.
A simple way to do this is for the script to send a redirect back to the page that displays the profile form. When it's done, it can do:
header("Location: profile.php");
Another option is to use AJAX to submit the changes, rather than normal HTTP form submission. You'll need to learn Javascript for this.
the code would be:
while (true) {
//loop body
}
BUT in PHP code stops executing after the max_execution_time expires (ini_set('max_execution_time', 300);). You don't want an infinite loop in PHP because you want output from PHP and that will only happen after the script finishes.
Infinite loops are good for embedded code where the machine has to keep running code like a robot or a clockradio.
tq to all for the sugesstions. I appreciate. I apologise if my language is not polite because english is my 3rd language at home. It is not my native language. This is how i speak. I already solved the problem. I just use "print" function and made minor modifications. and the data never disappear. problem solved.tq all.
Related
I have created a code that run in a popup of WordPress website, the purpose of this code is to validate entered data available in mysql db table if available it displays relative code else it executes other code.
I have tried
action="<?php echo $_SERVER['PHP_SELF']; ?>"
and
headlocation(.......)
but none worked, it is submitting code and redirecting to index.php to display results.
<style><?php include 'search-zip.css'; ?>
</style>
<?php
include 'search-config.php';
$conn = OpenCon();
?>
<h3 class="formhead">Available in</h3>
<h2 class="formhead">Melbourne Inner Suburbs</h2>
<form class="form-wrapper" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<input type="text" name="$POSTCODE" id="search" size="25" maxlength="35" value="<?php echo $_REQUEST['$POSTCODE'] ?>" />
<input type="submit"
name="submit" value="Search" id="submit"></form>
<p class="form-text">Please search your postal code for service availability</p>
<?
if (isset($_POST['submit'])) {
{
$zipcode=$_REQUEST['$POSTCODE'];
$sql = "SELECT * FROM service_location WHERE zipcode = $zipcode";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
?>
<style>.formhead{display:none;} .form-wrapper{display:none;} .form-text{display:none;}</style>
<div class="available">
<img class="zipimage" src="https://www.hastygrocer.com.au/wp-content/uploads/2019/07/hasty-grocer-available-popup-image.png" alt="Happy Minion" >
<h2 style="text-align: center;">Experience Melbourne's</h2>
<h2 style="text-align: center;"><i style="color: #3aafa9; font-family: Faster One script=all rev=2; font-size: 60px;">Fast</i> & <b style="color: green; font-family: Aladin; font-size: 60px;">Fresh </b></h2>
<h2 style="text-align: center;">Grocery Delivery</h2>
<span class="pum-close popmake-close "><button class="zipbutton" type="button">Shop</button></span></div>
<?
} else {
?>
<style>.formhead{display:none;} </style>
<div class="available">
<h3 style="text-align: center;">Get Notified When Available in <b style=" text-align: center;font-weight: 800; font-family: arial; color: #3aafa9;"><?php echo "$zipcode"?></b></h3>
<div class="zipform"><?php echo do_shortcode( '[contact-form-7 id="613" title="PopUp"]' ); ?></div>
</div>
<?
}
}}
?>
I created this code to redirect to same page.
but this is redirecting to index.php to display result.
please help me in fixing this using any php or ajax that may fix this code.
sorry I am not an expert developer I got code from internet and created the following code.
Thanks in advance
See this part of code: action="<?php echo $_SERVER['PHP_SELF']; ?>"
The submit will be performed to the link passed from the $_SERVER array, but PHP manual says:
$_SERVER is an array containing information such as headers, paths, and script locations. The entries in this array are created by the web server. There is no guarantee that every web server will provide any of these.
Try to make an <? echo $_SERVER['PHP_SELF']; ?> and see what is printed. You will probably get the index.php location.
Try to set the action to the page that contains the form.
Hey there stackoverflow users, i have come upon a very confusing problem that I cant seem to move past. I am creating a forum type web page and am currently working on the comments section. I have a form that uses the post method to send your comment as well as a hidden input to store the threads ID. I will post the entire php file below just to make sure nothing is left out.
