Here i have tried out giving user a picture captcha using google api..But the problem is even if user click on submit even without submitting captcha user is registered..!!
here gose .html file
<form method = "POST" name = "register" id = "register" class="m-t" role="form" action="login.html">
<div class="form-group">
<input type="text" name = "fname" id = "fname" class="form-control" placeholder="First Name" required="">
</div>
<div class="form-group">
<input type="text" name = "lname" id = "lname" class="form-control" placeholder="Last Name" required="">
</div>
<div class="form-group">
<input type="email" name = "email" id = "email" class="form-control" placeholder="Email" required="">
</div>
<div class="form-group">
<input type="password" name = "password" id = "password" class="form-control" placeholder="Password" required="">
</div>
<div class="form-group">
<input type="mobile" name = "mobile" id = "mobile" class="form-control" placeholder="Mobile No" required="">
</div>
<div class="form-group" id="recaptcha_widget">
<div class="required">
<div class="g-recaptcha" data-sitekey="6Lc4vP4SAAAAABjhRjyoMguw66mNSBgdpBF398AG"></div>
<!-- End Thumbnail-->
</div>
<?php include("js/captcha.php");?>
</div>
<div class="form-group">
<div cle the terms and policy </label></div>
</div>ass="checkbox i-checks"><label> <input type="checkbox"><i></i> Agre
<button type="submit" name = "submit" id = "submit" class="btn btn-primary block full-width m-b">Register</button>
<p class="text-muted text-center"><small>Already have an account?</small></p>
<a class="btn btn-sm btn-white btn-block" href="login.html">Login</a>
</form>
And here gose the .php file
<?php
if(isset($_POST['submit'])){
// Send data and get response
$cap = $_POST['g-recaptcha-response'];
$ch = curl_init('https://www.google.com/recaptcha/api/siteverify?secret=6Lc4vP4SAAAAAGOM8ERb1pYSBfHjiMGb9bnGVtog&response='.$cap);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
if($result = curl_exec($ch);
curl_close($ch);
print_r($result);
}
?>
I create demo with more clear and very sort line of code.
HTML:
<html>
<head>
<title>Addweb solution Pvt Ltd Google recapcha demo - Codeforgeek</title>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>
<body>
<h1>Google reCAPTHA Demo</h1>
<form id="comment_form" action="verify.php" method="post">
<input type="email" placeholder="Type your email" size="40"><br><br>
<textarea name="comment" rows="8" cols="39"></textarea><br><br>
<input type="submit" name="submit" value="Post comment"><br><br>
<div class="g-recaptcha" data-sitekey="XXXXXXXXX_SITE_KEY_XXXXXXXX"></div>
</form>
</body>
</html>
PHP:
<?php
if(isset($_POST['submit']) && !empty($_POST['submit'])){
if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])){
//your site secret key
$secret = 'XXXXXXXXXXXXX_SECRET_KEY_XXXXXXXXXXXX';
//get verify response data
$param = "https://www.google.com/recaptcha/api/siteverify?secret=".$secret."&response=".$_POST['g-recaptcha-response'];
$verifyResponse = file_get_contents($param);
$responseData = json_decode($verifyResponse);
if($responseData->success){
//contact form submission code goes here
$succMsg = 'Your contact request have submitted successfully.';
//Your PHP stuff for use after captcha validate success.
}else{
$errMsg = 'Robot verification failed, please try again.';
}
}else{
$errMsg = 'Please click on the reCAPTCHA box.';
}
}
?>
Please replace your site key with 'XXXXXXXXX_SITE_KEY_XXXXXXXX' and secret key with 'XXXXXXXXXXXXX_SECRET_KEY_XXXXXXXXXXXX'. Also use your mysql related logic into success validation block.
In future you need to check error message if any then you can find here.
Let me know if there is any concern regarding this. Hope this help.!
