I'm creating a website which allows users to register an account and login with it. Now, I would like for them to be able to update their particulars like username and email. I've followed a guide here as I happened to be using the same code as him in register.php however it did not work. I'm quite a beginner in php so please bear with me! Help is appreciated.
register.php
<?php
if(!empty($_POST['username']) && !empty($_POST['password']))
{
$username = mysql_real_escape_string($_POST['username']);
$password = md5(mysql_real_escape_string($_POST['password']));
}
$email = mysql_real_escape_string($_POST['email']);
$checkusername = mysql_query("SELECT * FROM users WHERE username = '".$username."'");
if(mysql_num_rows($checkusername) == 1)
{
echo "<h1>Error</h1>";
echo "<p>Sorry, that username is taken. Please go back and try again.</p>";
}
else
{
$registerquery = mysql_query("INSERT INTO users (username, password, email) VALUES('".$username."', '".$password."', '".$email."')");
if($registerquery)
{
echo "<h1>Success</h1>";
echo "<p>Your account was successfully created. Please click here to login.</p>";
}
else
{
echo "<h1>Error</h1>";
echo "<p>Sorry, your registration failed. Please go back and try again.</p>";
}
}
?>
<h1>Register</h1>
<p>Please enter your details below to register.</p>
<form method="post" action="register.php" name="registerform" id="registerform">
<fieldset>
<label for="username">Username:</label><input type="text" name="username" id="username" /><br />
<label for="password">Password:</label><input type="password" name="password" id="password" /><br />
<label for="email">Email Address:</label><input type="text" name="email" id="email" /><br />
<input type="submit" name="register" id="register" value="Register" />
</fieldset>
</form>
</div>
</body>
</html>
When I enter editprofile.php, the page is blank. this is my editprofile.php
<?php
include "base.php";
session_start();
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['username']))
{
$nameuser = $_SESSION['username'];
$checkinfo = mysql_query("SELECT * FROM users WHERE username = '$nameuser'");
while($results = mysql_fetch_array($checkinfo,MYSQL_ASSOC)) {
$id = $results['id'];
$username = $results['username'];
$email = $results['email'];
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$editNAME=$_POST['username'];
$editEMAIL=$_POST['email'];
$editID=$_POST['id'];
$editquery = mysql_query("UPDATE users SET username='$editNAME' , email='$editEMAIL' WHERE id='$editID'");
if($editquery)
{
echo "<b>Success!</b>";
echo "Your profile was successfully updated. Please click here to view.";
}
else
{
echo "<b>Error</b>";
echo "<p>Sorry, your profile update failed. Please go back and try again.</p>";
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Edit Profile</title>
<link rel="stylesheet" href="styles.css" type="text/css" />
</head>
<body>
<form method="post" action="editprofile.php" name="editform" id="editform">
<p>Username: <input type="text" name="username" id="username" value="<?php echo $username; ?>" /></p>
<p>Email Address : <input type="email" name="email" id="email" value="<?php echo $email; ?>"></p>
<input type="submit" name="save" value="Save"/>
<input type="hidden" name="id" value="<?php echo $id; ?>" />
</form>
</body>
<?php
include "base.php";
session_start();
?>
<?php
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['username']))
{
$nameuser = $_SESSION['username'];
$checkinfo = mysql_query("SELECT * FROM users WHERE username = '$nameuser'");
while($results = mysql_fetch_array($checkinfo,MYSQL_ASSOC)){
$id = $row['id'];
$username = $row['username'];
$email = $row['email'];
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$editNAME=$_POST['username'];
$editEMAIL=$_POST['email'];
$editID=$_POST['id'];
$editquery = mysql_query("UPDATE users SET username='$editNAME' , email='$editEMAIL' WHERE id='$editID'");
if($editquery)
{
echo "<b>Success!</b>";
echo "Your profile was successfully updated. Please click here to view.";
}
else
{
echo "<b>Error</b>";
echo "<p>Sorry, your profile update failed. Please go back and try again.</p>";
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Edit Profile</title>
<link rel="stylesheet" href="styles.css" type="text/css" />
</head>
<body>
<form method="post" action="editprofile.php" name="editform" id="editform">
<p>Username: <input type="text" name="username" id="username" value="<?php echo $username; ?>" /></p>
<p>Email Address : <input type="email" name="email" id="email" value="<?php echo $email; ?>"></p>
<input type="submit" name="save" value="Save"/>
<input type="hidden" name="id" value="<?php echo $id; ?>" />
</form>
</body>
you try this....
Not 100% sure but you try..
Related
This is really weird because all of my other email activation form is working when I include the !isset function but not for this file.
I even tried to echo all the get variables and everything seems to be working fine...