<?php
session_start();
parse_str($_SERVER['QUERY_STRING'], $link);
$threadID = $link['ID'];
require("config.php");
$connection = mysqli_connect($host, $user, $password, $database);
$error = mysqli_connect_error();
if($error != null) {
$output = "<p>Unable to connect to database!</p>";
exit($output);
} else {
//Get Thread Data
$query = "SELECT username, title, content FROM threads, users WHERE threads.ID = $threadID AND users.ID = threads.makerID;";
$results = mysqli_query($connection, $query);
$row = mysqli_fetch_assoc($results);
//Get Comment Data
$query = "SELECT username, comment FROM comments, users WHERE threadID = $threadID AND users.ID = comments.makerID;";
$results = mysqli_query($connection, $query);
$row = mysqli_fetch_assoc($results);
}
?>
<!DOCTYPE html>
<html>
<head lang="en">
<title>BodyweightMate</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="../css/styling.css"/>
</head>
<body>
<!--Top masthead-->
<header class="masthead" id="top">
<h1 class="masthead-title"> Welcome To BodyweightMate </h1>
</header>
<!--Navigation bar-->
<nav class="navbar">
<table class="navbar-table">
<tr>
<!--Logo-->
<td>
<a class="navbar-brand" href="main.php">
<img src="../images/logo.jpg" alt="BodyweightMate" height="30" width="30">
</a>
</td>
<!--Login/Profile-->
<?php if(isset($_SESSION['login_user'])) {
echo"<td><a class=\"navbar-profile\" href=\"profile.php\"> Profile </a></td>";
echo"<td><a class=\"navbar-logout\" href=\"logout.php\"> Logout </a></td>";
} else {
echo"<td><a class=\"navbar-login\" href=\"login.php\"> Login </a></td>";
}?>
</tr>
</table>
</nav>
<!--Main portion-->
<section class="content-section">
<article>
<h3><?php echo $row['username']. ": " .$row['title']; ?></h3>
<p><?php echo $row['content']; ?></p>
<br>
<h3>Comments</h3>
<p>Some annoying user: Gr8 B8 M8</p>
<p>Annoying users friend: I R8 8/8</p>
</article>
<div>
<!--If logged in, ability to comment-->
<?php if(isset($_SESSION['login_user'])): ?>
<form role="comment-form" method="POST" action="processcomment.php" id="mainForm">
<input type="hidden" value="$threadID" name="threadID">
<div class="form-group">
<label for="comment">Comment </label> <br>
<textarea class="comment-text" name="comment" rows="2" maxlength="255"></textarea>
</div> <br>
<input type="Submit" class="btn-newcomment" value="Submit Comment" name="submit">
</form>
<?php endif ?>
</div>
</section>
<!--Right portion-->
<aside class="content-aside">
<div>
<!--If logged in, be able to create a thread-->
<?php
if(isset($_SESSION['login_user'])) {
echo"<form method=\"post\" action=\"makethread.php\">";
echo"<input type=\"submit\" class=\"btn-newthread\" value=\"Create New Thread\" name=\"submit\">";
echo"</form>";
}
?>
</div>
<!--Info-->
<div>
<p> GOING TO NEED A SEARCH FUNCTION HERE
This is the cool little aside section. It will always be there to provide you with some very nice little details, helpful links, maybe a list of moderators? who knows! The uses are endless when you have a beautiful little aside like this one! Here are a few very useful bodyweight fitness links to get us started :D </p>
</div>
<br>
<div>
<ul class="content-aside-links">
<li>
Reddit's Bodyweightfitness Forum
</li>
<li>
Reddit's Bodyweightfitness RR
</li>
<li>
Antranik's Bodyweightfitness Routine
</li>
</ul>
</div>
<div></div>
</aside>
<!--Footer -->
<footer class="footer">
<div>
<p> Use of this site constitutes acceptance of our User Agreement © 2017 BodyweightMate inc. All rights reserved. </p>
</div>
</footer>
</body>
</html>
The error is occurring under the main portion where i check if a user is logged in, and if they are add a short form consisting of a message, a text area, and a submit button. This form sends the information to the following php file.
