I'm making a website project for school which requires a log in page. I already have the PHP set up to write to the database, that works no problem. My new problem is that nothing will actually read from the database. I am testing on my localhost, connection is fine. My error I receive is that the email is incorrect, when in fact it is valid. Hopefully you guys can pick up on an easy problem for me! Thanks!
PHP:
<?php
//Setup our DB connection
include('../../connect/local-connect.php');
// Get the user entered elements
$email = $_POST['email'];
$pword = $_POST['password'];
// email query
$query = "SELECT email FROM project WHERE email = '$email'";
//Run email query
$result = mysqli_query($dbc, $query) or die('Read error - email');
// # of results
if (mysqli_num_rows($result) == 0)
{
header('Location:login.php?logerror=1');
exit;
}
//If we got here, we have validated the email
// Build the username query
$query = "SELECT * FROM project WHERE email = '$email' AND password = '$pword'";
// Run the password query
$result = mysqli_query($dbc, $query) or die('Read error - password');
// Did we get a row?
if (mysqli_num_rows($result) == 0)
{
header('Location:login.php?logerror=2');
exit;
}
// If we got here, we have validated an email and password combo.
// Close the DB connection
mysqli_close ($dbc);
// Start a PHP session
session_start();
//Get and store our session variables
$row = mysqli_fetch_array($result);
$_SESSION['sname']=$row['name'];
header('Location:custwelcome.php');
exit;
// Pass a '3' back to login.php for testing (Keep this code at the bottom!)
header('Location:login.php?logerror=3');
exit;
?>
HTML:
<!DOCTYPE html>
<!--
XXXX
login.php
-->
<?php
// Start a PHP session
session_start();
// Check to see if user is already logged in
if(isset($_SESSION["sname"]))
{
header('Location:custwelcome.php');
exit;
}
?>
<html lang="en">
<head>
<!-- Meta tag -->
<meta name="robots" content="noindex.nofollow" />
<meta charset="utf-8" />
<!-- Link tag for CSS -->
<link type="text/css" rel="stylesheet" href="../stylesheet/project.css" />
<!-- Javascript tags -->
<script type="text/javascript" src="../js/messages.js"></script>
<!-- Web Page Title -->
<title>Login Page</title>
</head>
<body>
<div id="header">
<img src="../images/logo.png" alt="Logo" />
<p class="sh1">Shoe Source Unlimited</p>
<p class="sh2">Your source for lightning sales of this season's hot shoes! </p>
<p class="sh3">LeAndra Marx</p>
</div>
<div id="navbar">
<ul id="nav">
<li>
Home
</li>
<li>
Men's
<ul>
<li>Sneakers</li>
<li>Loafers</li>
<li>Athletic</li>
</ul>
</li>
<li>
Women's
<ul>
<li>Boots</li>
<li>Heels</li>
<li>Sandals</li>
</ul>
</li>
<li>
About Us
</li>
<li>
Sign Up
</li>
<li>
Log In
</li>
</ul>
</div>
<div id="external">
<p>
<a href="https://twitter.com/XXXXX" onclick="window.open(this.href); return false;">
<img src="../images/twitter.jpg" alt="twitter" />
</a>
</p>
<p>Follow us on Twitter!</p>
<br/>
<p>
<a href="http://www.facebook.com/ShoeSourceUnlimited" onclick="window.open(this.href); return false;">
<img src="../images/facebook.png" alt="facebook" />
</a>
</p>
<p>Like us on Facebook!</p>
<br/>
<a href="email/projectem.htm">
<img src="../images/email.jpg" alt="pinkemail" />
</a>
<p> Send us an email!</p>
</div>
<div id="main">
<p>Sign in below to start making purchases!</p>
</div>
<p id="registered"> Don't have an account? Sign up here!