Just do a JavaScript validation for empty captcha field in the client side and do allow them to submit the form at all if it is not filled! A very good example of this is available here: ReCaptcha Validation
Related
I have one PHP form with some fields and google ReCAPTCHA field and values store in the database table, But i want to make the google ReCAPTCHA field required.
Code here:
<?PHP
if(isset($_POST['submit']))
{
{
$name=$_REQUEST['name'];
$email=$_REQUEST['email'];
$message=$_REQUEST['message'];
$user_id=$_SESSION['id'];
$sql="insert into contact (name,email,message,user_id,status)
values('$name','$email','$message','$user_id','1')";
$qex=mysql_query($sql);
if(!$qex)
{
die("Contact information is not Added".mysql_error());
}
$msgsec="Contact information is Added";
?>
form code:
<script src='https://www.google.com/recaptcha/api.js'></script>
<form id='contactus' method='post' >
<input type='hidden' name='submit' id='submit' value='1'/>
<label><h2>Your Name <strong style="color:red">*</strong></h2></label>
<input type="text" class="form-control" required name="name" id="name" placeholder="Please enter you'r name"/>
<label><h2>Your Email <strong style="color:red">*</strong></h2></label>
<input type="email" class="form-control" required name="email" id="email" placeholder="Please enter you'r email address"/>
<label><h2>Your Message <strong style="color:red">*</strong></h2></label>
<textarea class="form-control" required name="message" id="message" placeholder="Please type you'r message here"></textarea>
<br />
<div class='container'>
<div class="g-recaptcha" data-sitekey="6LevWB0UAAAAAEPIUh40HptW3PxfYFqjvz2Wa05D"></div>
</div>
<div class='container'>
<input type="submit" name="submit" class="btn btn-primary" value="SEND MESSAGE">
</div>
</form>
as of now the Google ReCAPTCHA option is not required. the form details always stored with submit button wheather i click on captcha or not. i want to make Google ReCAPTCHA required. please check my code and let me know. what i am missing.
Thanks and Regards.
Ankit
Here is google captcha with validation
<html>
<script src='https://www.google.com/recaptcha/api.js'></script>
<?PHP
/*Site Key and secret key is different thing so change it with ur keys */
$errMsg ="";
if(isset($_POST['submit']))
{
if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])):
//your site secret key
$secret = '*********************';
//get verify response data
$verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response']);
$responseData = json_decode($verifyResponse);
print_r($responseData);
$name = !empty($_POST['name'])?$_POST['name']:'';
$email = !empty($_POST['email'])?$_POST['email']:'';
$message = !empty($_POST['message'])?$_POST['message']:'';
$user_id=$_SESSION['id'];
if($responseData->success):
//contact form submission code
$sql="insert into contact (name,email,message,user_id,status)
values('$name','$email','$message','$user_id','1')";
$qex=mysql_query($sql);
if(!$qex)
{
die("Contact information is not Added".mysql_error());
}
$errMsg="Contact information is Added";
else:
$errMsg = 'Robot verification failed, please try again.';
endif;
else:
$errMsg = 'Please click on the reCAPTCHA box.';
endif;
}
echo $errMsg ;
?>
<body>
<form id='contactus' method='post' >
<input type='hidden' name='submit' id='submit' value='1'/>
<label><h2>Your Name <strong style="color:red">*</strong></h2></label>
<input type="text" class="form-control" required name="name" id="name" placeholder="Please enter you'r name"/>
<label><h2>Your Email <strong style="color:red">*</strong></h2></label>
<input type="email" class="form-control" required name="email" id="email" placeholder="Please enter you'r email address"/>
<label><h2>Your Message <strong style="color:red">*</strong></h2></label>
<textarea class="form-control" required name="message" id="message" placeholder="Please type you'r message here"></textarea>
<br />
<div class='container'>
<div class="g-recaptcha" data-sitekey="*********************"></div>
</div>
<div class='container'>
<input type="submit" name="submit" class="btn btn-primary" value="SEND MESSAGE">
</div>
</form>
</body>
</html>
in your php file add this
if(isset($_POST['submit']))
{
if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response']))
{
$name=$_REQUEST['name'];
$email=$_REQUEST['email'];
$message=$_REQUEST['message'];
$user_id=$_SESSION['id'];
$sql="insert into contact (name,email,message,user_id,status)
values('$name','$email','$message','$user_id','1')";
$qex=mysql_query($sql);
if(!$qex)
{
die("Contact information is not Added".mysql_error());
}
$msgsec="Contact information is Added";
}
else
{
//your message for select recaptcha or required
}
}
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
I know this may have been submitted before (sorry)
I have basic form, these are the details id like to be sent, however i cannot get the reCaptcha to work with it. I have googled all day, but when i try other peoples code (amending to fit mine) it doesnt seem to work.