<?php
session_start();
if(!isset($_SESSION['login_user'])) { header("location: main.php"); }
?>
<!DOCTYPE html>
<html>
<body>
<?php
require("config.php");
$connection = mysqli_connect($host, $user, $password, $database);
$error = mysqli_connect_error();
if($error != null) {
$output = "<p>Unable to connect to database!</p>";
exit($output);
} else {
//Validation
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$comment = $_POST['comment'];
$threadID = $_POST['threadID'];
$user = $_SESSION['login_user'];
} else {
//Redirect back to register
echo"<p>Form must use post or input was bypassed.</p>";
echo" Return to home page. ";
mysqli_close($connection);
exit();
}
There is no issue with connecting to the database, and I don't believe the remainder of the code is necessary to help me with this error since that one if statement of checking if the form is using post is failing and the else statement is always called. Why is this? i have rewritten the form multiple times ensuring that its properly structured and using post yet it fails every time!
I'm a newbie in PHP; please guide me slowly and carefully.
I have a login page (login.php) and a user page (useracc-test.php). The user page (useracc-test.php) displays all personal data after a user logs in using his own username and password. I can display other data such as (name), (username) and (telno) in php script when I echo it.
But the problem is, when I tried to echo the data in html, just below the php script, only (username) shows on the screen. The other two (name) and (telno) show nothing. No errors displayed on browser also, and also no syntax error. Below is my user page (useracc-test.php).
<?php
//useracc-test.php
/**
* Start the session.
*/
session_start();
/**
* Include our MySQL connection.
*/
// require 'lib/password.php';
require 'connect-test.php';
$userName=$_POST['username'];
//$sql = "SELECT name, username FROM users WHERE username = '" . $_POST['username'] . "'";
//$result = $conn->query($sql);
$query = sprintf("select name, username, telno FROM users WHERE username='%s'", mysql_real_escape_string($userName));
$result = $conn->query($query); ?>
<?php while($row=$result->fetch_assoc()): ?>
<div id="satu"><?= $row['name'] ?></div>
<div id="dua"><?= $row['username'] ?></div>
<div id="tiga"><?= $row['telno'] ?></div>
<?php endwhile; ?>
<html>
<head>
<style type="text/css">
#apDiv2 {
position: absolute;
left: 51px;
top: 238px;
width: 237px;
height: 93px;
z-index: 1;
}
#apDiv1 {
position: absolute;
left: 50px;
top: 344px;
width: 234px;
height: 104px;
z-index: 2;
}
</style>
</head>
<body>
<div id="apDiv2"><span class="error"><?php echo $userName; ?></span></div>
<div id="apDiv1"><span class="error"><?php echo $row['telno'] ?></span></div>
</body>
</html>
Last html code should be
<html>
<head>
.....
</head>
<body>
...
</body>
</html>
You have put </head> in <body> section.
If the database connection is OK, also try changing
while($row=$result->fetch_assoc())
To
while($row=mysql_fetch_assoc($result))
And add
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
at above in php file.
However, this doesn't make PHP show parse errors - the only way to show those errors is to modify your php.ini with this line:
display_errors = on
And check for errors.
Problem solved by member of Stack Overflow just now. Regarding div tags which I posted previously, and the problem was a 2 in 1 coincidently. The person managed to solve everything, the person's name was Svdb.
Below is the code solved by him:
<body>
<div id="apDiv2"><span class="error"><?php echo $userName; ?></span></div>
<div id="apDiv1"><span class="error"><?php echo $row['telno'] ?></span></div>
<?php while($row=$result->fetch_assoc()): ?>
<div id="satu"><?= $row['name'] ?></div>
<div id="dua"><?= $row['username'] ?></div>
<div id="tiga"><?= $row['telno'] ?></div>
<?php endwhile; ?>
</body>
</html>
I'm trying to create a script that logs you in and creates a session using a set usercode in the same table as my usernames.
Each usercode is different to each username as each usercode will display different data on my index.php
I am using the following code to authenticate my users and assign their usercodes:
<?php
include ("include/dbConfig.php");
$tbl_name="users"; // Table name
// Connect to server and select databse.
