cannot find out what is the problem...for example i want to add 2 row of data...when i press the + button...my data just typed will gone(looks like refresh)...and database will only store the 2nd row of data...1st one will not store. please help me find out the answer. thank you~
<?php if($_POST['btnPlus1'])
$_SESSION['count1'] += 1;
else if($_POST['btnMinus1'])
$_SESSION['count1'] -= 1;
$AddEducationalQ = "INSERT INTO tbleducational(Id,University,Level,Specialization,Year) VALUES('".$_POST['txtStaffIc']."','".strtoupper($_POST['txtUniversity'])."','".strtoupper($_POST['sLevel'])."','".strtoupper($_POST['txtSpecialization'])."','".$_POST['txtYear']."')";
$AddEducationalResult = mysql_query($AddEducationalQ,$link); ?>
<tr>
<td>
<fieldset>
<legend>Educational Background</legend>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
<?php
for($tempfield = 1; $tempfield <= $_SESSION['count1']; ++$tempfield)
{?>
<fieldset>
<legend><?php echo $tempfield ?></legend>
<table width="200" border="0">
<tr>
<td>University</td>
<td>Level</td>
<td>Specialization</td>
<td>Year Graduated</td>
</tr>
<tr>
<td>
<input type="text" name="txtUniversity" id="txtUniversity" /></td>
<td>
<select name="sLevel" id="sLevel">
<option></option>
<option>Diploma</option>
<option>Degree</option>
<option>Master</option>
<option>Doctor</option>
</select>
</td>
<td>
<input type="text" name="txtSpecialization" id="txtSpecialization" />
</td>
<td>
<input type="text" name="txtYear" id="txtYear" />
</td>
</tr>
</table>
</fieldset>
<?php
}?>
</td>
</tr>
<tr>
<td colspan="4" align="center"><input type="submit" name="btnPlus1" id="btnPlus1" value="+" /> <input type="submit" name="btnMinus1" id="btnMinus1" value="-" /></td>
</tr>
</table>
</fieldset>
</td>
</tr>
Ok first you'll have to change your form element to:
<form method="post" action="filename.php" accept-charset="utf-8">
Make sure you change filename.php to the filename of this code.
Now you'll have to make a choice. You can either continue with mysql_*, which is deprecated and extremely insecure! Or you can upgrade your code to PDO() instead.
If you wish to continue with mysql_*, change your PHP part to:
if(isset($_POST['txtStaffIc'], $_POST['txtUniversity'], $_POST['sLevel'], $_POST['txtSpecialization'], $_POST['txtYear'])){
$AddEducationalQ = "INSERT INTO tbleducational(Id,University,Level,Specialization,Year) VALUES('".$_POST['txtStaffIc']."','".strtoupper($_POST['txtUniversity'])."','".strtoupper($_POST['sLevel'])."','".strtoupper($_POST['txtSpecialization'])."','".$_POST['txtYear']."')";
mysql_query($AddEducationalQ,$link) or die(mysql_error());
echo "Data succesfully added to database.";
}
If you wish to upgrade to PDO() instead, change your PHP part to:
if(isset($_POST['txtStaffIc'], $_POST['txtUniversity'], $_POST['sLevel'], $_POST['txtSpecialization'], $_POST['txtYear'])){
$AddEducationalQ = "INSERT INTO tbleducational(Id,University,Level,Specialization,Year) VALUES(':txtStaffIc',':txtUniversity',':sLevel',':txtSpecialization',':txtYear')";
$prepare = $pdo->prepare($AddEducationalQ);
$prepare->bindValue(":txtStaffIc",$_POST['txtStaffIc']);
$prepare->bindValue(":txtUniversity",strtoupper($_POST['txtUniversity']));
$prepare->bindValue(":sLevel",strtoupper($_POST['sLevel']));
$prepare->bindValue(":txtSpecialization",strtoupper($_POST['txtSpecialization']));
$prepare->bindValue(":txtYear",$_POST['txtYear']);
if($prepare->execute()){
echo "Data succesfully added to database.";
} else {
print_r($prepare->errorInfo());
}
}
Also make sure you change your database connection file to:
<?php
$dbhost = ""; //Enter MySQL server host
$dbuser = ""; //Enter MySQL database user
$dbpass = ""; //Enter MySQL database pass
$dbname = ""; //Enter MySQL database name
$pdo = new PDO("mysql:host=".$dbhost.";dbname=". $dbname, $dbuser, $dbpass);
?>
On a last note I should add that I didn't see any require database connection file inside your PHP code. I assume you simply didn't post this.