<?php
include_once __DIR__ .'/../header2.php';
if (!isset($_GET['email']) || !isset($_GET['userid']) || !isset($_GET['id']) || !isset($_GET['reply_registration_expirydate'])) {
echo "<meta http-equiv='refresh' content='0;url=../index.php?activate=missinglink'>";
exit();
} else {
include_once __DIR__.'/dbh.php';
$reply = 0;
$email = strip_tags($_GET['email']);
$username = strip_tags($_GET['userid']);
$userid = strip_tags($_GET['id']);
$reply_registration_expirydate = strip_tags($_GET['reply_registration_expirydate']);
if (empty($_SESSION['key'])) {
$_SESSION['key'] = base64_encode(openssl_random_pseudo_bytes(32));
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
<link href="https://fonts.googleapis.com/css?family=Lobster"
rel="stylesheet">
<link rel="stylesheet"
type="text/css"
href="style.css">
</head>
<body>
<div class="reply_registration">
<h2>Reply Registration against spam</h2>
</div>
<div class="reply_registration">
<form class="signup-form" action="../reply_registration_form.php" method="POST">
<label>Why do you want to join PianoCourse101?</label>
<br></br>
<textarea name="joined" placeholder="Why do you want to join PianoCourse101?"></textarea>
<br></br>
<input type="hidden" name="username" value="<?php echo htmlspecialchars($username); ?>">
<br></br>
<input type="hidden" name="email" value="<?php echo htmlspecialchars($email); ?>">
<br></br>
<input type="hidden" name="expirydate" value="<?php echo htmlspecialchars($reply_registration_expirydate); ?>">
<br></br>
<input type="hidden" name="csrf" value="<?php echo $_SESSION['key']; ?>">
<button type="submit" name="submit">Submit Reply Registration</button>
</form>
Hello guys the below code doesn't work and redirect me to the admin index page .
Please note that , database connection is established successfully, when i enter the data on the login page , it doesn't direct me to the adminindex page after successful login , instead the page is refreshed to the same page 'test.php', and prints the failure message of 'That information is incorrect'
<?php
session_start();
if (isset($_POST['email']) && isset($_POST['password']) &&
isset($_POST['pincode'])) {
$email=$_POST['email'];
$pass=$_POST['password'];
$pin=$_POST['pincode'];
include('db_conx.php');
$sql = "SELECT admin_id FROM admin WHERE email='$email' AND password='$pass'
AND pincode='$pin' LIMIT 1";
$query=mysqli_query($dbc,$sql);
$line = mysqli_num_rows($query);
if ($line == 1){
while($row=mysqli_fetch_array($query)){
$id = $row['admin_id'];
}
$_SESSION['admin_id']=$id;
$_SESSION['email']=$email;
$_SESSION['pincode']=$pin;
header("Location: adminindex.php");
exit();
}else {
echo 'That information is incorrect, try again Click Here';
exit();
}
}
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head></head>
<body>
<h1>Welcome to Admin page login</h1>
<br>
<form id="form1" name="form1" method="post" action="test.php">
Email:<br />
<input name="email" type="text" id="email" size="40" />
<br /><br />
Password:<br />
<input name="password" type="password" id="password" size="40" />
<br>
<br /><br />
Pincode :<br />
<input name="pincode" type="number" id="pincode" size="40" />
<br>
<input type="submit" name="button" id="button" value="Log In" />
</form>
</body>
</html>
I'm pretty new to php and have been trying to create a site using it. I have created a login page and am trying to provide the option to create a new user by inserting a username & pass into the DB. I feel like this is something simple that I'm missing but i'm not sure so hopefully someone can help :)
php ~
<?php
session_start();
unset($_SESSION["currentUser"]);
unset($_SESSION["currentUserID"]);
if (isset($_POST["action"]) && $_POST["action"]=="create") {
$formUserC=$_POST["name"];
$formPassC=$_POST["pword"];
include("dbConnect.php");
$dbQuery=$db->prepare("select * from users");
$newAcc = "INSERT INTO users (username, password) VALUES ('$formUserC', '$formPassC')";
if($newAcc){
echo "<p>Your account was successfully created.";
}
else{
echo "<p>Error</p>";
}
}
if (isset($_POST["action"]) && $_POST["action"]=="login") {
$formUser=$_POST["username"];
$formPass=$_POST["password"];
include("dbConnect.php");
$dbQuery=$db->prepare("select * from users where username=:formUser");
$dbParams = array('formUser'=>$formUser);
$dbQuery->execute($dbParams);
$dbRow=$dbQuery->fetch(PDO::FETCH_ASSOC);
if ($dbRow["username"]==$formUser) {
if ($dbRow["password"]==$formPass) {
$_SESSION["currentUser"]=$formUser;
$_SESSION["currentUserID"]=$dbRow["id"];
if (isset($_SESSION["homePage"]))
header("Location: addToBasket.php");
else header("Location: homePage.html");
}
else {
header("Location: login.php?failCode=2");
}
} else {
header("Location: login.php?failCode=1");
}
} else {
?>
html (mostly) ~
<html >
<head>
<meta charset="UTF-8">
<title>Flat HTML5/CSS3 Login Form</title>
<link rel="stylesheet" href="css/loginstyle.css">
</head>
<body>
<div class="login-page">
<div class="form">
<form class="register-form" name="create" method="post" action="login.php">
<input type="text" name="name" placeholder="name"/>
<input type="password" name="pword" placeholder="pword"/>
<input type="hidden" name="action" value="create">
<input type="submit" value="create"/>
<p class="message">Already registered? Sign In</p>
</form>
<form name="login" method="post" action="login.php">
<input type="text" name="username" placeholder="username"/>
<input type="password" name="password" placeholder="password"/>
<input type="hidden" name="action" value="login">
<input type="submit" value="login"/>
<p class="message">Not registered? Create an account</p>
</form>
<?php
if (isset($_GET["failCode"])) {
if ($_GET["failCode"]==1)
echo "<h3 style='color:red;'>Invalid username entered</h3>";
if ($_GET["failCode"]==2)
echo "<h3 style='color:red;'>Invalid password entered</h3>";
}
?>
</div>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
<script src="js/loginindex.js"></script>
</body>
</html>
<?php
}
?>
P.S. some of it's code I nabbed from others. Thanks in advance.