mysql_connect($db_hostname, $db_username, $db_password)or die("cannot connect"); // no quotes needed around vars
mysql_select_db($db_database)or die("cannot select DB"); // no quotes needed around vars
$username = mysql_real_escape_string($_POST['username']);
$encrypted_password = mysql_real_escape_string(md5($_POST['password']));
$sql="SELECT username, password FROM $tbl_name WHERE username='$username' and password='$encrypted_password'";
$sql2="SELECT usercode FROM $tbl_name WHERE usercode='$usercode'";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
$sql2= $usercode1['usercode'];
// If result matched $username and $password, table row must be *AT LEAST* 1 row
if(mysql_num_rows($result)){
session_start();
$_SESSION['isamsdata']->UserCode) != ''; //This needs fixing - array
header("Location: index.php?logged in successfully");
} else {
header("Location:login.php?msg=email or password wrong");
}
?>
My index.php:
<?php
error_reporting(E_ALL);
session_start();
//$_SESSION['isamsdata']->UserCode = 'test';
unset($_SESSION['child_id']);
unset($_SESSION['child_first_name']);
require_once('include/newuserfunction.php');
if (isset($_SESSION['isamsdata']) AND $_SESSION['isamsdata'] != '') {
include "header.php";
include "topmenu.php";
include "leftmenu.php";
?>
<?php
include 'helpBox.php';
?>
<!-- BEGIN PAGE -->
<div class="page-content">
<!-- BEGIN PAGE CONTAINER-->
<div class="container-fluid">
<!-- BEGIN PAGE HEADER-->
<div class="row-fluid">
<div class="span12">
<!-- BEGIN PAGE TITLE & BREADCRUMB-->
<h3 class="page-title">
Parent Dashboard
<small>This is your dashboard.</small>
<button class="btn orange" style="float: right; width: 150px;" id="addpupil" onclick="showhidepupilbox();" >Add Pupil</button>
</h3>
<ul class="breadcrumb">
<li>
<i class="icon-home"></i>
Home
<i class="icon-angle-right"></i>
</li>
<li>Dashboard</li>
<!--<button style="float: right; background-color:green; color: white !important; margin: -1px 9px 0px 0px; border: none;" onclick="addChild();">Add Child</button>-->
</ul>
<!-- END PAGE TITLE & BREADCRUMB-->
</div>
</div>
<?php
if(isset($_GET['status']))
{
if($_GET['status'] == 1) {
echo '<div class="alert alert-success">
<button class="close" data-dismiss="alert"></button>Pupil Added Successfully. </div>';
} else {
echo '<div class="alert alert-error">
<button class="close" data-dismiss="alert"></button>Pupil Not Added Successfully. </div>';
}
}
?>
<div class="row-fluid" id="addpupilform" style="display: none;" >
<div class="span12">
<div class="portlet box orange-steel">
<div class="portlet-title">
<h4><i class="icon-table"></i>Add Pupil</h4>
</div>
<div class="portlet-body">
<div class="portlet-body form">
<form action="insert-child.php" id="add_user" class="form-horizontal add_user" method="post" name="childform">
<div class="alert alert-error hide">
<button class="close" data-dismiss="alert"></button>
You have some form errors. Please check below. </div>
<div class="alert alert-success hide">
<button class="close" data-dismiss="alert"></button>
Your form validation is successful! </div>
<div class="control-group">
<label class="control-label">First Name<span class="required">*</span></label>
<div class="controls">
<input type="text" maxlength="15" name="first_name" data-required="1" class="span6 inputfields m-wrap popovers field_autosave required" />
</div>
</div>
<div class="control-group">
<label class="control-label">Last Name<span class="required">*</span></label>
<div class="controls">
<input type="text" maxlength="15" name="last_name" data-required="1" class="span6 inputfields m-wrap popovers field_autosave required" />
</div>
</div>
<div class="control-group">
<label class="control-label">Date Of Birth<span class="required">*</span></label>
<div class="controls">
<input type="text" maxlength="15" name="dob" data-required="1" class="span6 inputfields m-wrap popovers field_autosave required" />
</div>
</div>
<div class="form-actions" style=" padding-left: 12px;">
<button type="submit" class="btn orange" >Add</button>
</div>
</form>
<!--- close body-form-->
</div>
</div>
</div>
</div>
</div>
<div class="row-fluid">
<div class="span12">
<div class="clearfix"></div>
<div class="rows">
<div class="span12">
<div class="portlet box orange-steel">
<div class="portlet-title">
<h4><i class="icon-table"></i>Pupil's Details</h4>
</div>
<div class="portlet-body">
<!--<div class="scroller" style="height: 300px;" data-always-visible="1" data-rail-visible="0">-->
<div class="portlet-body">
