i just created a form and i am facing a problem on submit.
Example:
Here i have the link to edit.php where i get all the information with this link.
index.php
<a href="change/info/edit.php?url= '
. $row['url']
.'&title='. $row['title']
.'&info='. $row['info']
.'&name='. $row['name']
.'&date='. $row['date'] .' " target="_blank">Edit</a>
Here i get all the information from index.php like this here below:
edit.php :
<?php echo $_GET["title"]; ?>
<?php echo $_GET["info"]; ?>
<?php echo $_GET["date"]; ?>
<?php echo $_GET["name"]; ?>
<?php echo $_GET["url"]; ?>
EDIT: Ares Draguna
<?php session_start();
if(isset($_POST['Submit'])){
// code for check server side validation
if(empty($_SESSION['captcha_code'] ) || strcasecmp($_SESSION['captcha_code'], $_POST['captcha_code']) != 0){
$msg='<span class="fail">Please try again.</span>';// Captcha verification is incorrect.
}else{// Captcha verification is Correct. Final Code Execute here!
}
}
But when i hit the submit button and captcha is false the page refresh and i lose all the information, i have to hit back in the browser to see again all the information.
So what do i need to keep the information, when hit the submit button and captcha is false.
Thanks in advance !
To keep the information on the form, you can set some session variables like:
$_SESSION['title'] = $_GET["title"];
$_SESSION['info'] = $_GET["info"];
and so on... and the test it:
if(capcha == false) {
//do something
} else {
//unset the session variables
}
In this scenario, if the capcha is false, then you can repopulate the form inputs with what you have in session, so even after the page is reloaded you still have those information stored. If the capcha is true, then remember to unset the session vars.
However, if the exact same page refreshes, it means that you have the values in $_GET so you could use that with no problems. It really depends on how your code is structured.
L.E:
if(isset($_POST['Submit'])){
$_SESSION['captcha_code'] = $_GET['captcha_code'];
$_SESSION['other_info'] = $_GET['other_info'];
// code for check server side validation
if(empty($_SESSION['captcha_code'] ) || strcasecmp($_SESSION['captcha_code'], $_POST['captcha_code']) != 0){
$msg='<span class="fail">Please try again.</span>';// Captcha verification is incorrect.
}else{
// Captcha verification is Correct. Final Code Execute here!
}
}
And in the view file, check the session variables, so the session vars are set if isset submit post.
Hope it helps!
Keep on coding!
Ares.
Related
i have a multi step form and want to condition users on specific sites on my web .
This mean i want that only after submitting my form a client in my case can see the redirected page ,
And that with a kinda tim-out for that page to . this redirected page need to show only to those people who fill the form first even when users copy the link and give that link to somebody else the link should not work or should direction in a error. i have archived the last part partly
Here is all my code :
On the form.php i have this :
<?php
session_start(); $_SESSION['form_finished'] = true;
?>
On the proces.php i have this :
$emotion = $_POST['emotion'];
if($emotion == 'Basic Pack') {
session_start();
$_SESSION['form_finished'] = true;
header('Location: /new/basicc.php');
} elseif($emotion == 'Deluxe Pack') {
header('Location: html6.php');
} elseif($emotion == 'Premium Pack') {
header('Location: html7.php');
}
and destination site in this case basicc.php' this :
<?php
session_start();
if(!$_SESSION['form_finished']) {
header("HTTP/1.0 404 Not Found");
exit;
}
?>
This code is working partly because if the user on the form.php site if he just copy the basicc.php link on the address bar he can see the basic.php site imadtitly without having to fill the form , and i want that to condition him to do that and than the page to show up .
I hope i was clear thanks in advance
If proces.php is where submitting the form redirects then remove $_SESSION['form_finished'] = true; from form.php and keep it in proces.php only.
ETA: For the timer:
<script>
var remainingSeconds = 600; // how many second before redirect
function counter() {
if (remainingSeconds == 0) { clearInterval(countdownTimer); window.open('form.php', '_SELF'); // return to form page
} else { remainingSeconds--; }
}
var countdownTimer = setInterval('counter()', 1000); // 1000 is the interval for counting down, in this case 1 second
</script>
In this case, you will have to add back the statement in form.php but set it to false $_SESSION['form_finished'] = false;
ETA2: Forgot to mention that you should also add $_SESSION['form_finished'] = false; in basicc.php.
