I have a registration form that the user enters data in. Then after it is posted to the same page and checked for null fields, the variables are put in the $_SESSION array and the user is directed to another form to enter another set of data in a table. After posting those variables, the variables from the previous page are extracted from $_SESSION and the new values are checked for null entries. After they are checked in a for loop, php script mysteriously stops (die("<h1> GOT HERE! </h1>") no longer appears on the screen) and the page keeps loading. After waiting for a while the page reloads itself.
I've been using die() for a while now to find the error, but it just doesn't echo between the for-loop and the if statement, and there is no apparent reason why it shouldn't. Here have a look:
<?php
session_start();
function sanitize($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if($_SESSION["registering"] != 1){
die("This page is to be used only when registering. Go to home page and select the seminar you want and click Register");
}else if($_SESSION["registered"] == 1){
die("You have already registered. Thank you. You can no longer access this page. To view your registration report, click here. ");
}else{
$id = sanitize($_SESSION["id"]);
$attendees = sanitize($_SESSION["attendees"]);
$ref_code = sanitize($_SESSION["Ref_Code"]);
$email = sanitize($_SESSION["email"]);
$prefix = sanitize($_SESSION["prefix"]);
$first_name = sanitize($_SESSION["first_name"]);
$last_name = sanitize($_SESSION["last_name"]);
$company = sanitize($_SESSION["company"]);
$address1 = sanitize($_SESSION["address1"]);
$address2 = sanitize($_SESSION["address2"]);
$user_city = sanitize($_SESSION["city"]);
$phone = sanitize($_SESSION["phone"]);
$responsibility = sanitize($_SESSION["responsibility"]);
$who_referred = sanitize($_SESSION["who-referred"]);
$role = sanitize($_SESSION["role"]);
$server = "MYREAL_DATABASE_SERVER";
$username = "CORRECT_USERNAME";
$password = "CORRECT_PASSWORD";
$dbname = "DB_NAME";
$conn = new mysqli($server, $username, $password, $dbname);
$query = "
SELECT *
FROM Seminar_Detail
WHERE Detail_id = '". $id ."'
";
$result = $conn->query($query);
if($result->num_rows == 0 ){
header("Location: ManagementSeminars.php");
}
$seminar = $result->fetch_assoc();
$name = $seminar["Seminar_Name"];
$city = $seminar["City"];
$from = $seminar["From"];
$to = $seminar["To"];
$fee = '';
$query = "SELECT Value FROM Fee WHERE Seminar_Name = '". $name ."' AND Currency = 'GBP'";
$result = $conn->query($query);
if($result->num_rows > 0){
$row = $result->fetch_assoc();
$fee = $row["Value"];
}
if($_SERVER["REQUEST_METHOD"] == "POST"){
$terminate = 0;
for($i = 1; i < ($attendees + 1); $i++){
if(isset($_POST["prefix-".$i]) && isset($_POST["first_name-".$i]) && isset($_POST["last_name-".$i]) && isset($_POST["position-".$i])){
$terminate = 0;
}else{
$terminate = 1;
}
}
die("<h1>".$terminate."</h1>");
if($terminate != 1){
$server = "SERVER";
$username = "USERNAME";
$password = "PASSWORD";
$dbname = "DBNAME";
$conn = new mysqli($server, $username, $password, $dbname);
$query = "
INSERT INTO Registry (Seminar_Name, Number_Attendees, Email, Prefix, First_Name, Last_Name, Company, `Address 1`, `Address 2`, City, Phone, Responsibility, Role, Who_Referred, Ref_Code)
VALUES ('". $name ."', '". $attendees ."', '".$email."', '".$prefix."', '".$first_name."', '".$last_name."', '".$company."', '".$address1."', '".$address2."', '".$user_city."', '".$phone."', '".$responsibility."', '".$role."', '".$who_referred."', '".$ref_code."')
";
$conn->query($query);
//ignore this part please
/*$query = "SELECT Registry_ID FROM Registry WHERE Ref_Code = '". $_SESSION["Ref_Code"] ."'";
$result = $conn->query($query);
$row = $result->fetch_assoc();
$registry_id = $row["Registry_ID"];
$attendee_first_name = "";
$attendee_last_name = "";
$attendee_position = "";
$stmt = $conn->prepare("
INSERT INTO Attendee (First_Name, Last_Name, Position, Registry_ID)
Values (?, ?, ?, ?)