<?php if(getUserChilds($_SESSION['isamsdata']->UserCode) != '') { ?>
<table class="table table-striped table-bordered table-hover" id="sample_2">
<thead>
<tr>
<th >First Name</th>
<th>Last Name</th>
<th>Date Of Birth</th>
<th>Change Details</th>
<th>Progress</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<?php
echo getUserChilds($_SESSION['isamsdata']->UserCode);
?>
</tbody>
</table>
<?php } else { ?>You have not setup any pupil account currently, please fill the form by clicking the Add Pupil icon above.<?php } ?>
</div>
</div>
<!-- scroller </div>-->
</div>
</div>
<!-- End Rows-->
</div>
<!-- Close Div span12-->
</div>
<!-- Close Row-span12 -->
</div>
<!-- Close Row-fluid -->
<div class="row-fluid">
<div class="span12">
<div class="clearfix"></div>
<div class="rows">
<div class="span12">
<div class="portlet box orange-steel">
<div class="portlet-title">
<h4><i class="icon-table"></i>Welcome Parent</h4>
</div>
<div class="portlet-body">
<!--<div class="scroller" style="height: 300px;" data-always-visible="1" data-rail-visible="0">-->
<div class="portlet-body">
Dear <i><?php echo $_SESSION['parentdetails']->title;?> <?php echo $_SESSION['parentdetails']->firstName;?> <?php echo $_SESSION['parentdetails']->surname;?>,</i><br><br>
<p>
A very warm welcome to the on-line joining forms and thank you so much for logging on. We know there's a lot to do here but we hope that completing these on-line forms will be relatively easy and stress-free. Simply enter the name of your son or daughter above by clicking on the ‘add pupil’ tab at the top right hand corner of this page and then click ‘Fill form’.
</p>
<p>
The fields which contain a red asterisk symbol must be completed. All updates to the forms are automatically saved so you can return to the on-line joining forms at any time to complete your submissions.
</p><p>
We recommend that you have a copy of the new parents' Joining Booklet in front of you whilst completing these forms. Don't worry if you haven't, because you can access a PDF of the Joining Booklet 2014 here. Information and help icons are available on all the forms in case you need guidance and, if you are still stuck, please do not hesitate to call the Admissions Office on 000000000.
</p><p>
As well as the forms, we would be very grateful if you could upload a picture of your son/daughter when prompted (this does not have to be a passport photo) and also a copy of the main page of your son or daughter's passport with all their details on it. If you do not have access to a scanner, then please feel free to send in a photocopy to Name, Registrar, at the usual School/College address.
</p><p>
I should also remind you that we do require the following to be posted in hard-copy back to the School/College:</p><p>
<ul style="width: 80%;">
<li>The Medical Forms (required) <a class="pull-right" href="#" target="_blank">Download Form</a></li>
<li>The Direct Debit Form (if appropriate) <a class="pull-right" href="#" target="_blank">Download Form</a></li>
<li>The Gift Aid Form (if appropriate) <a class="pull-right" href="#" target="_blank">Download Form</a></li>
</ul></p><p>
All forms should be completed by Monday 16th June. The information provided on these forms will be processed lawfully and fairly and held for our management and administrative purposes only.
</p><p>
I do hope that you all remain as excited about September as we are, and we look forward to seeing you all soon.
</p><p>
With best wishes,
</p><p>
Name here<br>
Director of Admissions
</p> </div>
</div>
<!-- scroller </div>-->
</div>
</div>
<!-- End Rows-->
</div>
<!-- Close Div span12-->
</div>
<!-- Close Row-span12 -->
</div>
<!-- Close Row-fluid -->
</div>
</div>
<!-- END PAGE CONTAINER-->
</div>
<!-- END PAGE CONTAINER-->
</div> <!-- END PAGE -->
<?php
include "footer.php";
} else {
header("Location:login.php");
}
?>
<script>
function showhidepupilbox()
{
console.log('Check');
jQuery('#addpupilform').toggle();
}
jQuery(document).ready(function() {
jQuery('#addpupilform').hide();
jQuery('#addpupil').click(function(){
console.log('sdf');
jQuery('#addpupilform').toggle();
});
App.setPage("table_managed"); // set current page
App.init(); // init the rest of plugins and elements
});
jQuery(document).ready(function() {
App.setPage("form_validation"); // set current page
App.init(); // init the rest of plugins and elements
});
jQuery(document).ready(function() {
});
</script>
<!-- END JAVASCRIPTS -->
</body>
<!-- END BODY -->
</html>
I'm quite new to PHP and SQL so any corrections would be respected!