I would like: Name, Email, Number, newsletter (yes/no) and recaptcha to be sent/work.
Can someone please give me an idea where i may be going wrong? what i may need to add?
Thanks in advance!
Here is my Form (html)
<form method="POST" action="Form_Activation.php">
<div class="form-group">
<label for="name">Name:</label>
<input type="text" class="form-control" id="name" name="name" placeholder="Full Name" value="" required/>
</div>
<div class="form-group">
<label for="email">Email:</label>
<input type="email" class="form-control" id="email" name="email" value="" placeholder="you#example.com" required/>
</div>
<div class="form-group">
<label for="number">Number:</label>
<input class="form-control" name="number" id="number" value="" placeholder="Contact Number" required/>
</div>
<div class="form-group">
<label for="message">Message:</label>
<textarea class="form-control" name="message" id="message" placeholder="Enter Message.." required></textarea>
</div>
<div class="form-group">
<input type="checkbox"/> <b> Subscribe to Newsletter</b>
</div>
<div class="g-recaptcha" data-sitekey="6Le2SBQTAAAAADIOrUEPpcEVvR_c0vN9GzQpLg05"></div>
<button type="submit" class="btn btn-default sendbutton">SEND</button>
</form>
Here is my php (basic)
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$number = $_POST['number'];
$message = $_POST['message'];
//$password = $_POST['password'];
//$keyy = $_SERVER['UNIQUE_ID'];
$msg = "Name: $name\r\n \r\n";
$msg .= "Email: $email\r\n \r\n";
$msg .= "Number: $number\r\n \r\n";
$msg .= "Message: $message\r\n \r\n";
$recipient = "info#islandwebdesign.co.uk";
$subject = "New Website Request";
$mailheaders = "From:$email";
//$mailheaders .= "Reply-To:$email";
mail($recipient,$subject,$msg,$mailheaders);
header("Location: contactus.php?msg=1");
?>
First of all make sure that you've included the necessary JavaScript resource to render reCAPTCHA widget properly, like this:
<html>
<head>
<title>reCAPTCHA demo: Simple page</title>
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
</head>
<body>
<form action="?" method="POST">
<div class="g-recaptcha" data-sitekey="your_site_key"></div>
<br/>
<input type="submit" value="Submit">
</form>
</body>
</html>
Here's the reference:
Displaying the widget
Now comes to your user's response. The response from the user's captcha challenge can be fetched in three ways. It can be as,
Now comes to your user's response. The response from the user's captcha challenge can be fetched in three ways. It can be as,
g-recaptcha-response - a POST parameter in the submitted form
grecaptcha.getResponse(widget_id) - will provide the response after the user completes the captcha.
A string argument to the callback function specified in the config object passed to the render method.
