i got a problem with my simple cms in php.
I can get website content in an textarea and after i edited it i want to send the new edited content to the database, but thats not working.
here is my form and functions
editContent.php
<html>
<head>
<title> Basic CMS - Admin Area</title>
<h1>Admin Area Edit Content</h1>
</head>
<body>
<?php
include ('includes/functions.php');
$cont = getContent();
session_start();
if(isset($_SESSION['user'])) {
?>
<span>Logged In! Welcome <?php echo $_SESSION['user']; ?></span>
Logout
Wijzig content
Admin Home
<form action="doEditcontent.php" method="post">
<textarea name="contentarea"><?php echo $cont['content'];?></textarea><br>
Submit : <input type="submit" value="submit" />
</form>
<?php
} else {
header("Location: login.php");
}
?>
</body>
</html>
functions.php
<?php
include('includes/connect.php');
function getContent(){
$query = mysql_query("SELECT content FROM taalcontent WHERE taalid = 1 AND contentid = 1") or die (mysql_error());
return mysql_fetch_assoc($query);
echo $query;
}
function editContent($pContent) {
if(isset($pContent)){
$query = "UPDATE taalcontent SET content content = '$pContent' WHERE contendid = 1 AND taalid = 1";
} else {
echo "fout";
}
mysql_query($query);
}
doEditcontent.php
<?php
include('includes/functions.php');
if(isset($_POST['submit'])) {
if(isset($_POST['contentarea'])){
editContent($_POST['contentarea']);
header("Location: ../index.php?page=2");
} else
echo "Please enter some content!";
} else {
header("Location: ../index.php?page=1");
}
?>
Try changing
editContent($_GET['content']);
to
editContent($_POST['contentarea']);
As it is you are asking it to set the content to whatever is in the ?get parameter (which I can't see referenced anywhere else so I'm guessing its not populated with anything).
:)
You're passing the wrong argument when you call the function editContent($pContent). Also, you should define the function before it's referenced.
Try this way:
<form action="doEditcontent.php" method="post">
<textarea name="contentarea"><?php echo $cont['content'];?></textarea><br>
Submit : <input type="submit" value="submit" />
</form>
<?php
include('includes/functions.php');
function editContent($pContent) {
if(isset($pContent)){
$query = "UPDATE taalcontent SET content content = '$pContent' WHERE contendid = 1 AND taalid = 1";
} else {
echo "fout";
}
mysql_query($query);
}
if(isset($_POST['submit'])) {
if(isset($_POST['contentarea'])){
editContent($_POST['contentarea']);
header("Location: ../index.php?page=2");
} else
echo "Please enter some content!";
} else {
header("Location: ../index.php?page=1");
}
?>
Related
I have a form where people can search the database for a certain user. When they search for the user and click submit, they're re-directed to a different page and the results are displayed.
My only issue is that the results are being displayed before the required html tags - here's an example of what the page looks like through Inspect Element:
"Bobby123
"
<!DOCTYPE html>
<html>
<body>
</body>
</html>
How do I display the results AFTER the required html tags? How do I set a "set place" for the results to be displayed?
Here's my code:
<?php
if(isset($_POST['submit'])) {
$term = $_POST['search'];
$searchuser = $stmt = $con->prepare("SELECT * FROM users WHERE username LIKE :term");
$stmt->bindValue(':term', '%'.$term.'%');
$stmt->execute();
if($searchuser->rowCount() > 0) {
while($row = $searchuser->fetch()){
$name = $row['username'];
echo $name;
}
}else{
echo 'No results';
}
}
?>
<form method="post" action="results.php">
<input name="search" type="search">
<input type="submit" name="submit">
</form>
The code on results.php simply is:
<!DOCTYPE html>
<html>
<body>
</html>
If possible, I would not like to use coding like Javascript, Jquery, or anything that is run on the client side.