If any database structures are needed, please ask.
What can be improved / needs fixing:
You are using mysql_, which is depreciated since php 5.5 and shouldn't be used any more. Since you are new to php, now is the right time to learn PDO or mysqli_!
You are using md5, which shouldn't be used any more.
And:
session_start();
needs to be the first line in all files that make use of session.
I guess you are using a tutorial that you have found - which is the right way, but I recommend finding another one.
I haven't fixed the md5 issue, because your passwords need to be changed in DB and the script wouldn't work if I did - but change it to mcrypt
I wrote a comment in the code - variable $usercode isn't set, I don't know where it's comming from, you might want to include usercode in the first query/do both together.
Here is your file writen with PDO:
<?php
session_start();
include('include/.db_def.php');
try {
$connection = new PDO('mysql:host=' . HOST_ONE . ';dbname=' . DB_ONE , USER_ONE, PASS_ONE);
$state = $connection->prepare("SELECT username, password FROM users WHERE username = :names AND password = :password");
$state->execute(array('names' => $_POST['username'], 'password' => md5($_POST['password'])));
list ($user,$password)=$state->fetch(PDO::FETCH_NUM);
$state->closeCursor();
$state2 = $connection->prepare("SELECT usercode FROM users WHERE usercode= :usercode");
$state2->execute(array('usercode' => $usercode)); //<<< $usercode isn't set, you need to fix this
list($usercode)=$state2->fetch(PDO::FETCH_NUM);
$state2->closeCursor();
unset($connection);
if (isset($usercode) AND $usercode != '')
{
$_SESSION['isamsdata'] = $usercode;
header("Location: index.php?logged in successfully");
exit();
}
else {
header("Location:login.php?msg=email or password wrong");
exit();
}
} catch (PDOException $e) {
die('Error!: ' . $e->getMessage() . '<br/>');
}
Your .db_def.php should look like this:
define('HOST_ONE','your host');
define('USER_ONE','db_user');
define('PASS_ONE','db_pass');
define('DB_ONE','db');
SIDENOTE:
I suppose usercode is in the users table? If so, change the query to:
$state = $connection->prepare("SELECT username, password, usercode FROM users WHERE username = :names AND password = :password");
and the part after list to:
list ($user,$password,$usercode)=$state->fetch(PDO::FETCH_NUM);
You can then get rid of the second query!
Here is the complete code with only one query:
<?php
session_start();
include('include/.db_def.php');
try {
$connection = new PDO('mysql:host=' . HOST_ONE . ';dbname=' . DB_ONE , USER_ONE, PASS_ONE);
$state = $connection->prepare("SELECT username, password, usercode FROM users WHERE username = :names AND password = :password");
$state->execute(array('names' => $_POST['username'], 'password' => md5($_POST['password'])));
list ($user,$password,$usercode)=$state->fetch(PDO::FETCH_NUM);
$state->closeCursor();
unset($state,$connection);
if (isset($usercode) AND $usercode != '')
{
$_SESSION['isamsdata'] = $usercode;
header("Location: logged_in.php?logged in successfully");
exit();
}
else {
header("Location:login.php?msg=email or password wrong");
exit();
}
} catch (PDOException $e) {
die('Error!: ' . $e->getMessage() . '<br/>');
}
?>
Your next pages should start like this:
<?php
session_start();
if (isset($_SESSION['isamsdata']) AND $_SESSION['isamsdata'] != '') {
// user seems to be logged in, do whatever you want here
}
else
{
header("Location:login.php?msg=you_are_not_logged_in");
exit();
}
File structure I would recommend:
Create a folder "views"
in views, put this .htaccess file:
<Files ~ "\.(htaccess|php)$">
order allow,deny
deny from all
</Files>
in your root folder, put the file I wrote above and name it index.php, and create the following file for every file you want to run, for the start, name it logged_in:
<?php
session_start();
if (isset($_SESSION['isamsdata']) AND $_SESSION['isamsdata'] != '') {
include('views/logged_in.php'); //here you put the file you want to run
}
else
{
header("Location:login.php?msg=not_logged_in");
exit();
}
Now, all the files you want to run will have to be in the 'views' folder, but you allways link to the file in your root folder. You need to create two files with the same name(makes it easier), one in root, one in views. In root, the file should contain the line
include('views/index.php');
but changed to the file you want to run, f.e.
include('views/dashboard.php');
Now create the file logged_in.php in "views" and just put
<?= "HELLO"; ?>
into it, just to see if it's running.