Here's the reference:
Verifying the user's response
For your purpose use g-recaptcha-response to get the user's response. So your code should be like this:
HTML
<form method="POST" action="Form_Activation.php">
<div class="form-group">
<label for="name">Name:</label>
<input type="text" class="form-control" id="name" name="name" placeholder="Full Name" value="" required/>
</div>
<div class="form-group">
<label for="email">Email:</label>
<input type="email" class="form-control" id="email" name="email" value="" placeholder="you#example.com" required/>
</div>
<div class="form-group">
<label for="number">Number:</label>
<input class="form-control" name="number" id="number" value="" placeholder="Contact Number" required/>
</div>
<div class="form-group">
<label for="message">Message:</label>
<textarea class="form-control" name="message" id="message" placeholder="Enter Message.." required></textarea>
</div>
<div class="form-group">
<input type="checkbox"/> <b> Subscribe to Newsletter</b>
</div>
<div class="g-recaptcha" data-sitekey="6Le2SBQTAAAAADIOrUEPpcEVvR_c0vN9GzQpLg05"></div>
<button type="submit" name="submit" class="btn btn-default sendbutton">SEND</button>
</form>
Add a name attribute in your submit button.
Form_Activation.php
<?php
if(isset($_POST['submit'])){
//your site secret key
$secret = 'XXXXXXX_Secret-key_XXXXXXX';
if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])){
//get verified response data
$param = "https://www.google.com/recaptcha/api/siteverify?secret=".$secret."&response=".$_POST['g-recaptcha-response'];
$verifyResponse = file_get_contents($param);
$responseData = json_decode($verifyResponse);
if($responseData->success){
// success
$name = $_POST['name'];
$email = $_POST['email'];
$number = $_POST['number'];
$message = $_POST['message'];
// so on
}else{
// failure
}
}
}
?>
Don't forget to add your secret key in $secret variable.
<div class="form-group">
<label for="inputsm">Put URL</label>
<input class="form-control input-sm" id="inputsm" type="text">
<br>
<input type="submit" class="btn btn-info" value="Count Contact">
</div>
This code is my text box and button
<?php
$getText = file_get_contents("", true);
$Contact = substr_count($getText ,"CONTACTID");
print_r($Contact);
?>
and this code is php for get a value and count
Example
I need to put this link https://s3-ap-southeast-1.amazonaws.com/cloudpoc2/us-east-1%3A4502ecdd-1994-40da-8eb2-b6ccc96d6be0/Contacts/Contact_2014_11_19_09_53_28_278.vcf in text box
and click button it show number of contact in this file
$getText = file_get_contents("https://s3-ap-southeast-1.amazonaws.com/cloudpoc2/us-east-1%3A4502ecdd-1994-40da-8eb2-b6ccc96d6be0/Contacts/Contact_2014_11_19_09_53_28_278.vcf", true);
You have to submit your form through POST or GET. My example will use POST. You also must assign a name to the elements you're posting (such as URL). This is untested, so it may have some errors. But it will give you an idea.
<?php
if(isset($_POST['submit'])){
$url = $_POST['url'];
$getText = file_get_contents("$url", true);
$Contact = substr_count($getText ,"CONTACTID");
print_r($Contact);
}
?>
<form method="POST" action="?">
<div class="form-group">
<label for="inputsm">Put URL</label>
<input name="url" class="form-control input-sm" id="inputsm" type="text">
<br>
<input name="submit" type="submit" class="btn btn-info" value="Count Contact">
</div>
</form>
I am working on a registration system which comprises of 3 total steps.
Step 1 - user enters a username, system searches the database for the
username. IF the username is found, it checks the account status (ie:
no password created, complete but not verified, registered and
verified).
If user is not found, user is directed to Step 2.
If status = no password created, the user is directed to Step 3.
If status = complete but not verified / registered and verified, Display error message.
Step 2 - user enters personal details.
The page stores user inputs
Step 3 - user creates a password, the system connects to the database and INSERTs user info to the user table. A success message is
displayed.
I have managed to figure out and complete the coding for the first 2 steps, by displaying a new form when the previous form has been submitted.