Related
I'm creating a table that uses PHP to pull from a MySQL database that I have. I think I've got everything where I want it to be, however the only problem I'm having is that the results seem to be (for lack of a better word) "behind". What I mean by that is that my first page index.php is where I'm accepting user edits to the database. Once they click Update it sends them to my results.php file that is supposed to actually perform the SQL UPDATE and then display the updated table.
It updates the table just fine according to XAMPP's database editor. However, when I said "behind" I mean that the page loads, updates but doesn't display the updated data until either the user refreshes the page or returns to the first page THEN comes back. I'm not sure what could be causing it, so I'm hoping someone here can help me. I feel like the reason is something as simple as I'm just running the code in the wrong order, but I don't know for sure. My code is below:
index.php
<html>
<body>
<?php
include('dbconnect.php');
$query = "SELECT * FROM vw_events";
$result = mysqli_query($conn, $query);
$count = mysqli_num_rows($result);
?>
<form name="form1" method="post" action="results.php">
<table width="auto" border="1" cellspacing="1" cellpadding="5">
<tr>
<td align="center"><strong>Event ID</strong></td>
<td align="center"><strong>Title</strong></td>
<td align="center"><strong>Topic</strong></td>
<td align="center"><strong>Description</strong></td>
<td align="center"><strong>Event Date</strong></td>
<td align="center"><strong>Speaker</strong></td>
<td align="center"><strong>Building</strong></td>
<td align="center"><strong>Room</strong></td>
</tr>
<?php
while($rows=mysqli_fetch_array($result)) {
?>
<tr>
<input name="event_id[]" type="hidden" id="event_id" value="<?php echo $rows['event_id']; ?>">
<td align="center">
<?php echo $rows['event_id'];?>
</td>
<td align="center">
<input name="title[]" type="text" id="title">
</td>
<td align="center">
<?php echo $rows['topic_name']; ?>
</td>
<td align="center">
<?php echo $rows['topic_description']; ?>
</td>
<td align="center">
<input name="date[]" type="date" id="date">
</td>
<td align="center">
<input title="Use reference tables below to enter speaker ID" name="speaker[]" type="text" id="speaker">
</td>
<td align="center">
<input title="Use reference tables below to enter building ID" name="building[]" type="text" id="building">
</td>
<td align="center">
<input title="Use reference tables below to enter Room ID" name="room[]" type="text" id="room">
</td>
</tr>
<?php
}
?>
<tr>
<td colspan="8" align="center"><input type="submit" name="Update" value="UPDATE"></td>
</tr>
</table>
</form>
</body>
</html>
results.php
<html>
<body>
<?php
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
error_reporting(E_ALL);
ini_set('display_errors',1);
require_once('dbconnect.php');
$query = "SELECT * FROM vw_events";
$result = mysqli_query($conn, $query);
$count = mysqli_num_rows($result);
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$id = $_POST['event_id'];
$title2 = $_POST['title'];
$date2 = $_POST['date'];
$speaker2 = $_POST['speaker'];
$building2 = $_POST['building'];
$room2 = $_POST['room'];
for($i=0;$i<$count;$i++) {
$sql="UPDATE events SET title='$title2[$i]', event_date='$date2[$i]', speaker='$speaker2[$i]', building='$building2[$i]', room='$room2[$i]' WHERE event_id='$id[$i]'";
$result1=mysqli_query($conn, $sql);
}
}
?>
<form name="form1" method="post" action="index.php">
<table width="auto" border="1" cellspacing="1" cellpadding="5">
<tr>
<td align="center"><strong>Event ID</strong></td>
<td align="center"><strong>Title</strong></td>
<td align="center"><strong>Topic</strong></td>
<td align="center"><strong>Description</strong></td>
<td align="center"><strong>Event Date</strong></td>
<td align="center"><strong>Speaker</strong></td>
<td align="center"><strong>Building</strong></td>
<td align="center"><strong>Room</strong></td>
</tr>
<?php
while($rows=mysqli_fetch_array($result)) {
?>
<tr>
<td align="center">
<?php echo $rows['event_id'];?>
</td>
<td align="center">
<?php echo $rows['title']; ?>
</td>
<td align="center">
<?php echo $rows['topic_name']; ?>
</td>
<td align="center">
<?php echo $rows['topic_description']; ?>
</td>
<td align="center">
<?php echo $rows['event_date']; ?>
</td>
<td align="center">
<?php echo $rows['speaker_name']; ?>
</td>
<td align="center">
<?php echo $rows['building_name']; ?>
</td>
<td align="center">
<?php echo $rows['room_name']; ?>
</td>
</tr>
<?php
}
?>
<tr>
<td colspan="8" align="center"><input type="submit" name="Return" value="Return"></td>
</tr>
</table>
</form>
</body>
</html>
Also if someone can give me some guidance as to how to run the htmlspecialchars function on my arrays within results.php I'd really appreciate it. I've already tried to create a for loop for literally each array but that didn't work. I've tried using ->
<?php
function htmlspecial_array(&$variable) {
foreach ($variable as &$value) {
if (!is_array($value)) { $value = htmlspecialchars($value); }
else { htmlspecial_array($value); }
}
}
but that also didn't work, and I've tried using the array_walk_recursive but to no avail. I want to try and do something like W3Schools' example here W3Schools Form Validation towards the bottom of the page where it says Validate Form Data With PHP and then gives an example.