<div id="userform">
<p class="fh">Log In Here</p>
<form id="loginform" action="logincheck.php" method="post">
<?php
// Check return codes from logincheck.php
if ($_GET["logerror"] == 1)
{
echo '<p class="loginerror">Invalid Email!</p>';
}
if ($_GET["logerror"] == 2)
{
echo '<p class="loginerror">Invalid Password!</p>';
}
if ($_GET["logerror"] == 3)
{
echo '<p class="loginerror">Returned from logincheck</p>';
}
?>
<p>
<!--Email -->
<label for="email">Email:</label>
<input type="email" id="email" name="email" required autofocus
title="Email: 6-59 characters, lowercase, valid email only!"
pattern="[a-z0-9.-_]+#[a-z0-9-]+\.[a-z]{2,6}"
maxlength="60"
onfocus="emailmsg()" />
<br />
<!--Password -->
<label for="password">Password:</label>
<input type="password" id="password" name="password" required
title="Password: 5-15 characters, U/L, 0-9, . - _ ! $ only!"
pattern="[a-zA-Z0-9.-_!$]{5,15}"
onchange="form.reenter.pattern=this.value;"
onfocus="passmsg()"/>
<br />
<!-- Build buttons so that they are consistent throughout the site
never use get method for confidential data-->
<p class="submit">
<input type="submit"
value=" Log In! "
onfocus="signmsg()"/>
<span class="reset">
<input type="reset" value=" Clear " onclick="history.go(0)"
onfocus="clearmsg()"/>
</span>
</p>
</form>
</div>
<div id="messages">
<p></p>
</div>
<div id="footer">
<p>
©2014, XXXX
</p>
</div>
</body>
</html>
Let me know if any more files need to be looked at I just figured the issue lay in these two files.
MY SOLUTION: All I did was change my table name and it somehow started to work. So that's good, I guess! Thanks to everyone who tried to help :)
is your database connection ok? at first check is connection establish perfectly.
an on top of database connection file please on error reporting to find out error
error_reporing(E_ALL);
ini_set('display_errors',1);
and after database connection use following syntax.. you will get all if any failure in connection
mysql_connect('host','username','password') OR die(mysql_error());
mysql_select_db('dbName') OR die(mysql_error());
<?php
$con=mysqli_connect("host","username","password","my_db");
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
?>
for mysqli
Related
I am new to PHP and I am trying to develop a simple login system where it echoes a success message and redirects to a secure page and when details are wrong, it echoes an error message and reloads the login form.
I have been trying to for a while now and cannot figure it out, even though I have some functionality in terms of it directing to the correct page.
My database on PhpMyAdmin is correctly configured. Also, any help on sessions would be greatly appreciated.
PHP CODE:
<?php
$servername = "localhost";
$username = "root";
$password = "cornwall";
$con=mysqli_connect('localhost','root','cornwall','ibill');
// This code creates a connection to the MySQL database in PHPMyAdmin named 'ibill':
$username = $_POST['username'];
$password = $_POST['password'];
//These are the different PHP variables that store my posted data.
$login="SELECT * FROM users WHERE username='$username' AND password='$password'";
$result=mysqli_query($con, $login);
$count=mysqli_num_rows($result);
//This is the query that will be sent to the MySQL server.
if($count==1)
{
header('Location: http://localhost/projects/ibill_v3/html/main.html#home');
exit();
}
//This checks the 'user_details' database for correct user registration details and if successful, directs to home page.