Problem: However, I have just realised that I am unable to retrieve data from the previous form (ie: at step 3 I am unable to retrieve the Username from Step 1). I have tried using the 'header('location: ?user=$uname');' approach however this doest work because the URL gets reset when I submit the new form and I lose the username again. How do I create a proper multi-step form using ONLY PHP and how do I store the input values so I could use them at the last step. Below is my code:
<?php
include 'includes/session_info.php';
if(isset($_SESSION['user_id'])){
header('Location: index.php');
}
$errors = array();
if(empty($_POST['user_info']) === false){
require ('core/dbcon.php');
$usr_email = mysqli_real_escape_string($con, $_POST['email']);
$usr_joined = mysqli_real_escape_string($con, $_POST['joined']);
$usr_recruited = mysqli_real_escape_string($con, $_POST['recruited']);
if($usr_email){
//direct user to password form
}else{
$errors[] = 'Please complete all fields marked with a Red Asterisk.';
}
$form2 = $usr_email.'<br>'.$usr_joined.'<br>'.$usr_recruited;
}
if(empty($_POST['username_chck']) === false){
require ('core/dbcon.php');
$username = mysqli_real_escape_string($con, $_POST['uname']);
$rpt_uname = mysqli_real_escape_string($con, $_POST['r_uname']);
if($username && $rpt_uname){
if($username == $rpt_uname){
$query = mysqli_query($con, "SELECT status FROM users WHERE username = '$username'") or die(mysqli_error($con));
// Display registration form if Username is not found.
if(mysqli_num_rows($query) == 0){
$form1;
}
// Actions performed If username entered already exists in the database.
elseif(mysqli_num_rows($query) == 1){
$status = mysqli_fetch_assoc($query);
if($status['status'] == 0){
$errors[] = '<b>'.$username.'</b> is already registered and awaiting to be verified by our admins. Feel free to contact an Admin via the website or in-game to get verified.';
}elseif($status['status'] == 1){
//header("Location:?create_pwd&user=$username");
}elseif($status['status'] > 1){
$errors[] = '<b>'.$username.'</b> is already registered and verified by our Admins. Please log in to access you account.
If you have forgotten your password you can rest your password <a class="navbar-link error_link" id="intext-link" href="login.php?fp"><b>here</b></a>.';
}
}elseif(mysqli_num_rows($query) > 1){
$errors[] = 'An error has occurred. Looks like a there is more than one member with that username. Please contact the Administrator for assistance.';
}
}else{
$errors[] = 'Please ensure that the username entered in both fields match.';
}
}else{
$errors[] = 'Please complete all required fields.';
}
}
?>
<html>
<div class="row">
<div class="col-md-6 col-md-offset-3">
<?php
if(empty($_POST['username_chck']) === false){
if(empty ($errors) === false){
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<div class="form-group">
<label for="Uname"><span class="glyphicon glyphicon-asterisk required" aria-hidden="true"></span> Username: </label><br>
<input type="text" name="uname" class="form-control" placeholder="Please enter your Runescape username." id="Uname" required>
</div>
<div class="form-group">
<label for="repeat_Uname"><span class="glyphicon glyphicon-asterisk required" aria-hidden="true"></span> Repeat Username: </label><br>
<input type="text" name="r_uname" class="form-control" id="repeat_Uname" placeholder="Please re-enter your Runescape username." required>
</div>
<input type="submit" name="username_chck" class="btn btn-default" value ="Next">
</form>
<?php
}else{ echo $reg_uname;
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<div class="form-group">
<label for="Email"><span class="glyphicon glyphicon-asterisk required" aria-hidden="true"></span> Email: </label>
<input type="email" name="email" class="form-control" id="Email" <?php if (isset($_POST['email'])=== true){echo 'value="', strip_tags($_POST['email']),'"';}?>>
</div>
<div class="form-group">
<label for="Joined">Date Joined: </label><br>
