I am trying to make a comments section, where people can comment stuff on my webpage.
All the comments get to a database. Alle that works fine.
The only problem I have is, when i have commented some stuff and reload the webpage it comment the same thing again.
Is there a if statement or something to prevent this?
while ($info = mysql_fetch_array($result)){
echo '<div style="border-style: solid; border-color: #808080; border-width: thin">
<div style="width: 1%"><p style="font-size: 10px; margin: 0px">'.$info['Navn'].'</p></div>
<p>'.$info['Besked'].'</p>
</div>';
}
if (isset($_POST['navn']) && isset($_POST['besked']) && isset($_POST['submit'])) {
$navn2 = $_POST['navn'];
$besked2 = $_POST['besked'];
$data = "INSERT INTO `tester`.`davs` (`Navn`, `Besked`) VALUES ('$navn2', '$besked2');";
$resultalt = mysql_query($data);
if ($resultalt) {
echo "$resultat";
}else{
echo "$resultat";
}
mysql_close();
}
?>
<form action="database.php" method="post" id="commentform">
<label for="comment_author" class="required">Your name</label>
<input type="text" name="navn" id="comment_author" value="" tabindex="1" required="required">
<label for="comment" class="required">Your message</label>
<textarea name="besked" id="comment" rows="10" tabindex="4" required="required"></textarea>
<input type="hidden" name="comment_post_ID" value="1" id="comment_post_ID" />
<input name="submit" type="submit" value="Submit comment" />
</form>
my php code:
http://pastebin.com/bQ7c1MPD
my inputs:
http://pastebin.com/P9uc6Hhz
Use tokens in your HTML form:
<input type="hidden" name="token" value="<?=$_SESSION['token'] = uniqid(); ?>" />
This require this at the top of the PHP script (before any output):
session_start();
For validation:
if(isset($_POST['submit']) && $_POST['token'] == $_SESSION['token']))
Full code: PHP | Form
Related
I have an form with submit button as follows in html :-
<div style="display: flex;">
<form name="myform"method="post" action="usdbtc.php" style="float:left;">
<div id="log_err"> <strong><?php if(isset($logerror)) { echo $logerror; } else { $dn = 'dn'; } ?></strong> </div>
<p><label style="float: left;">Price:</label><input class="input101" style="float: left;" type="text" name="username" id="box1" oninput="calculate()"><label style="float: right;">: BTC</label><input class="input101" style="float: right;" type="text" name="username" id="box2" oninput="calculate()">
<br><input class="input101" style="float: right;" type="text" name="username" id="result"><br><label style="padding: 10px;">Total BTC:</label>
<td rowspan="2">
<input type="hidden" id="myform" value="1"/>
<br><span class="orderbutton" type="submit" id="ordersell" onclick="myform.submit()">SELL</span></p>
</td>
</form>
<form name="yourform"method="post" action="usdbtc.php" style="float:right;">
<p><label style="float: left;">Price:</label><input class="input101" style="float: left;" type="text" name="username" id="box3" oninput="calculate()"><label style="float: right;">: BTC</label><input class="input101" style="float: right;" type="text" name="username" id="box4" oninput="calculate()">
<br><input class="input101" style="float: right;" type="text" name="username" id="resul"><br><label style="padding: 10px;">Total BTC:</label>
<td rowspan="2">
<input type="hidden" id="yourform" value="1"/>
<br>
<span class="orderbutton" type="submit" id="orderbuy" onclick="yourform.submit()">BUY</span></p>
</td>
</form>
</div>
And to check whether user clicked 'SELL' button i do in php :-
if($_POST['myform']){
echo 'yes';
}
else {
echo 'no';
}
I am always getting no after clicking button, is there anything wrong that I haved coded in the html or php part? Help is appreciated.. I just want to get the part for php
if($_POST['?']) {...
Remember there are two forms in the page with each having name and hidden input id.