The result you get from the UPDATE query is the number of affected rows in your database. To correctly display the updated data, you need to re-fetch from the database before you generate the HTML. You should rearrange your code in results.php like this:
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
error_reporting(E_ALL);
ini_set('display_errors',1);
require_once('dbconnect.php');
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$id = $_POST['event_id'];
$title2 = $_POST['title'];
$date2 = $_POST['date'];
$speaker2 = $_POST['speaker'];
$building2 = $_POST['building'];
$room2 = $_POST['room'];
$query = "SELECT * FROM vw_events";
$result = mysqli_query($conn, $query);
$count = mysqli_num_rows($result);
for($i=0;$i<$count;$i++) {
$sql="UPDATE events SET title='$title2[$i]', event_date='$date2[$i]', speaker='$speaker2[$i]', building='$building2[$i]', room='$room2[$i]' WHERE event_id='$id[$i]'";
$result1=mysqli_query($conn, $sql);
}
}
$query = "SELECT * FROM vw_events";
$result = mysqli_query($conn, $query);
Side note: If your data is sensitive, you may want to read about mysqli prepared statement so hackers cannot tamper with your queries.
Regarding your question about htmlspecialchars, see Stackoverflow "Execute htmlspecialchars on a multi level array".
please assist
I have created a search page to query the database, when the submit button is selected, no data is populated into the grid and there is no error message or notice that gives me an indication of where the issue is. Please assist.
Here is the code:
<?php
if(isset($_POST['submit']))
{
$txtLastName = $_POST['txtLastName'];
$txtidnumber = $_POST['txtidnumber'];
$txtMedicalAidNumber = $_POST['txtMedicalAidNumber'];
//connect to the database
$db = mysql_connect
("server", "username", "password") or die ('I cannot connect to the database because: ' . mysql_error());
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error)
{
die("Connection failed: " . $conn->connect_error);
}
$mydb = mysql_select_db("mediouqp_login");
if($txtLastName != '' && $txtidnumber != '' && $txtMedicalAidNumber != '')
{
$sql = "SELECT last_name, id_number, medical_id_number FROM patient WHERE last_name LIKE '%" . $txtLastName . "%' OR id_number LIKE '%" . $txtidnumber ."%'";
}
else
{
$sql = "SELECT last_name FROM patient ORDER BY last_name DESC";
}
$result = mysql_query($sql);
}
if($result)
{
if(mysql_num_rows($result) > 0)
{
echo 'Total records found are- '.mysql_num_rows($result);
}
else
{
echo "No records found.";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style2.css">
</head>
<body>
<ul>
<li>PATIENT DETAILS
<li>REPORTS</li>
<li>ADMINISTRATOR</li>
<li>DOWNLOADS</li>
</ul>
<div class="headerTitle">
<h1 id="mainHeader">search patient details</h1>
</div>
<form action="search_patient.php" method="post" name="frm_search" id="frm_search">
<table>
<tr>
<td class="Label" id="lname">Last Name
</td>
<td class="Field">
<input type ="lastname" name ="txtLastName" ></input>
<span id="spnLastName"></span>
</td>
</tr>
<tr>
<td class="Label" id="lname">ID Number
</td>
<td class="Field">
<input type ="lastname" name ="txtidnumber" ></input>
<span id="spnIdNumber"></span>
</td>
</tr>
<tr>
<td class="Label" id="lname">Medical Aid Number
</td>
<td class="Field">
<input type ="medicalaidnumber" name ="txtMedicalAidNumber" ></input>
<span id="spnMedicalaidNumber"></span>
</td>
</tr>
<tr>
<td class="Label">
</td>
<td>
<input type="submit" id="btnSearchPatient" value="Submit"></input>
<input type = "button" onClick="window.location='create_patient.php';" value="Create Patient" /></input>