Yes you could just use a simple session for this case. Example:
If in your form action, if the form processing is in process.php. You could initialize there the session.
session_start();
$emotion = $_POST['emotion'];
$_SESSION['form_finished'] = true; // set session
// then your other process etc. etc.
if($emotion == 'Basic Pack') {
header('Location: /new/basicc.php');
} elseif($emotion == 'Deluxe Pack') {
header('Location: html6.php');
} elseif($emotion == 'Premium Pack') {
header('Location: html7.php');
}
And then on the destination files: /new/basicc.php and others, check that session existence:
/new/basicc.php and others:
if(isset($_SESSION['form_finished'])) { // so after redirection check this
//
// hello, i came from process.php
unset($_SESSION['form_finished']); // and then UNSET it! this is important
} else {
echo 'not allowed'; // if this is not set, the page is directly accessed, not allowed
exit;
}
I think the best solution is that you should only use one page, no need for sessions ;)
Try to have a particular variable set to false, send your form to the server using a POST method <form method=post> and on your server, change this variable to true and render the same page again.
In the example below, I'm checking if the user has entered his name in the form. ;)
<!-- In form.php -->
<?php
$formSubmitted = false;
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST["name"])) {
//Do what you need to do with form data, for example:
$name = filter_var($_POST["name"],FILTER_SANITIZE_STRING);
//Maybe do some checks on the data (or add to database) and when successful:
if($name != '')
{
$formSubmitted = true; // Set variable to true
}
}
?>
<?php if($formSubmitted): ?>
Hello <?php echo $name; ?>! <!-- Show all other HTML things you want to show -->
<p> This is a message only for people who submitted the form! </p>
<?php else: ?>
<form action='form.php' method='POST'>
<input name='name' type='text'>
</form>
<?php endif; ?>
I hope it'll be useful and hopefully a different way to look at the problem. For multi-step, this could easily accommodate more variables to see which step the user is on ;)
Good luck :)
I'm trying to integrate a php login script that I have working, but I can't seem to get simple php calls going on a page. On this user profile page, I want to simply have the user name displayed (mysql field is "name"). The user is logged in and the session carries through, but on this page, all I see is the text "Here is your profile info..." What might be wrong in the code to prevent the user name from displaying?
<?php
include_once('classes/check.class.php');
include_once('header.php');
if( protectThis("*") ):
if(!isset($_SESSION)) {
session_start();
}
if(isset($_SESSION['jigowatt']['name'])) {
echo "You're name is: " . $_SESSION['jigowatt']['name'];
}
?>
<br />
Here are is your profile info...
<?php
else :
?>
<div class="alert alert-warning">
<?php _e('Only signed in users can view what\'s hidden here!'); ?></div>
<?php
endif;
include_once('footer.php');
?>
For check session is set already use session_id() Also check you have set $_SESSION['jigowatt']['name'] already with empty()
if(session_id() == '') {
session_start();
}
if(!empty($_SESSION['jigowatt']['name'])) {
echo "You're name is: " . $_SESSION['jigowatt']['name'];
}
else {
echo 'username is empty';
}
You need to put session_start(); at the very top of the page. No white space can be put before that. Try if that works.
First you need to write the sessions at the very top of the page if it works than okay else you can try this.
Just append this 2 function before and after the session_start();
Like this
ob_start();
session_start();
ob_end_clean();
<?php
$name=$_GET['var'];
if($_SESSION["loginvalue"]==1)
{
echo "Welcome,$name";
echo " <a href='login.php'>Logout</a>";
}
?>
This is code i have used to maintain session in the page. What i want is if some enter local/project/cms.php url in web browser then it should not open. I want cms.php to be open only if someone login first otherwise it should not be opened.
not 100% sure what you mean; but...