");
$stmt->bindParam("ssss", $attendee_first_name, $attendee_last_name, $attendee_position, $registry_id);
for($i = 1; $i < $_SESSION["attendees"] + 1; $i++){
$attendee_first_name = sanitize($_POST["first_name-".$i]);
$attendee_last_name = sanitize($_POST["last_name-".$i]);
$attendee_position = sanitize($_POST["position-".$i]);
$stmt->execute();
}*/
}else{
$errorMessage = "<div class='alert alert-danger alert-dismissable'>
<strong>Oops!</strong> You have not entered all values.
</div>";
}
}
}
?>
I am positive that it is not a syntax error. Any help is appreciated!
The problem might be in this line
for($i = 1; i < ($attendees + 1); $i++){
You missed $ sign in i. It should be:
for($i = 1; $i < ($attendees + 1); $i++){
Having used error reporting, would have signaled an undefined constant i notice.
Add error reporting to the top of your file(s) which will help find errors.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// rest of your code
Sidenote: Error reporting should only be done in staging, and never production.
Related
I have the error mentioned in the title. It occurs when I click the submit button on the form. Here is my form handle file (I don't think that its necessary to copy the form codes):
<?php
$servername = "localhost";
$username = "sabashel_sabaadm";
$password = "saba1365%karaj#*";
$dbname = "sabashel_saba";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$fname = $lname = $gender = $birthdate = $organization = $degree = $field = $address = $post_code = $mobile = $email = $check_1 = $check_2 = $check_3 = $check_4 = $check_5 = $check_6 = $check_7 = $check_8 "";
$check_9 = $check_10 = $check_11 = $check_12 = $check_13 = $description = $person_image = "";
if(isset($_POST['fname']) && isset($_POST['lname']) && isset($_POST['gender']) && isset($_POST['birthdate']) && isset($_POST['degree']) && isset($_POST['filed-of-study']) && isset($_POST['address']) && isset($_POST['post-code']) && isset($_POST['mobile']) && isset($_POST['email']) && isset($_POST['check-1']) && isset($_POST['check-2']) && isset($_POST['check-3']) && isset($_POST['check-4']) && isset($_POST['check-5']) && isset($_POST['check-6']) && isset($_POST['check-7']) && isset($_POST['check-8']) && isset($_POST['check-9']) && isset($_POST['check-10']) && isset($_POST['check-11']) && isset($_POST['check-12']) && isset($_POST['check-13']) && isset($_POST['description']) && isset($_POST['person-iamge'])){
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$gender = $_POST['gender'];
$birthdate = $_POST['birdthdate'];
$organization = $_POST['organization'];
$degree = $_POST['degree'];
$field = $_POST['field-of-study'];
$address = $_POST['address'];
$post_code = $_POST['post-code'];
$mobile = $_POST['mobile'];
$email = $_POST['email'];
$check_1 = $_POST['check-1'];
$check_2 = $_POST['check-2'];
$check_3 = $_POST['check-3'];
$check_4 = $_POST['check-4'];
$check_5 = $_POST['check-5'];
$check_6 = $_POST['check-6'];
$check_7 = $_POST['check-7'];
$check_8 = $_POST['check-8'];
$check_9 = $_POST['check-9'];
$check_10 = $_POST['check-10'];
$check_11 = $_POST['check-11'];
$check_12 = $_POST['check-12'];
$check_13 = $_POST['check-13'];
$description = $_POST['description'];
$person_image = $_POST['person-image'];
$iftest = true;
}
if ($iftest == true) {
$query = "INSERT INTO volunteer (fname, lname, gender, organization, degree, field, address, post_code, mobile, email, check_1, check_2, check_3, check_4, check_5, check_6, check_7, check_8, check_9, check_10, check_11, check_12, check_13, description, person_image, birthdate) VALUES ('$fname', '$lname', '$gender', '$organization', '$degree', '$field', '$address', '$post_code', '$mobile', '$email', '$check_1', '$check_2', '$check_3', '$check_4', '$check_5', '$check_6', '$check_7', '$check_8', '$check_9', '$check_10', '$check_11', '$check_12', '$check_13', '$description', '$person_image', '$birthdate')";
}
$result = mysqli_query($conn, $query);
if ($result) {
header('Location: http://sabashelter.com/success');
}
else {
header('Location: http://sabashelter.com/fail');
}
}
$conn->close();
?>
And to mention: I have the same exact problem with another page which does the same thing and tries to add a lot of values into the database using the same code. I'm wondering if the problem in this page solves, the same method can be done to the other page as well.
As #CBroe rightly says, check your log files first. It would appear that you are missing an = on line 14.
$fname = $lname = $gender = $birthdate = $organization = $degree = $field = $address = $post_code = $mobile = $email = $check_1 = $check_2 = $check_3 = $check_4 = $check_5 = $check_6 = $check_7 = $check_8 = "";
Furthermore, you have a stray } on line 60.