</td>
</tr>
</table>
</form>
<br/>
<br/>
<table id="tblpatient" class="Grid">
<tr class="Header">
<td> </td>
<td> </td>
<td> </td>
<td>Last Name</td>
<td>ID Number</td>
<td>Medical Aid</td>
</tr>
<?php
if($result)
{
while($row = mysql_fetch_array($result))
{
$last_name = $row['last_name'];
$id_number = $row['id_number'];
$medical_id_number = 0;//$row['medical_id_number'];
?>
<tr>
<td> </td>
<td> </td>
<td> </td>
<td><?php echo $last_name;?></td>
<td><?php echo $id_number;?></td>
<td><?php echo $medical_id_number;?></td>
</tr>
<?php
}
}
?>
</table>
</body>
</html>
Note: This extension(mysql) was deprecated in PHP 5.5.0, and it was removed in PHP 7.0.0. Instead, the MySQLi or PDO_MySQL extension should be used along with prepared statements.
As per the code you have written it will be submitting the data but what you have written under this statement will never Work.
if(isset($_POST['submit'])){// Codes Inside this}
Reason this code will not work
Your Submit button is not having the name which you have given in the isset($_POST['submit']).
You mist add the name to the submit button which you have in your code.
Replace your Submit button as i have provided by adding the name to it and changing the button code style.
Replace:
<input type="submit" id="btnSearchPatient" value="Submit"></input>
With:
<input type="submit" id="btnSearchPatient" name="submit" value="Submit" />
After all the above steps that has been provided ensure the note below in order the data comes as not expected.
Note: If you need to execute the statement perfect you first put echo to the select statement that you have coded and break the execution over there. You will find the SQL statement over to the browser and you copy that echoed statement into the SQL section of the DB created in the Phpmyadmin and check whether your code executed well. If so you got the required output that you can remove the echo and exit statement and you can proceed.
I am try to inset multiple rows to new table fetched from other table, but problem is that only last single row is being inserted and no other now is getting insert, so please tell the issue where i am lacking
<?php
error_reporting(1);
session_start();
$s=$_SESSION['username'];
//connect database
$con=mysql_connect("localhost","root","") or die(mysql_error());
// select database
mysql_select_db("education",$con);
$date= date("Y/m/d");
//select all values from empInfo table
$data="SELECT * FROM student";
$val=mysql_query($data);
?>
<html>
<body>
<table>
</table>
<form action="submit.php" method="post" >
<table>
<tr>
<th>Teacher name</th>
<th>Date</th>
<th>Roll No</th>
<th>Student name</th>
<th>Father name</th>
<th>Addhaar No</th>
<th>Status(P)</th>
<th>Status(A)</th>
<th>Status(L)</th>
</tr>
<?php while($r=mysql_fetch_array($val))
{?>
<tr style="border:2px solid black;">
<td><input type="text" name="teacher" value="
<?php echo $s; ?>"></td>
<td><input type="text" name="date" value="
<?php echo $date; ?>"></td>
<td ><input name="roll_no" value="
<?php echo $r['roll_no']; ?>">
</td>
<td><input name="student_name" value="
<?php echo $r['student_name'] ?>">
</td>
<td><input name="father_name" value="
<?php echo $r['father_name'] ?>">
</td>
<td>
<input name="addhaar_no" value="
<?php echo $r['addhaar_no'] ?>">
</td>
<td>
<input type="checkbox" value="present" name="status"> Present
</td>
<td>
<input type="checkbox" name="status" value="absent">Absent
</td>
<td>
<input type="checkbox" name="status" value="leave">Leave
</td>
</tr>
</table>
<?