Firstly there are some issues with the code given, where's session_start(), your code is also open to XSS attack on the $name var because your not escaping input, you need to use htmlentities() user input if your going to display it back to the user. Also you need to check variables are set before using to avoid PHP undefined index warnings. Other then that, you basically check if user is logged in, if there not then you redirect them, to your login page.
<?php
session_start();
$name = isset($_GET['var']) ? $_GET['var'] : null;
if(isset($_SESSION["loginvalue"]) && $_SESSION["loginvalue"]==1)
{
echo "Welcome,".htmlentities($name, ENT_QUOTES);
echo ' Logout';
}else{
//Redirect user to login page if not logged in.
exit(header("location: ./login.php"));
}
?>
You may modify your code like this:
<?php
session_start();
$name=$_GET['var'];
if($_SESSION["loginvalue"]==1)
{
echo "Welcome, ". htmlentities($name, ENT_QUOTES, "UTF-8");
echo " <a href='login.php'>Logout</a>";
}else{
//Redirect user to login page.
header("location: /login.php");
}
?>
Im creating an website where i am checking for login and redirecting the user to the index page, if his login was successful i want him to see something else instead of the login button
i have followed this approach for my query
<?php
if(!isset($_SESSION['uid']))
{
?>
<span class="Login">Login</span>
<?php
}
else if(isset($_SESSION['uid']))
{
?>
<span>Post</span>
<?php
}
?>
it doesn't seem to work quite the way i want. The 'Login' span is always visible, it would seem that the $_SESSION['uid'] is not being set, but that is not the case. To be honest i don't even know if this is the correct way of doing this
You need to put session_start(); in each page that need to access the session data before accessing (or creating) any session data.
See: Session Manuel
<?php
session_start();
$linkPage = 'login.php';
$linkName = 'Login';
if(isset($_SESSION['uid'])) {
$linkPage = 'postThread.php';
$linkName = 'Post';
}
?>
<span class="link"><?php echo $linkName; ?></span>
I know this is very simple thing but i am not aware of this. I have php code on same page for a signup form which have some session variables to be shown when any condition matches with the code.
The code structure is like this:
<?php
session_start();
if(isset($_POST['signup'])
{
if(condition)
{
$_SESSION['err1']="string";
}
else
{
$_SESSION['err2']="string";
}
}
?>
//HTML form
<?php if(isset($_SESSION['err1']) {?>
<li><?php echo $_SESSION['err1'];}?></li>
<?php if(isset($_SESSION['err2']) {?>
<li><?php echo $_SESSION['err2'];}?></li>
//rest of the form
I have more block of if-else in my code. Initially, when an condition is matched, the session message is shown. But as soon as the page refresh an another session message is shown along with previous session message.
Is this correct way of coding with forms? Because i want to show error messages inside the html form.
That's maybe because you do not empty your session variable.
Between 2 HTTP request, the session is kept on the server (juste reloading at each request).
So, if you are putting a message on $_SESSION['error1'] for the first call, it will show it. Then, on the second load, if you are putting a message on $_SESSION['error2'], you will also have the message of error1 because the session keep your data.
After showing the form, you should empty all your session messages
Simply unset your session variable after you echo.
<li><?php echo $_SESSION['err1'];} unset($_SESSION['err1']); ?></li>
This is really a bad example that use session to echo errors.
what i do many times at the starting of my php.
$errors = array(); // make a empty array errors before the conditional statements
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['Submit'])) {
//handle your POST variable
if(condition1){
$errors[] = "some error";
}
if(condition2) {
$errors[] = "some another error";
}
//more conditions
if (!empty($errors)) {
//process your form data if there is no errro
} else {
//display back your form along with Errors
if(isset($errors) && !empty($errors)) {
foreach($errors as $error) {
echo "<p class = 'error'>" . $error . "</p>";
}
}
<form action = "" method = "POST">
//your form elements
</form>
}
}
in first line of the php page, u can write
you can try any of the three lines between if condition
if(isset($_SESSION))
{
unset($_SESSION);
unregister($_SESSION['variable-name']) // try this also
session_destroy(); //try this also
}