Your error log file will help you resolve these issues.
im still developing android my android project i really need help, my problem is i couldn't get the user id of the user that login in my system so when they put a record a user id will attached to it data .. i want to do this to output their own data in my system. hope someone could help. its only php code thank you someone who would help.
<?php
// Connection Details altered to hide actual values.
$con = mysqli_connect("localhost", "db_user", "db_password", "db_name");
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * FROM tbl_userinfo WHERE username = '$username' AND password='$password' LIMIT 1";
$res = mysqli_query($con,$sql);
$response = array();
$response["success"] = false;
$row = mysqli_fetch_array($res);
if(mysqli_num_rows($res)> 0){
$response["success"] = true;
session_start();
$_SESSION['user_id'] =$userID;
}
echo json_encode($response);
?>
thats for log in, here's for saving data..
<?php
session_start();
$userID ="";
// Connection Details altered to hide actual values.
$con = mysqli_connect("localhost", "db_user", "db_password", "db_name");
if(!isset($_SESSION['user_id'])){
$userID = $_SESSION['user_id'];
$checkdate = $_POST["checkdate"];
$checkno = $_POST["checkno"];
$datepaid = $_POST["datepaid"];
$clientname = $_POST["clientname"];
$bank = $_POST["bank"];
$amount = $_POST["amount"];
$status = "UNFINISHED";
$statement = mysqli_prepare($con, "INSERT INTO tbl_checkinfo (user_id,checkno, checkdate, datepaid, clientname, bank, amount, status) VALUES (?,?, ?, ?, ?,?,?,?)");
mysqli_stmt_bind_param($statement, "iissssis", $userID, $checkno, $checkdate, $datepaid, $clientname, $bank, $amount, $status);
mysqli_stmt_execute($statement);
$response = array();
$response["success"] = false;
if($statement){
$response["success"] = true;
}
echo json_encode($response);
}
?>
and for displaying user data.
<?php
// Connection Details altered to hide actual values.
$con = mysqli_connect("localhost", "db_user", "db_password", "db_name");
$checkdate = $_POST["checkdate"];
$checkno = $_POST["checkno"];
$datepaid = $_POST["datepaid"];
$clientname = $_POST["clientname"];
$bank = $_POST["bank"];
$amount = $_POST["amount"];
$status = "UNFINISHED";
$sql = "Select * from tbl_checkinfo";
$result = mysqli_query($con, $sql);
// $statement = mysqli_prepare($con, "Select * from tbl_checkinfo");
// mysqli_stmt_execute($statement);
// mysqli_stmt_store_result($statement);
// mysqli_stmt_bind_result($statement, $user_id, $checkdate, $checkno, $datepaid, $clientname, $bank, $amount, $status);
$response = array();
$info=array();
$flag = array();
$response["success"] = false;
if( mysqli_num_rows( $result ) > 0 ) {
while($row = mysqli_fetch_array($result))
{
$flag[checkdate]=$row[checkdate];
$flag[checkno]=$row[checkno];
$flag[datepaid]=$row[datepaid];
$flag[clientname]=$row[clientname];
$flag[bank]=$row[bank];
$flag[amount]=$row[amount];
$flag[status]=$row[status];
array_push($info, $flag);
}
$response["success"] = true;
$response["message"] = $info;
echo json_encode($response);
}
else
{
$response["success"] = 0;
$response["message"] = "No entries yet";
echo json_encode($response);
}
?>
Firstly, when posting questions on public forums, please remove your host, DB name, password, etc from the code. :)
Secondly, try to print_r($row) and see on which index is the user id available, then in your code, add this line:
if(mysqli_num_rows($res)> 0){
$response["success"] = true;
$response["user_id"] = $row[USER_ID_INDEX];
session_start();
$_SESSION['user_id'] =$row[USER_ID_INDEX];
}
Where you defined $userID variable, You have to assign proper value to session variable,
if(mysqli_num_rows($res)> 0){
$response["success"] = true;
session_start();
$_SESSION['user_id'] =$row[USER_ID_INDEX];
}
$row['user_id_in_table'] should give you the id.
