I have created a multipage form that is storing the data in sessions. Instead of using method="post" I am using method="get" to allow the user to click the back button and hold the data on previous pages to edit. I also have email validation happening in the PHP script.
How would I be able to have a submit button advance to the next page in the form and a Reset button to clear the session and stay on this page (or reload the page) without the session data appearing within the form fields?
I have tried modifying someone else's suggestion using the following without success. Here is the PHP script at the start of the document:
<?php
session_start();
foreach ( $_GET as $key=>$value ) {
if ( $key!="submit" ) {
$value = htmlentities(stripslashes(strip_tags($value)));
$_SESSION[$key] = $value;
}
}
$firstname = $_SESSION['Firstname'];
$lastname = $_SESSION['Lastname'];
$email = $_SESSION['Email'];
if(isset($_GET['clear'])) {
session_destroy(); // Or other session-unsetting logic
header("Location: form.php"); // Reload your page
}
else if(isset($_GET['submit'])) {
//next page logic
header("Location: form-2.php"); // Reload your page
}
?>
Here is the form within the page body:
<form class="mod-columns-form" method="get" name="mailform" action="form-2.php" onsubmit="return validateForm();">
<fieldset>
<label for="Firstname">First Name <span class="mod-error">*</span></label>
<input type="text" name="Firstname" id="Firstname" placeholder="first name" value="<? echo $firstname; ?>" />
<label for="Lastname">Last Name <span class="mod-error">*</span></label>
<input type="text" name="Lastname" id="Lastname" placeholder="last name" value="<? echo $lastname; ?>" />
<label for="Email">Email <span class="mod-error">*</span></label>
<input type="text" name="Email" id="Email" placeholder="yourname#domain.com" value="<? echo $email; ?>" />
<button name="submit" type="submit" value="submit" class="submit">Next</button>
<button name="clear" type="submit" value="clear">Clear</button>
</fieldset>
</form>
to free you from the data in the form , you can create a button , which perform reset the variables.
<button name="reset" value="resert">RESET</button>
you need to check the session this page, creating a small code block in php .
<?php
session_start();
if (!isset($_SESSION['Firstname']) && $_SESSION['Lastname'] && $_SESSION['Email'])
{
print "error";
}
?>
Related
I am trying to write a simple html form which requires the user to enter the correct email and password, using $_SERVER as the action for my form. I do not want to send the POST info to another php page, but I want to do it on the same page instead.
I have set two variables, $correct_email and $correct_password.
Here is the form;
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<label for="eml">Email:</label>
<input type="email" name="eml" id="eml" required>
<br>
<label for="pwd">Password:</label>
<input type="password" name="pwd" id="pwd" required>
<br>
<input type="hidden" name="checkMe" value="12345">
<input type="submit" name="submit" value="Submit">
</form>
Here is what I am trying to get work in PHP
$correct_email = "(my personal email)";
$correct_password = "password"];
if ($_POST['eml']) == $correct_email && ($_POST['pwd']) == $correct_password {
echo "<h1>You are logged in</h1>";
} else {
echo "<h1>error</h1>";
}
It is not working, please help! I am also unclear on whether the PHP should come before or after the form.
Also, I would like to have the form be cleared from view, on the page, when the correct info is entered.
Thanks so much
Change the name of the submit button - never call anything "submit" in a form
Put the test at the top
You had issues with the ( and ) in the test
Also an issue with a ] after "password"
<?php
if ($_POST["subBut"] === "Submit") {
$correct_email = "(my personal email)";
$correct_password = "password";
if ($_POST['eml'] == $correct_email && $_POST['pwd'] == $correct_password) {
echo "<h1>You are logged in</h1>";
} else {
echo "<h1>error</h1>";
}
}
else {
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER[" PHP_SELF "]); ?>">
<label for="eml">Email:</label>
<input type="email" name="eml" id="eml" required>
<br>
<label for="pwd">Password:</label>
<input type="password" name="pwd" id="pwd" required>
<br>
<input type="hidden" name="checkMe" value="12345">
<input type="submit" name="subBut" value="Submit">
</form>
<?php } ?>
Seems, that I can't add password protection to the script: it should allow to login with the pass and to submit data from the form to mysql. Login looks fine, but if I try to press submit, it returns me to login page. Seems, that session is dropped or overwritten, but is not clear, how:
//login area
<?php
$password = "test";
session_start();
$_SESSION['txtPassword']= $_POST['txtPassword'] ;
if ( $_SESSION['txtPassword']!=$password ) {
?>
<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<p><label for="txtPassword">Password:</label>
<br /><input type="text" title="Enter your password" name="txtPassword" /></p>
<p><input type="submit" name="Submit" value="Login" /></p>
</form>
<?