}
?>
<input type="submit" name="submit" value="submit">
</form>
</body>
</html>
submit.php -
<?php
error_reporting(1);
$con=mysql_connect("localhost","root","") or die(mysql_error());
// select database
mysql_select_db("education",$con);
//get data from html form
$roll_no=$_POST['roll_no'];
$student_name=$_POST['student_name'];
$father_name=$_POST['father_name'];
$addhaar_no=$_POST['addhaar_no'];
$status=$_POST['status'];
//Insert values in empInfo table with column name
$query="INSERT INTO attandance
VALUES ('', '$roll_no','$student_name','$father_name','$addhaar_no','$status'),
VALUES ('', '$roll_no','$student_name','$father_name','$addhaar_no','$status')";
echo $query;
die();
mysql_query($query);
?>
page
You need to have unique name for each fields. What you can do is have a counter in loop and add it the names of the fields to make it unique.
Sample:
$ctr = 0;
while($r=mysql_fetch_array($val)){
echo "<input type="text" name='teacher_".$ctr."'>";
$ctr++;
}
Or make the names array, and loop through the values in saving the data.
while($r=mysql_fetch_array($val)){
echo "<input type="text" name='teacher[]'>";
}
I think you should study PHP a bit more... As i can see in your code, you haven't understood fundamentals of PHP.
1: Normally, you won't mix up HTML and PHP like you did in your first code. Its just confusing and really annoying to read the code later.
2: When you post your form, for example the variable $_POST['student_name']; will just contain the value of the last row (your problem). So, why? Because you can't assign more than one value to a variable. Or at least, not the way you tried it. Array would be a good keywoard for this problem.
3: Please check your SQL syntax... Thats why i'm saying you haven't understand fundamentals... http://www.w3schools.com/sql/sql_insert.asp
Why you're repeating your values? You think the second time the variables will contain the values of the next row? Thats just false. A Variable contains everytime the same value, as long as you don't assign a new value to it.
4: mysql is depracted. Use mysqli or PDO instead.
My tip: You need to have unique input names. Just take a look at PHP, how for/while loops work, study a bit more and try it again. It's not difficult to solve, but i think you'll learn a lot more if we don't give you the direct solution.
Now mysql is depracted. So, you can use mysqli or PDO instead.
I can use now PDO. Please follow bellow code carefully:
<?php
$user = 'root';
$pass = '';
$dbh = new PDO('mysql:host=localhost;dbname=education', $user, $pass);
try {
$select = $dbh->query('SELECT * from student');
} catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "<br/>";
die();
}
?>
<html>
<body>
<form action="submit.php" method="post" >
<table>
<tr>
<th>Teacher name</th>
<th>Date</th>
<th>Roll No</th>
<th>Student name</th>
<th>Father name</th>
<th>Addhaar No</th>
<th>Status(P)</th>
<th>Status(A)</th>
<th>Status(L)</th>
</tr>
<?php
foreach($select as $val) {
?>
<tr style="border:2px solid black;">
<td><input type="text" name="teacher" value="<?php echo $s; ?>"></td>
<td><input type="text" name="date" value="<?php echo $date; ?>"></td>
<td><input name="roll_no" value="<?php echo $r['roll_no']; ?>"></td>
<td><input name="student_name" value="<?php echo $r['student_name'] ?>"></td>
<td><input name="father_name" value="<?php echo $r['father_name'] ?>"></td>
<td><input name="addhaar_no" value="<?php echo $r['addhaar_no'] ?>"></td>
<td><input type="checkbox" value="present" name="status"> Present</td>
<td><input type="checkbox" name="status" value="absent">Absent</td>
<td><input type="checkbox" name="status" value="leave">Leave</td>
</tr>
<?php
}
?>
</table>
<input type="submit" name="submit" value="submit">
</form>
</body>
</html>
For submit.php code bellow
<?php
$user = 'root';
$pass = '';
$dbh = new PDO('mysql:host=localhost;dbname=education', $user, $pass);
$stmt = $dbh->prepare("INSERT INTO attandance (roll_no, student_name, father_name, addhaar_no, status) VALUES (?, ?, ?, ?, ?)");
$stmt->bindParam(1, $roll_no);
$stmt->bindParam(2, $student_name);
$stmt->bindParam(2, $father_name);
$stmt->bindParam(2, $addhaar_no);
$stmt->bindParam(2, $status);
//if you insert 2 time then
for($x=0; $x<2; $x++) {
$roll_no = $_POST['roll_no'];
$student_name = $_POST['student_name'];
$father_name = $_POST['father_name'];
$addhaar_no = $_POST['addhaar_no'];
$status = $_POST['status'];
$stmt->execute();
}
?>
<?php if(isset($_POST['submit']))
{
$tadd=$_POST["tadd"]; //getting values
$pname=$_POST["pname"];
$date=$_POST["date"];
$result=mysql_query("insert into pannel(tadd,pname,date)values('$tadd','$pname','$date')");
echo "<script type='text/javascript'>
alert('Quotation Generated Successfully!')