else {
header('Location: http://localhost/projects/ibill_v3/html/loginform.html');
echo "Wrong details";
exit();
}
//If login details are incorrect
/** Error reporting */
error_reporting(E_ALL);
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
?>
HMTL CODE
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="viewport" content="width=device-width, initial-scale=1; minimum-scale=1;">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<link rel="stylesheet" href="http://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.min.css">
<link href="/projects/ibill_v3/css/mainstyles.css" rel="StyleSheet"/>
<link href="/projects/ibill_v3/css/loginform.css" rel="StyleSheet"/>
<script src="http://code.jquery.com/jquery-1.11.3.min.js"></script>
<script src="http://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.min.js"></script>
<script src="script.js"></script>
<script type='text/javascript' src="http://ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js"></script>
<script type='text/javascript'>
$(document).on('pageinit', function(){
$('.loginform').validate({ // initialize the plugin
// rules & options
});
});
</script>
</head>
<body>
<!--********************************LOGIN FORM PAGE**********************************************-->
<!--****************************************************************************************-->
<!--********************************HEADER**********************************************-->
<div data-role="page" id="loginform">
<div data-role="header" data-id="foo1" data-position="fixed">
<h1>Register</h1>
</div>
<!--********************************HEADER**********************************************-->
<!--********************************MAIN**********************************************-->
<div data-role="main" class="ui-content">
<img class="mainlogo" src="/projects/ibill_v3/img/ibill logo.png" alt="iBill Logo" width="250" height="190">
<h2>Sign in</h2>
<section class="loginform">
<form data-ajax="false" method="POST" action="loginform.php" >
<ul>
<li>
<label for="username">Username</label>
<input type="text" name="username" id="username" class="required" minlength="5" placeholder="enter username (min-5 characters)">
</li>
<li>
<label for="password">Password</label>
<input type="password" name="password" placeholder="enter password" minlength="6">
</li>
<div id="loginformbutton">
<button class='active' type='submit' value='submit'>Sign in</button>
</div>
<p>Don't have an account? Sign up!</p>
<div id="registerbutton">
Register
</div>
</ul>
</form>
</section>
</div>
<!--********************************MAIN**********************************************-->
<!--********************************FOOTER**********************************************-->
<div data-role="footer">
<footer class="footer">
<p>awilliams©</p>
</footer>
</div>
</div>
<!--********************************END OF LOGIN FORM PAGE**********************************************-->
<!--****************************************************************************************-->
</body>
...
else
{
header('Location: http://localhost/projects/ibill_v3/html/loginform.html');
echo "Wrong details";
exit();
}
The above is going to redirect before your echo statement is reached, so nothing will be displayed.
Secondly, the following line:
<form data-ajax="false" method="POST" action="loginform.php" > will not send any data back to your file containing the form if you're using echo statements. It is going to redirect to the loginform.php and will stay there if you do not explicitly redirect back the page with your form.
Instead, use:
<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?> as your form's action. And then include your loginform.php somewhere before the form in your HTML.
This is going to send data back to the form's file and replaces special characters to HTML entities (for security), it also allows you to use echo's or variables to return messages to the user.
loginform.php will need to check if specific inputs are posted:
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
if($_POST['username'] && $_POST['password'])
{
//do work
}
}
Here is a basic php form tutorial to start you off: php tutorial
I think it's because your redirecting to the same page with no post. I didn't look through all the code, that is just my first stab at it
This will not appear on loginform.html:
echo "Wrong details";
Use something like:
$_SESSION['errorMessage'] = "Wrong details";
header('Location: http://localhost/projects/ibill_v3/html/loginform.html');
exit();
And then on loginform.html, add this code to display the error message:
if(isset( $_SESSION['errorMessage'])) echo $_SESSION['errorMessage'];
I created a login form that should direct the user to the page after sending the form but it just shows me a blank page
with a link of **http://localhost/Cisu/AccHolder/holderlogin.php