Instead of
if($searchuser->rowCount() > 0) {
while($row = $searchuser->fetch()){
$name = $row['username'];
echo $name;
}}else{
echo 'No results';
}
}
use
if($searchuser->rowCount() > 0) {
$content = "";
while($row = $searchuser->fetch()){
$content .= '<p>' . $row['username'] . '</p>';
}
}else{
$content = 'No results';
}
Then, in your HTML (where you want the text to display)
<HTML>
<BODY>
<?PHP echo $content; ?>
</BODY>
</HTML>
When I click form submit button session variable lost and it shows message that session is not set. I have another confusion that it has only problem when I set session of login variable or those variables which are set in other page of my site.When I set some random session variable on the top of this page it works fine and session variable does not lose anymore. I have also checked some other related links in stack overflow but nothing found solution
Here is the code of addProduct.php page
<?php
//var_dump($_SESSION);
if(!(isset($_SESSION['login']))) {
echo "session is not set";
}
else {
//header("location:index.php");
echo "session is set";
//$user_email=$_SESSION['user_email'];
?>
<html>
<body>
<form action="addproduct.php" method="post">
<input type="text" name="name" value="">
<input type="submit" name="submit" value="submit">
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
$name = $_POST['name'];
// $_SESSION['user_email']=$_SESSION['user_email'];
echo $name;
}
?>
<?php }
?>
Code of index.php (header file) page from where I get into this page
<?php
session_start();
include("db.php");
?>
<html xmlns="http://www.w3.org/1999/html" xmlns="http://www.w3.org/1999/html">
<head>
<title>Home</title>
</head>
<body>
Home</br></br>
<?php if(isset($_SESSION['login']) ) {
if($_SESSION['user_status']=="admin")
{
?>
Post an Ad</br></br>
<?php }
}
?>
<?php if(isset($_SESSION['user_fname']) && isset($_SESSION['user_lname']) && isset($_SESSION['user_email']))
{
?>
<?php echo $_SESSION['user_fname'] . " " . $_SESSION['user_lname'] . " " . $_SESSION['user_status']; ?></br></br>
<?php
}
else
{
?>
Login</br></br>
SignIn</br></br>
<?php }
if(isset($_SESSION['user_fname']) && isset($_SESSION['user_lname']) && isset($_SESSION['user_email']))
{
?>
Logout</br></br>
<?php }
?>
<div id="content">
<?php
if(isset($_GET['page']))
{
$p=$_GET['page'];
$page = $p . ".php";
//echo $page;
if(file_exists($page))
{include($page);
}
elseif($page=="")
echo "this is home page";
else
{echo "Not found";}
}
else
{
include ("showAds.php");
}
?>
</div>
</body>
</html>
Code of login.php
<?php
session_start();
if(isset($_SESSION['user_fname']) && isset($_SESSION['user_lname']) && isset($_SESSION['user_email'])) {
header("location:index.php");
exit();
}
else
{
?>
<html>
<head><title>Login</title></head>
<body>
<form action="login.php" method="post">
<input type="email" name="user_email" placeholder="USER EMAIL" REQUIRED>
<input type="password" name="user_password" placeholder="USER PASSWORD" REQUIRED>
<input type="submit" name="Go" value="SUBMIT!" placeholder="USER NAME" REQUIRED>
</br></br>SignIn with new account</br>
</form>
<?php
include("db.php");
/*if(isset($_POST['Go'])) { SIGNUP
$user_name = $_POST['user_name'];
$user_password = $_POST['user_password'];
$user_email = $_POST['user_email'];
echo $user_name . "<br>";
echo $user_email . "<br>";
echo $user_password . "<br>";
$sql = "INSERT INTO user(user_name,user_email,user_password) VALUE ('$user_name','$user_email','$user_password')";
if(mysqli_query($conn,$sql))
{
echo "stored";
header("location:http://localhost/window.php");
}
else
{
die(mysqli_error($sql));
}
}*/
if(isset($_POST['Go']))
{
$user_email = $_POST['user_email'];//real_escape_string
$user_password = $_POST['user_password'];
$login_query="SELECT * FROM user WHERE user_email='$user_email' AND user_password='$user_password'";