I am working on an Android App. I need to update a register, I didn't have issues with entries. But when I try to update the table, Doesn't work
this my PHP
<?php
require_once 'include/userupdate.php';
$username = "";
$name = "";
$movil="";
$email = "";
$password = "";
$fnac = "";
$calle_numero_piso ="";
$nom_urba = "";
$cod_postal ="";
$localidad="";
$observaciones="";
/////////////////
if(isset($_POST['username'])){
$username = $_POST['username'];
}
if(isset($_POST['name'])){
$name = $_POST['name'];
}
if(isset($_POST['movil'])){
$movil = $_POST['movil'];
}
if(isset($_POST['email'])){
$email = $_POST['email'];
}
if(isset($_POST['password'])){
$password = $_POST['password'];
}
if(isset($_POST['fnac'])){
$fnac = $_POST['fnac'];
}
if(isset($_POST['calle_numero_piso'])){
$calle_numero_piso = $_POST['calle_numero_piso'];
}
if(isset($_POST['nom_urba'])){
$nom_urba = $_POST['nom_urba'];
}
if(isset($_POST['cod_postal'])){
$cod_postal = $_POST['cod_postal'];
}
if(isset($_POST['localidad'])){
$localidad = $_POST['localidad'];
}
if(isset($_POST['observaciones'])){
$observaciones = $_POST['observaciones'];
}
// Instance of a User class
$userObject = new User();
// update user
$json_registration = $userObject->updateRegisterUser($username, $name, $movil, $email, $password, $fnac, $calle_numero_piso, $nom_urba, $cod_postal, $localidad, observaciones );
echo json_encode($json_registration);
}
?>
And this my update.php
<?php
include_once 'db.php';
class User{
private $db;
private $db_table = "users";
public function __construct(){
$this->db = new DbConnect();
}
mysqli_close($this->db->getDb());
return false;
}
public function updateRegisterUser($username, $name, $movil, $email, $password, $fnac, $calle_numero_piso, $nom_urba, $cod_postal, $localidad, $observaciones ){
$query = "UPDATE users SET name = '$name', movil = '$movil', email = '$email', password = '$password', fnac = '$fnac', calle_numero_piso = '$calle_numero_piso', nom_urba ='$nom_urba', cod_postal = '$cod_postal', localidad = '$localidad', observaciones = '$observaciones' WHERE username = $username;";
$updated = mysqli_query($this->db->getDb(), $query);
if($updated == 1){
$json['success'] = 1;
}else{
$json['success'] = 0;
}
mysqli_close($this->db->getDb());
return $json;
}
public function loginUsers($username, $password){
$json = array();
$canUserLogin = $this->isLoginExist($username, $password);
if($canUserLogin){
$json['success'] = 1;
}else{
$json['success'] = 0;
}
return $json;
}
}
?>
I believe I there is something wrong with both php, but I am not sure where.
try this , as obvious your username is a string so it should be kept inside single quotes
$query = "UPDATE users SET name = '$name', movil = '$movil', email = '$email', password = '$password', fnac = '$fnac', calle_numero_piso = '$calle_numero_piso', nom_urba ='$nom_urba', cod_postal = '$cod_postal', localidad = '$localidad', observaciones = '$observaciones' WHERE username = '$username'";
One advise for best practice is, always make some primary key recommended as int autoincrement which will help to enforce uniqueness because in this case you can have two users with same name which will be a problem when your database grows.
First page:
<?php
session_start();
//db info
$conn = new mysqli("$server","$user_name","$password","$database");
$sql = "SELECT id FROM Client_Information order by id desc limit 1";
$result = $conn->query($sql);
if ($result->num_rows >0) {
while($row = $result->fetch_assoc()) {
$id=$row['id'] + 1;
}
}
$_SESSION['id'] = $id;
$sitename = $_POST['sitename'];
$sitetype = $_POST['sitetype'];
$color1 = $_POST['color1'];
$color2 = $_POST['color2'];
$color3 = $_POST['color3'];
$color4 = $_POST['color4'];
$sitedescription = $_POST['sitedescription'];
$aboutme = $_POST['aboutme'];
$contactname = $_POST['contactname'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$address = $_POST['address'];
if (isset($sitename) && isset($sitetype) && isset($color1)
&& isset($color2) && isset($contactname) && isset($phone)
&& isset($email) && isset($address) && isset($sitedescription)
&& isset($aboutme)) {
$sql = "INSERT INTO Client_Information (id, sitename, sitetype, color1, color2,
color3, color4, sitedescription, aboutme,
contactname, phone, email, address, timestamp)