Login Form
<?php
session_start();
?>
<!DOCTYPE html>
<html >
<head>
<title>Login</title>
<link type="text/css" rel="stylesheet" href="css/login.css">
</head>
<body>
<form method="" action="holderlogin.php">
<div class="container">
<div class="profile">
<button class="profile__avatar" id="toggleProfile">
<img src="images/sbma.png" alt="Avatar" />
</button>
<div class="profile__form">
<div class="profile__fields">
<div class="field">
<input type="text" id="user" name="user" class="input" required pattern=.*\S.* />
<label for="username" class="label">Username</label>
</div>
<div class="field">
<input type="password" id="pass" name="pass" class="input" required pattern=.*\S.* />
<label for="password" class="label">Password</label>
</div>
<div class="profile__footer">
<input id="Submit" name="Submit "type = "Submit" class="btn"/>
</div>
</div>
</div>
</div>
</div>
<script src="javascript/login.js"></script>
</form>
</body>
</html>
holderlogin.php
<?php
ob_start();
session_start();
include('dbconn.php');// Database connection and settings
// checking the user
if(isset($_POST['Submit'])){
$user = mysqli_real_escape_string($con,$_POST['user']);
$pass = mysqli_real_escape_string($con,$_POST['pass']);
$sel_user = "select * from tbl_accholder where accholder_Username='$user' AND accholder_Password='$pass'";
$run_user = mysqli_query($con, $sel_user);
$check_user = mysqli_num_rows($run_user);
if($check_user==1){
while ($row = mysqli_fetch_array($run_user)) {
$run_ID = $row['accholder_ID'];
$run_user = $row['accholder_Username'];
}
$_SESSION['accholder_Username']= $user;
$_SESSION['accholder_ID']= $run_ID;
header( 'Location: MainMenu.php');
} else
echo "please wait while redirecting...";
echo "<script> alert('Log-In Failed!'); </script>";
echo "<script> document.location.href = 'Login.php' </script>";
ob_end_flush();
}
?>
You are checking whether $_POST['Submit'] is set.
However, in your form, the name attribute is Submit with an extra space:
<input id="Submit" name="Submit "type = "Submit" class="btn"/>
This might be the cause of the problem, since you said it shows me a blank page.
also - you have no method listed for your form, but are checking the $_POST array to check for "Submit". It should be:
<form method="POST" action="holderlogin.php">
Don't know if its causing your problem, but you have a leading space before the php declaration - this can be cause problems to the php rendering if you are setting header requests later in the code - there can be no characters rendered before the header request.
<?php
also you list the action of the form as "holderlogin.php"
but list the name of the file as "Holderlogin.php" - this might just be a typo when entering the code here but worth checking.
I am trying to set up a contact form at:
http://48hrcodes.com/contact.php
however I am trouble getting it to work.
Here is the code I am using:
<?php
/**
* Change the email address to your own.
*
* $empty_fields_message and $thankyou_message can be changed
* if you wish.
*/
// Change to your own email address
$your_email = "";
// This is what is displayed in the email subject line
// Change it if you want
$subject = "48hrcodes contact form";
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>";
// This is displayed when the email has been sent
$thankyou_message = "<p>Thank you. Your message has been received.</p>";
// You do not need to edit below this line
$name = stripslashes($_POST['txtName']);
$email = stripslashes($_POST['txtEmail']);
$message = stripslashes($_POST['txtMessage']);
if (!isset($_POST['txtName'])) {
?>
<html lang="en">
<head>
<link href='https://fonts.googleapis.com/css?family=Droid+Sans:400,700' rel='stylesheet' type='text/css'>
<link href='https://fonts.googleapis.com/css?family=Oswald' rel='stylesheet' type='text/css'>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<link rel="stylesheet" href="css/style.css">
<title>Free 48hr Xbox Live Gold Codes</title>
</head>
<body>
<div id="content">
<div id="c1"> <center>
<header id="nav">
<ul>
<li>Home</li>
<li>Get Your Code</li>
<li>Testimonials and Proof</li>
<li>Frequently Asked Questions</li>
<li>Contact Us</li>
</ul>
</header>
<img class="clear" src="img/grab3.png" alt="header">
</center>
<form class="form" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
<p class="name">
<input type="text" name="txtName" id="name" placeholder="John Doe" />
<label for="name">Name</label>
</p>
<p class="email">
<input type="text" name="txtEmail" id="email" placeholder="mail#example.com" />
<label for="email">Email</label>
</p>
<p class="text">
<textarea name="txtMessage" placeholder="Write something to us" /></textarea>
</p>
<p class="submit">
<input type="submit" value="Send" />
</p>
</form>
<div id="cttxt">
<h3>
Contact Us
</h3>
<p>
Simply send us message using the contact form to the left and we will get back to you within 24-48 hours.