<small class="notice">If you do not remember the exact date please select the first day of the month and year you joined (eg: 01/02/2001).</small><br>
<input type="date" name="joined" class="form-control" id="Joined" <?php if (isset($_POST['joined'])=== true){echo 'value="', strip_tags($_POST['joined']),'"';}?>>
</div>
<div class="form-group">
<label for="recruited">Recruited by: </label>
<select name="recruited" class="form-control" id="recruited">
<option value="" selected disabled>Select a Member</option>
<?php
require ('core/dbcon.php');
$usr_qry = mysqli_query($con, "SELECT user_id, username FROM users")or die(mysqli_error($con));
while($usr = mysqli_fetch_array($usr_qry)){
echo '<option value="'.$usr['user_id'].'">'.$usr['username'].'</option>';
}
?>
</select>
</div>
<input type="submit" name="user_info" class="btn btn-default" value ="Next">
</form>
<?php
}
}elseif(empty($_POST['user_info']) === false){
if(empty ($errors) === false){
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<div class="form-group">
<label for="Email"><span class="glyphicon glyphicon-asterisk required" aria-hidden="true"></span> Email: </label>
<input type="email" name="email" class="form-control" id="Email" <?php if (isset($_POST['email'])=== true){echo 'value="', strip_tags($_POST['email']),'"';}?>>
</div>
<div class="form-group">
<label for="Joined">Date Joined: </label><br>
<small class="notice">If you do not remember the exact date please select the first day of the month and year you joined (eg: 01/02/2001).</small><br>
<input type="date" name="joined" class="form-control" id="Joined" <?php if (isset($_POST['joined'])=== true){echo 'value="', strip_tags($_POST['joined']),'"';}?>>
</div>
<div class="form-group">
<label for="recruited">Recruited by: </label>
<select name="recruited" class="form-control" id="recruited">
<option value="" selected disabled>Select a Member</option>
<?php
require ('core/dbcon.php');
$usr_qry = mysqli_query($con, "SELECT user_id, username FROM users")or die(mysqli_error($con));
while($usr = mysqli_fetch_array($usr_qry)){
echo '<option value="'.$usr['user_id'].'">'.$usr['username'].'</option>';
}
?>
</select>
</div>
<input type="submit" name="user_info" class="btn btn-default" value ="Next">
</form>
<?php
}else
echo $reg_uname.'<br>'. $reg_email.'<br>'.$reg_joined.'<br>'.$reg_recruited.'<br>';
}else{
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<div class="form-group">
<label for="Uname"><span class="glyphicon glyphicon-asterisk required" aria-hidden="true"></span> Username: </label><br>
<input type="text" name="uname" class="form-control" placeholder="Please enter your Runescape username." id="Uname" required>
</div>
<div class="form-group">
<label for="repeat_Uname"><span class="glyphicon glyphicon-asterisk required" aria-hidden="true"></span> Repeat Username: </label><br>
<input type="text" name="r_uname" class="form-control" id="repeat_Uname" placeholder="Please re-enter your Runescape username." required>
</div>
<input type="submit" name="username_chck" class="btn btn-default" value ="Next">
</form>
<?php
}
?>
</div>
</div>
</html>
Ps. I have looked into creating a session which gets destroyed when the user navigates away from the page Destroy PHP session on page leaving. However I find that it's not very user friendly as it doesn't work properly if the user has multiple tabs open. I understand that I need to implement a javascript function to make it work properly. I do not know how to code in javascript and would really appreciate your assistance on making a better multi-step registration process.
As mentioned above, store the POST data from each step in the session variable.
// Step 1 submit
$_SESSION['steps'][1] = $_POST;
// Step 2 submit
$_SESSION['steps'][2] = $_POST;
// Step 3 submit
$_SESSION['steps'][3] = $_POST;
You can then use something like currentStep in the session to determine where they last were.
$currentStep = $_POST['step'];
And compare to what data you need available, or just use it directly from the array.