<input type="hidden" id="myform" value="1"/>
Change id attribute to name
<input type="hidden" name="myform" value="1">
And there's a missing space in form tag
I have issue with my login page, when I add my code don't display any action.
please see the below
Index.html
<form >
<fieldset style="width:355;">
<legend></legend>
<div id="Form">
<br><p><b> Log in</b></p>
<br>
</div>
<div class="col1 pad_left1">
<form name="logForm" onsubmit="return log()" action="log_exe.php" method="POST" >
<label style="font-size:100%;" >Email:</label> </br>
<input type="text" name="email1" placeholder="user#hotmail.com" id="email1" style="border:1px solid black; width:80%;" /> <b style="color:red;">*</b> </br><br>
<label style="font-size:100%;" > password:</label> </br>
<input type="password" name="pass1" placeholder="Password" id="pass1" style="border:1px solid black; width:80%;" /> <b style="color:red;">*</b>
<b style="display:none; color:red;" id="hide1">Sorry !! Wrong username or password</b>
</br>
<br>
<input style="font-size:120%;width:40%;padding:1%" type="submit" value="Log in" name="login" /></br><br>
</form>
</div>
</fieldset>
</form>
log_exe.php
<?php
session_start();
$DB_HOST = 'localhost';
$DB_USER = 'root';
$DB_PASSWORD = '';
$DB_DATABASE = 'la';
$con=mysql_connect($DB_HOST,$DB_USER,$DB_PASSWORD);
if(!$con)
{
die('Failed to connect to server: '.mysql_error());
}
$db=mysql_select_db($DB_DATABASE);
if(!$db)
{
die("Unable to select database");
}
$email =$_POST['email1'];
$pass =$_POST['pass1'];
$qry="SELECT Email FROM user WHERE Email='".$email."' AND Password='".$pass."';";
$qry2="SELECT email FROM Admin WHERE email='".$email."' AND password='".$pass."';";
$result=mysql_query($qry);
$result2=mysql_query($qry2);
if(mysql_num_rows($result) == 1)
{
$admin = mysql_fetch_assoc($result);
$_SESSION['Email'] = $admin['Email'];
header("location: schedule.php?Email=".$admin['Email']);
exit();
}
if(mysql_num_rows($result2) == 1)
{
$admin = mysql_fetch_assoc($result2);
$_SESSION['Email'] = $admin['Email'];
header("location: controlpanel.php?Email=".$admin['Email']);
exit();
}
else
{
die ("<script> window.confirm(\"Sorry !! Wrong username or password !!\");</script> <a href='index.html#!/page_Schedule'>Click here</a> to return to login page");
}
?>
My problem is my website don't gave me response , when I enter email and pass the page is refresh to other page and the link became like this
http://localhost/myfolder/index.html?email1=user%40hotmail.com&pass1=123&login=Log+in#.php
Thank you for your response
remove these <form > </form> tag and you can see your action. your code will be like below
<fieldset style="width:355;">
<legend></legend>
<div id="Form">
<br><p><b> Log in</b></p>
<br>
</div>
<div class="col1 pad_left1">
<form name="logForm" onsubmit="return log()" action="log_exe.php" method="POST" >
<label style="font-size:100%;" >Email:</label> </br>
<input type="text" name="email1" placeholder="user#hotmail.com" id="email1" style="border:1px solid black; width:80%;" /> <b style="color:red;">*</b> </br><br>
<label style="font-size:100%;" > password:</label> </br>
<input type="password" name="pass1" placeholder="Password" id="pass1" style="border:1px solid black; width:80%;" /> <b style="color:red;">*</b>
<b style="display:none; color:red;" id="hide1">Sorry !! Wrong username or password</b>
</br>
<br>
<input style="font-size:120%;width:40%;padding:1%" type="submit" value="Log in" name="login" /></br><br>
</form>
</div>
</fieldset>
Remove the unwanted form from your index.html. ie modify the code like the following:
<fieldset style="width:355;">
<legend></legend>
<div id="Form">
<br><p><b> Log in</b></p>
<br>
</div>
<div class="col1 pad_left1">
<form name="logForm" onsubmit="return log()" action="log_exe.php" method="POST" >
<label style="font-size:100%;" >Email:</label> </br>
<input type="text" name="email1" placeholder="user#hotmail.com" id="email1" style="border:1px solid black; width:80%;" /> <b style="color:red;">*</b> </br><br>
<label style="font-size:100%;" > password:</label> </br>
<input type="password" name="pass1" placeholder="Password" id="pass1" style="border:1px solid black; width:80%;" /> <b style="color:red;">*</b>
<b style="display:none; color:red;" id="hide1">Sorry !! Wrong username or password</b>
</br>
<br>
<input style="font-size:120%;width:40%;padding:1%" type="submit" value="Log in" name="login" /></br><br>
</form>
</div>
</fieldset>
I wanted to make a search form with GET but there seems to be a problem. The page you are looking at has other GET values too but it seems that the GET method clears the URL from variabels en goes like "?q=SEARCH" instead of "?p=Test&u=Bart&q=SEARCH".