$sql2="SELECT usercode FROM $tbl_name WHERE usercode='$usercode'"
Variable $usercode is undefined
$sql2= $usercode1['usercode'];
Variable $usercode1 is undefined and code is very strange
$_SESSION['isamsdata']->UserCode) != '';
This code is strange. If you want compare it then you should use operator if
I recommended you turn full error reporting and turn on errors output. You can make this by PHP settings in php.ini or in your code.
For example in begin of script
error_reporting(E_ALL);
ini_set("display_errors", 1);
You can do like follwing code:
<?php
session_start();
include ("include/dbConfig.php");
$tbl_name="users"; // Table name
// Connect to server and select databse.
mysql_connect($db_hostname, $db_username, $db_password)or die("cannot connect"); // no quotes needed around vars
mysql_select_db($db_database)or die("cannot select DB"); // no quotes needed around vars
$username = mysql_real_escape_string($_POST['username']);
$encrypted_password = mysql_real_escape_string(md5($_POST['password']));
$sql="SELECT usercode FROM $tbl_name WHERE username='$username' and password='$encrypted_password'";
$result=mysql_query($sql);
// If result matched $username and $password, table row must be *AT LEAST* 1 row
if(mysql_num_rows($result)){
$row = mysql_fetch_assoc($result);
$usercode= $row['usercode'];
if($usercode!=''){
$_SESSION['isamsdata']->UserCode= $usercode;
header("Location: index.php?logged in successfully");
} else {
header("Location:login.php?msg=email or password wrong");
}
}
?>
I'm working on some sort of search engine that adds on to a URL to complete the request. using header(Location:http://www.WEBSITENAME.com/'. $search); Although sometimes this will send me to a blank page. Was wondering if there's any sort of code that will redirect me to another page if that error happens. I want the else to be what it redirects to if the page is blank. Thanks.
My code:
search.php
<?php
$search = $_POST["search"];
if(isset($_POST['search'])){
header('Location:http://cydia.saurik.com/package/'.$search);
}else{
?>
<?php
echo "
<head>
<style>
#header{
color:black;
}
.header{
color:black;
font-size:25px;
}
#header_minor{
margin-top:20px;
}
.header_minor{
font-size:18px;
}
a[class='header_minor']{
color:black;
}
body{
text-align:center;
margin-top:14%;
}
#idea{
margin-top:20px;
}
.hidden{
display:none;
visibility:hidden;
}
</style>
</head>
";
?>
<div id="header">
<span class="header">
Sorry, this tweak was not found...
</span>
</div>
<div id="header_minor">
<span class="header_minor">
Would you like to suggest it? or Return home
</span>
</div>
<div id="idea">
<form method="POST" action="idea.php" name="idea">
<input type="text" name="idea" value="<?php echo $_POST['search']; ?>"/>
<input type="text" name="hidden" class="hidden"/>
<input type="submit" value="Submit"/>
</form>
</div>
<?php
exit();
}
?>
It could have been better if you can call an api on that site so that you can interact easier with the external site.
I would do something like this:
PHP:
<?php
if(isset($_POST['search'])) {
$search_text = $_POST['search_field'];
$location_url = "http://cydia.saurik.com/package/{$search_text}/";
$content = #file_get_contents($location_url); // use this function to query on site
if($content) {
// redirect if it has a result
header("Location: {$location_url}");
} else {
// will go here if query on external site is empty (blank)
// create your own empty result page that says your search yielded no results (your own page, redirect the user)
// sample
header("Location: http://www.yoursite.com/index.php?noresults=1");
}
}
?>
HTML:
<form method="POST" action="index.php">
<input type="text" name="search_field" class="" id="" /><br/>
<input type="submit" name="search" class="" id="" value="Search" />
</form>
<?php if(isset($_GET['noresults'])): ?>
<div class="yourdesign" style="display: block; width: 300px; border: 1px solid black;";>
<h1>No results found</h1>
</div>
<?php endif; ?>