when I insert data using the code I got the message that you are registered successfully i.e. data is inserted into table but I am unable to find data in my local database.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Registration</title>
<link rel="stylesheet" href="css/style.css" />
</head>
<body>
<?php
require('db.php');
if (isset($_REQUEST['username'])) {
$username = "username";
$email = "email";
$password = "password";
$trn_date = date("Y-m-d H:i:s");
$query = "INSERT into `users` (username, password, email, trn_date)
VALUES ('$username', '".md5($password)."', '$email', '$trn_date')";
$result = mysqli_query($con, $query);
if($result) {
echo "<div class='form'>
<h3>You are registered successfully.</h3>
<br/>Click here to <a href='login.php'>Login</a></div>";
}
} else {
?>
<div class="form">
<h1>Registration</h1>
<form name="registration" action="" method="post">
<input type="text" name="username" placeholder="Username" required />
<input type="email" name="email" placeholder="Email" required />
<input type="password" name="password" placeholder="Password" required />
<input type="submit" name="submit" value="Register" />
</form>
</div>
<?php }
?>
</body>
</html>
You have to learn more about php before you can ask.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Registration</title>
<link rel="stylesheet" href="css/style.css" />
</head>
<body>
<?php
require('db.php');
if (isset($_POST['username'])){
$username= $_POST["username"];
$email = $_POST["email"];
$password = $_POST["password"];
$trn_date = date("Y-m-d H:i:s");
$query = "INSERT into `users` (username, password, email, trn_date)
VALUES ('$username', '".md5($password)."', '$email', '$trn_date')";
$result = mysqli_query($con,$query);
if($result){
echo "<div class='form'>
<h3>You are registered successfully.</h3>
<br/>Click here to <a href='login.php'>Login</a></div>";
}
}else{
?>
<div class="form">
<h1>Registration</h1>
<form name="registration" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<input type="text" name="username" placeholder="Username" required />
<input type="email" name="email" placeholder="Email" required />
<input type="password" name="password" placeholder="Password" required />
<input type="submit" name="submit" value="Register" />
</form>
</div>
<?php } ?>
</body>
</html>
Several issues:
The action tag in the <form> is empty. It works but you should specify the script name.
You assign to $username, $email and $password the wrong values. They should receive the value from $_REQUEST.
mysqli_query returns TRUE when there was an error. Therefore you get the message displayed it was successful.
Check the MySQL error and then you have the solution for your problem.
My code is below. It's working fine, but i want it not to display form again after the errors were found. How can it be done?
This is a single page, username validation program i just want to know why form is displayed again after, and how will i solve it.
<?php require'function.php'; ?>
<?php
$errors = array();
$username = "";
$password = "";
$msg = "Please Log in.";
?>
<?php if (isset($_POST['submit']))
{
$username = $_POST['username'];
$password = $_POST['password'];
if($username != "rish" && $password != "password"){
$msg = "Try again.";
$errors['cred'] = "Wrong Credentials.";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Single Page Form</title>
</head>
<body>
<?php
echo display_error($errors);
?>
<?php echo $msg ?>
<form action="singleform.php" method="post">
Username: <input type="text" name="username" value="<?php echo htmlspecialchars($username); ?>"><br>
Password: <input type="password" name="password" value="<?php echo "" ?>"><br>
<input type="submit" name="submit" value="Submit">
</form>
</body>
</html>
You can do verifying if the $_POST data is empty. If was not empty, the users just load the page.
Can be do like code below:
<?php if(empty($_POST)):?>
<form action="singleform.php" method="post">
Username: <input type="text" name="username" value="<?php echo htmlspecialchars($username); ?>"><br>
Password: <input type="password" name="password" value="<?php echo "" ?>"><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php endif;?>
user isset ,, if the error initializes then it won't be displayed
<? if (!isset($errors['cred'])) { ?>
<form action="singleform.php" method="post">
Username: <input type="text" name="username" value="<?php echo htmlspecialchars($username); ?>"> <br>
Password: <input type="password" name="password" value="<?php echo "" ?>"><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php } ?>