This is the form code I'm using:
<form method="GET" action="test.php?p=glistentries&maingroup=<? echo $MainGroupID ?>&subgroup=<? echo $SubGroupID ?>">
<input type="text" class="form-control" id="focusedinput" value="<? echo $_GET['q']; ?>"
name="q" autocomplete="off" class="col-sm-4 control-label" placeholder="Search...">
<input type="submit" style="position: absolute; left: -9999px; width: 1px; height: 1px;"/>
</form>
Solved It
Thanks guys, forgot I can simply do this with hidden fields
Add the additional GET vars as hidden inputs:
<input type="hidden" name="p" value="Test">
Use input type hidden :
<form method="GET" action="test.php">
<input type="text" class="form-control" id="focusedinput" value="<? echo $_GET['q']; ?>" name="q" autocomplete="off" class="col-sm-4 control-label" placeholder="Search...">
<input type="submit" style="position: absolute; left: -9999px; width: 1px; height: 1px;"/>
<input type="hidden" name="p" value="glistentries" />
<input type="hidden" name="maingroup" value="<? echo $MainGroupID ?>" />
<input type="hidden" name="subgroup" value="<? echo $SubGroupID ?>" />
</form>
This is my html code:
<form style="width: 20%; margin: auto;" action="subscribe.php" method="post" id="subscribeToNews">
<fieldset>
<legend>Subscribe:</legend>
<label for="subName">First Name:</label><br /><input type="text" id="subName" name="subName" /><br />
<label for="subEmail">Email:</label><br /><input type="text" id="subEmail" name="subEmail" /><br />
<input style="width: inherit;" type="submit" value="Subscribe" />
</fieldset>
</form>
This is the subscribe.php file:
<?php
$con = mysqli_connect('95.76.197.98','root','','accounts');
print_r($_POST);
if (isset($_POST["subName"]) && isset($_POST["subEmail"])){
$subUser = $_POST["subName"];
$subEmail = $_POST["subEmail"];
echo "$subUser"."<br />"."$subEmail";
}
?>
I have really tried a lot of things out there on the Internet and nothing seems to work for me. Any ideas?
Also looks like the get method works for this...
Could by related to your nginx configuration.
Try:
$post = file_get_contents("php://input");
This should work:
<form style="width: 20%; margin: auto;" action="subscribe.php" method="post" id="subscribeToNews">
<fieldset>
<legend>Subscribe:</legend>
<label for="subName">First Name:</label><br /><input type="text" id="subName" name="subName" /><br />
<label for="subEmail">Email:</label><br /><input type="text" id="subEmail" name="subEmail" /><br />
<input style="width: inherit;" type="submit" value="Subscribe" />
</fieldset>
</form>
<?php
$con = mysqli_connect('95.76.197.98','root','','accounts');
if($_POST) {
$subName = mysqli_real_escape_string($con, strip_tags($_POST['subName']));
$subEmail = mysqli_real_escape_string($con, strip_tags($_POST['subEmail']));
if(isset($subName) && !empty($subName) && isset($subEmail) && !empty($subMail)) {
echo 'Name: '.$subName.'<br> Email: '.$subEmail;
}
}
?>
I'm trying to pre-populate my form values with variables passed through the URL.I've tried many different solutions, sometimes I don't get an error, the variable just doesn't show up. Any help is appreciated, thanks!