}
elseif ( $_SESSION['txtPassword']=$password ) {
echo $_SESSION['txtPassword'] ; // tried to print password, result is correct: test
//my db connection, just in case:
include "config.php";
$connect = mysqli_connect(HOST, USER, PASSWORD, NAME);
// data which should be inserted to db
if
(#$_POST['posted']=='1' $_POST['posted'])) {
$sSQL = "UPDATE users SET user_login='".mysqli_real_escape_string($connect, $_POST['usern'])."',user_pass='".mysqli_real_escape_string($connect, dohashpw($_POST['passw']))."' WHERE ID=1";
mysqli_query($connect, $sSQL) or print(mysql_error());
print ' <div class="container"> <p class="pstype">Password updated! </p>';
...
//input form
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"><input type="hidden" name="posted" value="1" />
<div class="col-xs-3">
<label for="ex2">New Username: </label>
<input type="text" class="form-control input-lg" name="usern" >
</div>
<div class="col-xs-3">
<label for="ex2">New Password: </label>
<input type="password" class="form-control input-lg" name="passw" >
</div>
<div class="col-xs-3">
<input type="submit" value="Submit" onclick="<? mysqli_query ($connect, $sSQL);?>; ">
</div>
</form>
I am able to login this page, but when I fill the form and click Submit, I get login area again. If echo $_SESSION show a correct result, I think that it was established, but data are lost after for submit. Could you please help to find my error?
You are assigning and not comparing here :
elseif ( $_SESSION['txtPassword']=$password ) {
this is better
elseif ( $_SESSION['txtPassword']==$password ) {
but thats a bad idea anyway, passwords should not be stored in session variables like this, and you have to hash them once the user submit them and only manipulate and store the hashed passwords in your code and database
<?php
$password = "test";
session_start();
$_SESSION['txtPassword']= $_POST['txtPassword'] ;
if($_SESSION['txtPassword']!=$password ){
?>
<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ? >">
<p><label for="txtPassword">Password:</label></p>
</br>
<p><input type="text" title="Enter your password" name="txtPassword"/> </p>
<p><input type="submit" name="Submit" value="Login"/></p>
</form>
<?php
}
else{
echo $_SESSION['txtPassword'];
}
?>
i am not understanding why the elseif stands for? you are already checking inside the if condition which both are not equal?.
I have read a few other posts and try to put them together but still could not solve my problem: Navigating back with PHP form submission, php back button
I'm writing template for a long online form, and I'm trying to break the form into several pages. And no matter if users click "back" or "next", the previously entered fields will still remain there.
However, whenever I click on the back button on the second page, all the info on the first page goes away.
This is the php block on top of the 1st page:
session_start();
$_SESSION['initialized'] = 'Aquafina';
if (!isset($_SESSION['email'])) {
$_SESSION['email'] = '';
}
if (!isset($_SESSION['fname'])) {
$_SESSION['fname'] = '';
}
foreach ($_SESSION as $key => $value) {
$temp = trim($value);
${$key} = $temp;
}
HTML of the 1st page:
<form method="post" action="secure.php">
<p>
<label for="email">Email: </label>
<input type="text" name="email" value="<?php htmlentities($email); ?>">
</p>
<p>
<label for="fname">First Name: </label>
<input type="text" name="fname" value="<?php htmlentities($fname); ?>">
</p>
<p>
<label for="hidden"> </label>
<input type="submit" name="next" value="NEXT">
</p>
</form>
I've tried many alternatives, and currently I'm stuck on the notion that I'll pass the form into a page call "secure.php" (I'm not sure why I did this in the first place), and has the code of the following:
session_start();
foreach ($_POST as $key => $value) {
$_SESSION[$key] = trim($_POST[$key]);
}
header('Location: form2.php' );
The second page looks similar, but I added a back button that caused all the problems.