</p>
</div>
<center>
<footer>
© 48hrcodes.com 2013 - site by ollie rex
</footer>
</div></center>
</div>
</body>
</html>
<?php
}
elseif (empty($name) || empty($email) || empty($message)) {
echo $empty_fields_message;
}
else {
// Stop the form being used from an external URL
// Get the referring URL
$referer = $_SERVER['HTTP_REFERER'];
// Get the URL of this page
$this_url = "http://".$_SERVER['HTTP_HOST'].$_SERVER["REQUEST_URI"];
// If the referring URL and the URL of this page don't match then
// display a message and don't send the email.
if ($referer != $this_url) {
echo "You do not have permission to use this script from another URL, nice hacking attempt moron.";
exit;
}
// The URLs matched so send the email
mail($your_email, $subject, $message, "From: $name <$email>");
// Display the thankyou message
echo $thankyou_message;
}
?>
I get errors at the top of the page, as well as when i submit the form, the email i get only has the messagebox text, not the name or email.
I have tried everything i could think of, however it still fails to send anything except the msg variable.
Thanks :)
change
$name = stripslashes($_POST['txtName']);
$email = stripslashes($_POST['txtEmail']);
$message = stripslashes($_POST['txtMessage']);
To,
$name = (isset($_POST['txtName']))?stripslashes($_POST['txtName']):"";
$email = (isset($_POST['txtEmail']))?stripslashes($_POST['txtEmail']):"";
$message = (isset($_POST['txtMessage']))?stripslashes($_POST['txtMessage']):"";
To avoid the warnings at the top.
Use
like this
if(isset($_POST['txtName'])
{
$name = stripslashes($_POST['txtName']);
}
Below is my code(jquery mobile and php) I am trying to insert into the database and also echo the following message (pls fill all field and registration complete) that is if the user complete the field or not the following message show display but non of it is working with my jquery mobile code and it is working with my normal site how can I fix this I will appreciate it if you work on my code thank you
<?php
$db= “user”;
$connect = mysql_connect(“localhost“, “alluser”, “six4”)or die(“could not connect”);
Mysql_select_db($db) or die (“could not select database”);
If (isset($_POST['submit'])){
If(empty($_POST['name']) OR empty($_POST['email']) OR empty($_POST['add'])){
$msg = 'pls fill all field';
$name = ($_POST['name']);
$email = ($_POST['email']);
$address = ($_POST['add']);
mysql_query(“INSERT INTO people (Name, Email, Address”) VALUES ('$name, $email, $address')”) or die (mysql_error());
$msg='registration complete ';
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Home</title>
<link rel="stylesheet" href="css/jquery.mobile-1.0a1.min.css" />
<script src="js/jquery-1.4.3.min.js"></script>
<script src="js/jquery.mobile-1.0a1.min.js"></script>
</head>
<body>
<div data-role="page">
<div data-role="header">
<h1>User</h1>
</div>
<div data-role="content">
<?php echo “$msg”; ?>
<form name=“form” action=“” method=“post”>
<label for=“name”>Name</label>
<input type=“text” name=“name” />
<label for=“email”>Email</label>
<input type=“text” name=“email” />
<label for=“address”>Address</label>
<input type=“text” name=“add” />
<input type=“submit” name=“submit” value=“Submit” />
</form>
</div>
<div data-role="footer">
<h4>Page Footer</h4>
</div>
</div>
</body>
</html>
Check your brace positions after your if statements. You check for empty values, but you don't alter the program flow in a meaningful way if you find them.
Also, replace your curly quotes with real quotes. And check for SQL injection. And double-check your MySQL call. You'll get an error from PHP before you'll ever get $msg echoed, based on the way things are written.