URL Example: website.com/?firstname=john
Code:
<html>
<script type="text/javascript">
function writeform(){
selobj = document.getElementById('selform');
newobj = document.getElementById('newform');
p = document.getElementById('menu').selectedIndex + 1;
a = document.getElementById('menu2').selectedIndex + 1;
if((p < 14 && (a == 1 || a == 2 || a == 3 ||a == 4)) { // write the 1st form
txt = 'Person 1: '+'<input type="text"/><br/>';
txt += 'Person 2: '+'<input type="text"/>';
} else {
document.getElementById('div1').style.display='block';
}
// if(p==2 && a==1){ // write the 2nd form
// txt ='Name: '+'<input type="text"/><br/>';
// txt+='Addr: '+'<input type="text"/>';}
newobj.innerHTML=txt;selobj.style.display='block';
}
</script>
<div style="width: 400px; float:left;"> <?php echo $_GET["firstname"]; ?></div>
<div style="width: 400px; float: left;"> <!-- Primary Div-->
<p style="font-size: 16px; font-weight: bold;">Select Something</p>
<div class="fancy3">
<table style="width:350px; height=350px">
<tr>
<td>
<select id="menu" size="14">
<option selected="selected"><b>--- Common Options ---</b></option>
<option></option> //NY
</select>
<br/>
<p style="font-size: 16px; font-weight: bold;">Range</p>
<div class="fancy3">
<table style="width:350px; height=350px">
<tr>
<td>
<select id="menu2" size="4">
<option selected="selected">1</option>
<option>2</option>
<option>3</option>
<option>4</option>
</select>
<br/>
</td>
<td>
<div id="selform" style="display:none">
<fieldset>
<div id="newform"></div>
</fieldset>
</div>
</td>
</tr>
</table>
</div>
<br/>
<button onclick="writeform();">Search</button></td>
<td>
<div id="selform" style="display:none">
<fieldset>
<div id="newform"></div>
</fieldset>
</div>
</td>
</tr>
</table>
</div>
</div> <!-- Primary Div closing tag-->
<!-- of Field-Specific Forms-->
<div id="div1" style="display:none;">
<form action="http://site1.com/upload" method="get">
First Name: <input name="fname" type="text" value="" />
Last Name: <input name="lname" type="text" />
Address: <input name="address" type="text" />
Zip Code: <input name="zip" type="text" />
State: <input name="state" type="text" />
<input type="submit" />
</form>
</div>
<div id="div1" style="display:none;">
<?php
$firstname = $_GET["firstname"];
?>
<form action="http://site1.com/upload" method="get">
First Name: <input name="fname" type="text" value="<?php $firstname = $_GET["firstname"]; echo "$firstname"; ?>" />
Last Name: <input name="lname" type="text" />
Address: <input name="address" type="text" />
Zip Code: <input name="zip" type="text" />
State: <input name="state" type="text" />
<input type="submit" />
</form>
</div>
<?php $firstname = $_GET["firstname"]; echo "$firstname"; ?>
</html>
Test that what you get in $_GET variable by using var_dump($_GET), then use:
echo isset($_GET["firstname"]) ? $_GET["firstname"] : "";
Firstly use print_r($_GET) at the begining of the file to check wether you have the parameters passed.
Then you might want to clean up that mess, because defining $firstname 3 times with the same value just to echo it out makes no sense.
Secondly, you would really like to change those action url as I'm pretty sure it's wrong:
<form action="http://site1.com/upload" method="get">
Thirdly, your input names are name="fname" meanwhile using firstname in $_GET. Not really sure if you will ever relate these two but, whatever.
Some advices:
learn to write code quite more readable than this.
go to jQuery.com and do some research, as it really helps you write less , do more.
CSS doesn't use equal (=) sign as value setter , which in your case is height=350px when it should be height: 350px;.
Give elements some ID's or Classes and use some .css files , it will clean your code more than you can imagine.