The php block on top of 2nd page:
session_start();
if (isset($_SESSION['initialized'])) {
if (!isset($_SESSION['lname'])) {
$_SESSION['lname'] = '';
}
if (!isset($_SESSION['university'])) {
$_SESSION['university'] = '';
}
foreach($_SESSION as $key => $value) {
$temp = trim($value);
${$key} = $temp;
}
} else {
header('Location: form.php');
exit;
}
The HTML on the 2nd page:
<form method="post" action="secure2.php">
<p>
<label for="lname">Last Name: </label>
<input type="text" name="lname" value="<?php htmlentities($lname); ?>">
</p>
<p>
<label for="university">University: </label>
<input type="text" name="university" value="<?php htmlentities($university); ?>">
</p>
<p>
<label for="hidden"> </label>
<button class="back">Back</button>
<input type="submit" name="review" value="REVIEW">
</p>
</form>
Thank you so much whoever can help!!!!!
I don't think the problem is your back button. The problem is probably because you're not echo-ing anything in your inputs' values.
To fix it, replace
<input type="text" name="email" value="<?php htmlentities($email); ?>">
With
<input type="text" name="email" value="<?php echo htmlentities($email); ?>">
OR
<input type="text" name="email" value="<?=htmlentities($email)?>">
And do the same thing for every of your inputs. If you didn't notice what I've added, I've added the echo in the value attribute of your HTML.
I am trying to set up an application form on my site where there is a main large application form on one page (parent.php)and a smaller form on another page (child2.php) that when users fill out some of their details and submit that smaller form, they are taken to the larger form and the details they have entered already appear in the corresponding textbox on the larger form along side some extra boxes for them to fill out(if that makes sense!)
I can get it to work in that the textboxes on the 2nd page display the values of the matching textboxes on the first page, but only when a value is set. As users can either access the main application form through the smaller form OR by directly accessing it, I need to have it so that if the value is set, the set value is displayed and will also be the value entered into the database OR if the value is not pre-set from the smaller form, the user can enter in their info to the main form and this is what's sent to the DB. I think I might need to use ifisset and have tried to do so but am getting nowhere.
Apologies for messy code and the set up of the textboxes as they are just for testing this out and I am still getting to grips with all this and would be grateful if anyone could help me/let me know if I'm on the right track/totally off. Thanks in advance!
Page 1 (parent.php)
<form action="child2.php" method="post" class="validate">
<div>
<input class="tb" type="text" name="fName" placeholder="first name" id="fName" value="<?php $fName ?>" required/><br/>
<br/>
<input class="tb" type="text" name="sName" placeholder="surname" id="sName" value="<?php $sName ?>" required/><br/>
<br/>
<input class="tb" type="email" name="email" required placeholder="email address" id="email" value="<?php $email ?>" required/>
<br/>
<input class="tb" type="address" name="address" placeholder="address" value="<?php $address ?>" id="address" />
<br/>
<input id="submit" name="submit" type="submit" value="Submit">
</div>
</form>
Page 2 (child2.php)
<?php
function renderForm($fName, $sName, $email, $address){
?>
<form action="" method="post" class="validate">
<label class="label">first name</label><input class="tb" type="text" id="fName" name="fName" value="<?php if (isset($fName)) { echo $fName = $_REQUEST['fName'];} else { echo "first name"; }?>"/>
</br>
<label class="label">surname</label><input class="tb" type="text" id="sName" name="sName" value="<?php if (isset($sName)) { echo $sName = $_REQUEST['sName'];} else { echo "surname"; }?>"/>
</br>
<label class="label">email</label><input class="tb" type="email" id="email" name="email" value="<?php if (isset($email)) { echo $email = $_REQUEST['email'];} else { echo "email"; }?>"/>
</br>
<label class="label">address</label><input class="tb" type="text" id="address" name="address" value="<?php if (isset($address)) { echo $address = $_REQUEST['address'];} else { echo "address"; }?>"/>
</br>
What you're looking for are $_SESSION variables, which stay active until the user closes the browser or until the Session expires (I think the default PHP config time is 24 minutes..?). This is a lot more efficient than storing them in a database for temporal purposes.
So you can set the variables with $_SESSION['fName'] = $_POST['fName']; etc. and then call them later with echo $_SESSION['fName']; etc.
To utilize session variables you will need <?php session_start(); ?> at the beginning of your pages (before any HTML is used)
As suggested by khanahk, using SESSION variables will do your job. The problem with the solution you are thinking is that its fine only as long as you are passing values from one page to some other page, that too after so much mess.
So, you should instead, you should use something like this
session_start();
$email = $_SESSION['email'];
<label class="label">email</label><input class="tb" type="email" id="email" name="email" value="<?php echo $email; ?>"/>
I have a form on one page, and the submit button on that page leads the user to the next page of the form. I'm trying to set it up so that the info from form 1 is submitted along with form 2's info when the submit button on form 2 is clicked and all forms have been filled out, however, the first form's data is being submitted to my database when proceeding to form 2. Any ideas why this is the case? And any ideas of a solution?