</script>";
} ?>
<center>
<h1>Title</h1>
</center>
<form name="form" method="post" action="" onSubmit="submit;">
<center><table border="0" cellspacing="0" style="width:350px">
<tr> <td><b>To Address</td> <td><textarea name="tadd" rows="5"
cols="30"></textarea></td></tr>
<tr> <td><b>Project Name</td> <td><input type="text" name="pname" required></td></tr>
<tr> <td><b>Date</td> <td><input type="text" name="date"
id="datepicker" required></td></tr>
<tr> <td colspan="2" align="center"><input type="submit" name="submit"
value="submit"/></td> </tr></center> </table> </form>
I have one record in my database with
id tadd pname date
1 hello vvv 22/10/2014
if i insert values into database again it should data already inserted
please help me regarding this issue
You can achieve this using mysql_num_rows() which is one way to do this, which I believe the goal is to avoid duplicates.
Sidenote: You can also set your column(s) as UNIQUE to avoid duplicates.
N.B.: I used the pname column as an example. It's up to you to check which one will always be unique in regards to a username for instance.
$query = "SELECT * FROM pannel where pname = '".$pname."'";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0){
echo "Already exists.";
}
else{
mysql_query("insert into pannel (tadd, pname,date) values ('$tadd','$pname','$date')");
}
Do sanitize your data:
$tadd = mysql_real_escape_string($_POST["tadd"]);
and do the same for the others.
Even better, use mysqli with prepared statements, or PDO with prepared statements.
They're much safer, because your present code is open to SQL injection.
Footnotes:
You should get rid of onSubmit="submit;" in your form. As outlined in comments, it's not going to do anything.
Edit:
<?php
// assuming DB connection has been made.
if(isset($_POST['submit'])) {
$tadd= mysql_real_escape_string($_POST["tadd"]);
$pname= mysql_real_escape_string($_POST["pname"]);
$date= mysql_real_escape_string($_POST["date"]);
$query = "SELECT * FROM pannel where pname = '".$pname."'";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0){
echo "Already exists.";
exit;
}
else{
mysql_query("insert into pannel (tadd, pname,date) values ('$tadd','$pname','$date')");
echo "<script type='text/javascript'>alert('Quotation Generated Successfully!')</script>";
}
} // brace for if(isset($_POST['submit']))
?>
<!DOCTYPE html>
<head></head>
<body>
<center><h1>Title</h1></center>
<form method="post" action="">
<div align="center">
<center>
<table border="0" cellspacing="0" style="width:350px">
<tr> <td><b>To Address</td> <td><textarea name="tadd" rows="5" cols="30"></textarea></td></tr>
<tr> <td><b>Project Name</td> <td><input type="text" name="pname" required></td></tr>
<tr> <td><b>Date</td> <td><input type="text" name="date" id="datepicker" required></td></tr>
<tr> <td colspan="2" align="center">
<input type="submit" name="submit" value="submit"/>
</td> </tr>
</table>
</center>
</div>
</form>
</body>
</html>
I'm having a problem with registering sessions on my websites login script:
so the thing is like this, I'm working on my site with webmatrix and I worked on the same files on two different computers, also I have the site uploaded to a server. in all three cases it works just fine!
recently I created the very same working environment on a laptop I have, webmatrix + xampp mysql db - only here I found out that sessions refuse to be created, the code:
(the login page is included in the index.php page.