You had started wrongly, that's why URL doesn't appering
<script type="text/javascript">
function writeform(){
selobj=document.getElementById('selform');
newobj=document.getElementById('newform');
p=document.getElementById('menu').selectedIndex+1;
a=document.getElementById('menu2').selectedIndex+1;
if((p<14 && (a==1 || a==2 || a==3 ||a==4)){ // write the 1st form
txt ='Person 1: '+'<input type="text"/><br/>';
txt+='Person 2: '+'<input type="text"/>';} else {
document.getElementById('div1').style.display='block';
}
// if(p==2 && a==1){ // write the 2nd form
// txt ='Name: '+'<input type="text"/><br/>';
// txt+='Addr: '+'<input type="text"/>';}
newobj.innerHTML=txt;selobj.style.display='block';}
</script>
<body>
<form action="http://site1.com/upload" method="get">
<?php echo $_GET["firstname"]; ?>
<p style="font-size: 16px; font-weight: bold;">Select Something</p>
<div class="fancy3"><table style="width:350px; height=350px">
<tr><td><select id="menu" size="14">
<option selected="selected"><b>--- Common Options ---</b></option>
<option></option> //NY
</select><br/>
<p style="font-size: 16px; font-weight: bold;">Range</p>
<div class="fancy3"><table style="width:350px; height=350px">
<tr><td><select id="menu2" size="4">
<option selected="selected">1</option>
<option>2</option>
<option>3</option>
<option>4</option></select><br/>
</td>
<td><div id="selform" style="display:none">
<fieldset><div id="newform"></div></fieldset></div>
</td></tr></table></div>
<br/>
<button onclick="writeform();">Search</button></td>
<td><div id="selform" style="display:none">
<fieldset><div id="newform"></div></fieldset></div>
</td></tr></table></div>
</div> <!-- Primary Div closing tag-->
<!-- of Field-Specific Forms-->
<div id="div1" style="display:none;">
<form action="http://site1.com/upload" method="get">
First Name: <input name="fname" type="text" value="" />
Last Name: <input name="lname" type="text" />
Address: <input name="address" type="text" />
Zip Code: <input name="zip" type="text" />
State: <input name="state" type="text" />
<input type="submit" />
</form>
</div>
<div id="div1" style="display:none;">
<?php
$firstname = $_GET["firstname"];
?>
First Name: <input name="fname" type="text" value="<?php $firstname = $_GET["firstname"]; echo "$firstname"; ?>" />
Last Name: <input name="lname" type="text" />
Address: <input name="address" type="text" />
Zip Code: <input name="zip" type="text" />
State: <input name="state" type="text" />
<input type="submit" />
</form>
</div>
<?php $firstname = $_GET["firstname"]; echo "$firstname"; ?>
</body>
</html>
A couple of problems that I'm seeing here ... for one you have multiple elements with the same id (see id="selform").
To load get variable into a text input the pattern is like this:
<input type='text' name='fieldname' value='<?= isset($_GET['field'])?$_GET['field']:"") ?>'/>
for a checkbox or radio control it is like this
<input type='checkbox' name='fieldname' value='myval' <?= isset($_GET['field']) && $_GET['field'] == 'myval'?"checked=\"checked\"":"") />
for select boxes it you do this:
<select name='fieldname'>
<option value='myval' <?= isset($_GET['field']) && $_GET['field'] == 'myval'?"selected=\"selected\":"" ?>>My Val Label</option>
<option value='myval2' <?= isset($_GET['field']) && $_GET['field'] == 'myval2'?"selected=\"selected\":"" ?>>My Val2 Label</option>
</select>
Here is a nifty select box function that will allow you too more concisely output a select in your code (i find the check with every element a little tedious)
function showSelect($name, $options, $selected, $attr = array()){
$str = "<select name='".$name.'"';
foreach($attr as $name=>$val){
$str.= " ".$name."='".$val."'";
}
$str.=">";
foreach($options as $k=>$val){
$str.= "<option value='".$val."'".($val==$selected?" selected='selected'":"").">".$k.'</option>';
}
$str.="</select>";
}
and you can use it like this...
$days = array();
for($d = 1; $x<=31; $x++){
$days[(string)$d] = (string)$d;
}
echo showSelect("formDays", $days, $_POST["formDays"], array("id"=>"formDays"))