I opted to follow the 'hidden variable' method where I store the values form the previous form in hidden inputs of the current form. Thus enabling me to pass the values on to the next form. A sort of snowball effect, if you will. Below is an example:
Form 1
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<div class="form-group">
<label for="Uname">Username: </label><br>
<input type="text" name="uname" class="form-control" id="Uname" required>
</div>
<div class="form-group">
<label for="repeat_Uname">Repeat Username: </label><br>
<input type="text" name="r_uname" class="form-control" id="repeat_Uname" required>
</div>
<input type="submit" name="username_chck" class="btn btn-default" value ="Next">
</form>
Form 2
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<div class="form-group">
<label for="Email">Email: </label>
<input type="email" name="email" class="form-control" id="Email" required <?php if (isset($_POST['email'])=== true){echo 'value="', strip_tags($_POST['email']),'"';}?>>
</div>
<input type="hidden" name="username" <?php if (isset($_POST['username'])=== true){echo 'value="', strip_tags($_POST['username']),'"';}else{echo "value=\"$username\"";}?>>
<input type="submit" name="user_info" class="btn btn-default" value ="Next">
Explanation
Below is a skeleton of my code which should help you understand how I have displayed the forms
if(empty($_POST['form1'])=== false){
$username = mysqli_real_escape_string($con, $_POST['username']);
// display form 2
}elseif(empty($_POST['form2'])=== false){
//display form 3
}
Note the hidden input type before the submit button in the second form.
While I have opted to include the if statements within the tags for the sake of this example, you could alternatively choose to process the forms at the top of your page (before the tag).
I have a website with two form authentication in different pages, have different input name and link to different pages . The problem is that when I save my authentication to a browser (chrome) of a form , the browser fill in the fields with the same data in the other form . How is it possible?
First form
<form action="" method="POST" enctype="multipart/form-data">
<div class="form-group">
<label for="exampleInputEmail1">Email</label>
<input type="email" name="private_email" class="form-control" id="email1" value="" placeholder="Enter email" required>
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="password" class="form-control" name="private_password" value="" id="password1" placeholder="Password" required>
</div>
<input type="submit" name="login" class="btn btn-default" value="Login">
</form>
Second Form (It is a form of a cms)
<form action="http://escuolainsieme.it/shop/login" method="post" id="login_form" class="box">
<h3 class="page-subheading">Sei giĆ registrato?</h3>
<div class="form_content clearfix">
<div class="form-group form-ok">
<label for="email">Indirizzo email</label>
<input class="is_required validate account_input form-control" data-validate="isEmail" type="text" id="email" name="email" value="">
</div>
<div class="form-group">
<label for="passwd">Password</label>
<span><input class="is_required validate account_input form-control" type="password" data-validate="isPasswd" id="passwd" name="passwd" value=""></span>
</div>
<p class="lost_password form-group">Hai dimenticato la password?</p>
<p class="submit">
<input type="hidden" class="hidden" name="back" value="my-account"> <button type="submit" id="SubmitLogin" name="SubmitLogin" class="button btn btn-default button-medium">
<span>
<i class="icon-lock left"></i>
Entra
</span>
</button>
</p>
</div>
</form>
Login.php
<?php session_start(); // Starting Session
$error = ''; // Variable To Store Error Message
if (isset($_POST['private_login'])) {
if (empty($_POST['private_email']) || empty($_POST['private_password'])) {
$error = "<div class='alert alert-danger'>Compila tutti i campi</div>";
} else {
$email = mysqli_real_escape_string(conn(), $_POST['private_email']);
$password = mysqli_real_escape_string(conn(), $_POST['private_password']);
$cls_utente = new utente();
if ($cls_utente->check_user($email, $password) == 1) {
$_SESSION['login_user'] = $email; // Initializing Session
$_SESSION['is_logged'] = true;
} else {
$error .= "<div class='alert alert-danger'>Email o password errati</div>";
}
}}?>
You can try using autocomplete="false" or autocomplete="off" to disable it, not sure if it will work but give it a try.
As far as i am concerned it's not possible to make the browser 'realize' that they are different forms and they should not be auto-filled with the same data.
Have a look at these 2 answers, answer1 answer2 for more information how browser detects the forms.
You must add another one column in your user table, example if you add type column the value set default super admin,moderator, user. Now you can check the login authentication with this column.If user-name and password and type is equal redirect to particular page.so you can redirect different page depends upon the user type..