Was hoping for some fresh eyes on this. I've got a page which will add a new event to a database. All 3 fields are required, so if they are empty when the submit button is pushed the error message should appear. Anyone know why it isn't showing the error message? Thanks in advance!
Here's the code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>ADMIN - Repetative Strain Injury UK</title>
<meta http-equiv="content-type" content="application/xhtml; charset=utf-8" />
<link href="/iis_project/view/css/mycss.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div class="container">
<!-- wrapper div for positioning -->
<div class="grid10 first" id="header">
<!-- Header Section -->
<img src="/iis_project/view/img/banner.jpg" alt="RSI UK Banner" width="1090" height="75"/>
</div>
<div class="grid11 first" id="date">
<!-- Date Section -->
<?php
include ("date.php");
?>
</div>
<div class="grid2 first" id="col1">
<!-- Left column Section -->
<h1>Navigation</h1>
<p>
<strong>Home</strong>
</p>
<p>
<strong>About Us</strong>
</p>
<p>
<strong>Register</strong>
</p>
<p>
<strong>Log In</strong>
</p>
<p>
<strong>Events</strong>
</p>
<p>
<strong>Acknowledgements</strong>
</p>
</div>
<div class="grid6" id="col2">
<!-- Middle column Section -->
<h1>New Event</h1>
<p>
As an admin you have the right to create a new event. Simply fill out the form below and hit submit.
</p>
<?php
// creates the new record form
// since this form is used multiple times in this file, I have made it a function that is easily reusable
function renderForm($name, $date, $location, $error22)
{
?>
<?php
// if there are any error22s, display them
if ($error22 != '') {
echo '<div style="padding:4px; border:1px solid red; color:red;">' . $error22 . '</div>';
}
?>
<form action="" method="post">
<div>
Name:
<input type="text" name="name" value="<?php echo $name;?>" />
<br/>
Date:
<input type="text" name="date" value="<?php echo $date;?>" />
<br/>
Location:
<input type="text" name="location" value="<?php echo $location;?>" />
<br/>
<input type="submit" name="submit_event" value="Submit">
</div>
</form>
<?php
}
// connect to the database
include ("home_connection.php");
// check if the form has been submitted. If it has, start to process the form and save it to the database
if (isset($_POST['submit']))
{
// get form data, making sure it is valid
$name = mysql_real_escape_string(htmlspecialchars($_POST['name']));
$date = mysql_real_escape_string(htmlspecialchars($_POST['date']));
$location = mysql_real_escape_string(htmlspecialchars($_POST['location']));
// check to make sure all fields are entered
if ($name == '' || $date == '' || $location == '')
{
// generate error22 message
$error22 = 'error22: Please fill in all required fields!';
// if either field is blank, display the form again
renderForm($name, $date, $location, $error22);
}
else
{
// save the data to the database
mysql_query("INSERT events SET name='$name', date='$date', location='$location'")
or die(mysql_error22());
// once saved, redirect back to the view page
header("Location: login_success_admin.php");
}
}
else
// if the form hasn't been submitted, display the form
{
renderForm('','','','');
}
?>
</div>
<div class="grid2" id="col3">
<!-- Right column Section -->
<h1>Newsletter</h1>
<h2>Sign up to our newsletter:</h2>
<?php
include ("newsletter.php");
?>
</div>
<div class="grid10 first" id="footer">
<!-- Footer Section -->
<p>
Repetative Strain Injury UK © West Street, Jubille Way, Leeds, LS6 3QW. Email: info#rsiuk.org
Tel: 0113 658102. Reg charity no: 1032941
</p>
</div>
</div> <!-- end container -->
</body>
</html>
You have the submit name as "submit_event"
So you must use
if (isset($_POST['submit_event'])) {
.
.
.
}
Hope it helps
Try adding
<input type="hidden" name="submit" value="1" />
to your form. The $_POST array does not have a 'submit' value in the code you have provided, so it's just going to display the form again.