VALUES ('$id', '$sitename', '$sitetype', '$color1', '$color2',
'$color3', '$color4', '$sitedescription', '$aboutme',
'$contactname', '$phone', '$email', '$address',
CURRENT_TIMESTAMP)";
$conn->query($sql);
header('Location: images.php');
}
mysqli_close($conn);
?>
Second page:
<?php
session_start();
echo $_SESSION['id'];
//db info
$conn = new mysqli("$server","$user_name","$password","$database");
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$wherevar = $_SESSION['id'];
$exsitename1 = $_POST['exsitename1'];
$exsitename2 = $_POST['exsitename2'];
$exsitename3 = $_POST['exsitename3'];
$exsitename4 = $_POST['exsitename4'];
$exsiteurl1 = $_POST['exsiteurl1'];
$exsiteurl2 = $_POST['exsiteurl2'];
$exsiteurl3 = $_POST['exsiteurl3'];
$exsiteurl4 = $_POST['exsiteurl4'];
$exsitedescr1 = $_POST['exsitedescr1'];
$exsitedescr2 = $_POST['exsitedescr2'];
$exsitedescr3 = $_POST['exsitedescr3'];
$exsitedescr4 = $_POST['exsitedescr4'];
if (isset($exsitename1) && isset($exsitename2) && isset($exsitename3) && isset($exsitename4)
&& isset($exsiteurl1) && isset($exsiteurl2) && isset($exsiteurl3) && isset($exsiteurl4)
&& isset($exsitedescr1) && isset($exsitedescr2) && isset($exsitedescr3) && isset($exsitedescr4)) {
$sql = "UPDATE Client_Information
SET exsitename1='$exsitename1', exsitename2='$exsitename2', exsitename3='$exsitename3',
exsitename4='$exsitename4', exsiteurl1='$exsiteurl1', exsiteurl2='$exsiteurl2',
exsiteurl3='$exsiteurl3', exsiteurl4='$exsiteurl4', exsitedescr1='$exsitedescr1',
exsitedescr2='$exsitedescr2', exsitedescr3='$exsitedescr3', exsitedescr4='$exsitedescr4'
WHERE id = '$wherevar'";
$conn->query($sql);
header('Location: index.php');
}
session_destroy();
mysqli_close($conn);
?>
So the first page works fine and inserts all the data into the db, but when the second page is ran, it doesn't update the same row that was inserted on the first page. It just leaves all those variable.
On the second page, I'm trying to have it edit the row that was just created.
So I'm trying to make a registration page that feeds back a variable when a certain flag is raised.. "All ready registered" "Registration limit" IS this the best way to do this or is there a better way? I'm a little new to PHP...I keep getting an error on the mysql_num_rows()..
Here is the code....
<?php
//not really
$dbhost = 'sample';
$dbname = 'contacts';
$dbuser = 'sample';
$dbpass = 'sample';
//retrieve our data from POST
$username = $_POST['username'];
$pass1 = $_POST['password'];
$pass2 = $_POST['timestamp'];
$pass3 = $_POST['deviceId'];
$pass4 = $_POST['phone'];
$pass5 = $_POST['name'];
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname, $conn);
//sanitize username
$username = mysql_real_escape_string($username);
$pass1 = mysql_real_escape_string($pass1);
$pass2 = mysql_real_escape_string($pass2);
$pass3 = mysql_real_escape_string($pass3);
$pass4 = mysql_real_escape_string($pass4);
$pass5 = mysql_real_escape_string($pass5);
function email_exists()
{
// $query = "SELECT * FROM Users WHERE username = '" . $username . "'";
$sql2 = mysql_query("SELECT username FROM Users WHERE username = '" . $username . "'");
// $sql2 = mysql_db_query("SELECT * FROM Users WHERE username = '" . $username . "'");
// $erg = mysql_num_rows($sql2) > 0;
return (mysql_num_rows($sql2)); //method 1
}
function device_exists()
{
$query2 = "SELECT * FROM Users WHERE deviceID = '" . $pass3 . "'";
//$sql2 = mysql_db_query("SELECT * FROM Users WHERE deviceID = '" . $pass3 . "'");
$sql3 = mysql_query($query2);
return (mysql_num_rows($sql3)); //method 2
}
if (email_exists() == 0) {
//(passed the no email in database, now lets check how many accounts under the device ID)
if (device_exists() < 3) {
$query = "INSERT INTO Users ( username, password, timestamp, deviceId, phone, name )
VALUES ( '$username' , '$pass1' , '$pass2', '$pass3', '$pass4', '$pass5');";
mysql_query($query);
mysql_close();
echo "1"; // Regstered succefully
} else {
echo "5"; //3 registered users per device only
}
} else {
echo "0"; //already have an account (email is used.....)
}
?>
You have may be same problem
Hello please try with the greaterthan operator (>) with zero
if ( email_exists()) // valid result
{
if ( email_exists() > 0 ) // more than 0 records
// rest code;
else
// insert operation;
}
Thanks... best luck