Also, I am getting an error "undefined index GET" from the first form and I am struggling to understand why?
Thanks in advance!
Form 1 (parent.php)
<?php session_start();
$_SESSION['fName']=$GET['fName'];
$_SESSION['sName']=$GET['sName'];
$_SESSION['email']=$GET['email'];
$_SESSION['address']=$GET['address'];
?>
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″ />
<title>table2</title>
</head>
<h1>Is this in xamppfiles and htdocs?</h1>
<form action="child2.php" method="post" class="validate">
<div>
<input class="tb" type="text" name="fName" placeholder="first name" id="fName" value=" <?php $fName ?>" required/><br/>
<br/>
<input class="tb" type="text" name="sName" placeholder="surname" id="sName" value="<?php $sName ?>" required/><br/>
<br/>
<input class="tb" type="email" name="email" required placeholder="email address" id="email" value="<?php $email ?>" required/>
<br/>
<input class="tb" type="address" name="address" placeholder="address" value="<?php $address ?>" id="address" />
<br/>
<input id="submit" name="submit" type="submit" value="Next">
</div>
</form>
</body>
</html>
Form 2 (child2.php)
<?php
session_start();
include("connect.php");
?>
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″ />
<title>table2</title>
</head>
<body>
<?php
function renderForm($fName, $sName, $email, $address){
?>
<form action="" method="post" class="validate">
<label class="label">first name</label><input class="tb" type="text" id="fName" name="fName" value="<?php if (isset($fName)) { echo $fName = $_SESSION['fName'];} else { if(!isset($fName)) { echo ""; }}?>"/>
</br>
<label class="label">surname</label><input class="tb" type="text" id="sName" name="sName" value="<?php if (isset($sName)) { echo $sName = $_SESSION['sName'];} else { if(!isset($sName)) { echo ""; }}?>"/>
</br>
<label class="label">email</label><input class="tb" type="email" id="email" name="email" value="<?php if (isset($email)) { echo $email = $_SESSION['email'];} else { if(!isset($email)) { echo ""; }}?>""/>
</br>
<label class="label">address</label><input class="tb" type="text" id="address" name="address" value="<?php if (isset($address)) { echo $address = $_SESSION['address'];} else { if(!isset($address)) { echo ""; }}?>""/>
</br>
<input id="submit" type="submit" value="Submit"/>
</form>
<?php
}
// check if the form has been submitted. If it has, start to process the form and save it to the database
if (isset($_POST['submit']))
{
// get form data, making sure it is valid
$fName = mysql_real_escape_string(htmlspecialchars($_POST['fName']));
$sName = mysql_real_escape_string(htmlspecialchars($_POST['sName']));
$email = mysql_real_escape_string(htmlspecialchars($_POST['email']));
$address = mysql_real_escape_string(htmlspecialchars($_POST['address']));
// check to make sure both fields are entered
if ($fName == '' || $sName == '' || $email == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';
// if either field is blank, display the form again
renderForm($fName, $sName, $email, $address, $error);
}
else
{
// save the data to the database
mysql_query("INSERT formtest SET fName='$fName', sName='$sName',email='$email', address='$address'")
or die(mysql_error());
// once saved, redirect back to the view page
header("Location: child2.php");
}
}
else
// if the form hasn't been submitted, display the form
{
renderForm('','','','','');
}
?>
</body>
</html>
The action field of your parent.php is child2.php . Also, you are checking for
if (isset($_POST['submit']))
which is set true by your first page, hence, it goes inside the loop and inserts the data in your database. This can be resolved by placing this in your parent file
<input id="submit" name="submitINIT" type="submit" value="Next">
A possible solution can be, you extract the values of the first form and store it in some session variables , and finally at final submission, you can use those values for insertion.
In your child2.php, do this
if (isset($_POST['submitINIT'])){
// store all the available values in some session variables
$_SESSION['value1']=$POST['fName'];
$_SESSION['value2']=$POST['sName'];
$_SESSION['value3']=$POST['email'];
$_SESSION['value4']=$POST['address'];
}
if (isset($_POST['submit'])){
// proceed after final submission
}
Also, change the action of 2nd file to itself using this
<form action="child2.php" method="post" class="validate">
Also, do this modification in your child2.php
<input id="submit" name="submit" type="submit" value="Submit"/>