<?php
session_start();
$no_mail_pass_error="";
$no_user_error="";
$wrong_pass_error="";
if ($_POST['submit_login']){
$log_email = $_POST ["log_email"]; //VAR $email = to what usename has entered
$log_password = $_POST ["log_password"]; //VAR $password = to what usename has entered
$remember_me = $_POST ["remember_me"];
$log_email = strip_tags($log_email);
$log_password = strip_tags($log_password);
$log_email = mysql_real_escape_string($log_email);
$log_password = mysql_real_escape_string($log_password);
if ($log_email==""||$log_password=="") {
$no_mail_pass_error='
<div id="login_errors_div" style="display:none;">
<table border="0">
<tr>
<td>
<img src="ec_mark_25.png"/>
</td>
<td>
no mail
</td>
</tr>
</table>
<hr />
</div>
';
}
else {
$login_connect = mysql_connect ("***", "***", "***")
or die ("couldnt connect");
mysql_select_db (***) or die ("not found"); //if db was not found die
mysql_query("SET NAMES 'utf8'");
$login_query = mysql_query("SELECT * FROM users WHERE email='$log_email'"); //search for specific username entered
$login_numrows = mysql_num_rows($login_query); //check that it appears AT LEAST in ONE row
if ($login_numrows!=0) // IF IT APPEARS IN NONE - NO USER EXISTS
{
while ($row = mysql_fetch_assoc($login_query)) //Takes the whole row of the specific user and extracts all the fields
{
$dbemail = $row['email'];
$dbpassword = $row['password']; //Sets thoes fields into variables
$id = $row['id'];
$log_firstname = $row['firstname'];
$log_lastname = $row['lastname'];
}
if ($log_email==$dbemail&&md5($log_password)==$dbpassword)
{
if ($remember_me=='on') {
setcookie ("email",$email,time()+604800);
session_register('email');
$_SESSION['email']=$log_email;
session_register('id');
$_SESSION['id']=$id;
session_register('firstname');
$_SESSION['firstname']=$log_firstname;
session_register('lastname');
$_SESSION['lastname']=$log_lastname;
header ("Location: homepage.php");
}
else if ($remember_me=='') {
session_register('email');
$_SESSION['email']=$log_email;
session_register('id');
$_SESSION['id']=$id;
session_register('firstname');
$_SESSION['firstname']=$log_firstname;
session_register('lastname');
$_SESSION['lastname']=$log_lastname;
header ("Location: homepage.php");
}
}
else {
$wrong_pass_error='
<div id="wrong_pass_error_div" style="display:none;">
<table border="0">
<tr>
<td>
<img src="ec_mark_25.png"/>
</td>
<td>
wrong pass
</td>
</tr>
</table>
<hr />
</div>
';
}
}
else {
$no_user_error='
<div id="no_user_error_div" style="display:none;">
<table border="0">
<tr>
<td>
<img src="ec_mark_25.png"/>
</td>
<td>
user not found
</td>
</tr>
</table>
<hr />
</div>
';
}
}
}
?>
<form name="login_form" id="logn_form" method="post" action="index.php">
<table border="0" style="margin-left: 60px; margin-bottom: 3px;">
<tr>
<td id="login_info">mail</td>
<td id="login_info">pass</td>
<td></td>
</tr>
<tr>
<td><input id="login_input" name="log_email" type="text"/></td>
<td><input id="login_input" name="log_password" type="password"/></td>
<td><input id="login_submit" name="submit_login" type="submit" value="enter"/></td>
</tr>
<tr>
<td valign="top">
<!-- TABLE FOR REMEMBER ME -->
<table style="margin: 0px; padding:0px;"><tr>
<td>
<input name="remember_me" type="checkbox"/>
</td>
<td>remember me</td>
</tr></table>
<!-- TABLE FOR REMEMBER ME - END -->
</td>
<td valign="top"><div style="margin-top: 5px; margin-right: 5px;"><a id="forgot_password_a" href="#">forgot pass</a></div></td>
</tr>
</table>
</form>
What could be preventing the sessions from registering?
Posting my comment as an answer ;)
Check your PHP version (I believe they differ from both environments).
session_register has been deprecated as of PHP 5.3 and in PHP >= 5.4 removed. Just remove session_register and use $_SESSION['key'] = "value"; instead.
See session_register docs.
Check where PHP is saving your session data. You can find this with phpinfo() and you can change it inside php.ini. It's called session.save_path I think, and make sure that the apache user (or whatever web server) has write access to that directory.
Also look at http://php.net/manual/en/function.session-save-path.php