$run=mysqli_query($conn,$login_query);
if(mysqli_num_rows($run)>0)
{
$res = mysqli_query($conn, "SELECT * FROM ecommerce.user WHERE user_email='$user_email'");
while ($record = mysqli_fetch_array($res)) {
$_SESSION['user_fname']=$record['user_fname'];
$_SESSION['user_lname'] = $record['user_lname'];
$_SESSION['user_status'] = $record['user_status'];
$_SESSION['user_id'] = $record['user_id'];
$_SESSION['user_password'] = $record['user_password'];
}
$_SESSION['user_email']=$user_email;
$_SESSION['login']="true";
//echo $_SESSION['user_fname'] . $_SESSION['user_lname'];
header("location:index.php");
exit();
}
else
echo "<p style='color: red; margin-top: -28px;'>User name or password incorrect</p>";
}
?>
</body>
</html>
<?php }?>
This error you showed in your other question which was marked as an exact duplicate of this one:
Notice: A session had already been started - ignoring session_start() in C:\xampp\htdocs\ecommerce\showAds.php on line 2
Your showAds.php page which you didn't include, (most likely) contains session_start(); and it should be removed from inside that file.
index.php has an include and session_start();
else
{
include ("showAds.php");
}
So one of your if statements failed.
That is why you're getting that error.
All pages using sessions require that session_start(); be included and should be the first line of your script, which isn't shown in addProduct.php.
Also make sure you're not outputting before header. If you are, consult the following on how to fix it:
How to fix "Headers already sent" error in PHP
Add error reporting to the top of your file(s) which will help find errors.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// Then the rest of your code
Sidenote: Displaying errors should only be done in staging, and never production.
You have to add session_start(); in your addProduct.php to be able to access session contents!
I have multiple pages in php. What i want is when you click the back button and you're logged out, that certain page will not display. Say, i clicked home, then logged out, display log in form and when back button on the browser is pressed, it will say you're logged out. I tried session destroy, clear cookies but it doesn't seem to work(or I'm doing it wrong). I am new to php and I am still in the process of learning it. Do you have any suggestions? O.O I have my code here:
here is my index.php
<?php
require 'core.inc.php';
if(isset($_SESSION['user'])&&!empty($_SESSION['user'])){
include 'home.php';
$html_block1 = "<script language='javascript'>
alert('Welcome');
</script> ";
echo $html_block1;
}else{
include 'loginform.inc.php';
}
?>
then my loginform
<?php
if (isset($_POST['user']) && isset($_POST['pass']) && !empty($_POST['user'])&& !empty($_POST['pass'])) {
$_username = $_POST['user'];
$_password = $_POST['pass'];
$_passwordhash = md5($_password);
$_file = 'password.txt';
$handle = fopen($_file,'r');
$_pass_from_file =fread($handle,1024);
trim($_pass_from_file);
if($_username == 'il' && ($_passwordhash == $_pass_from_file)){
$_SESSION ['user'] = $_username;
header('Location: index.php');
} else {
$html_block1 = "<script language='javascript'>
alert('Incorrect password');
</script> ";
echo $html_block1;
}
fclose($handle);
} else {
unset($_username);
}
?>
<form class="form" method ="POST" type="loginform.inc.php" >
<input type="text" placeholder="Username" name ="user" >
<input type="password" placeholder="Password" name = "pass" >
<input type = "submit" value = "Login">
<input type = "submit" value = "Change password" name = "change">
</form>
my core
<?php
ob_start();
session_start();
clearstatcache();
?>
home
<?php
echo 'Hi! you\'re home<br>';
echo 'please click link to next page<br>';
echo 'logout???';
?>
other page
<?php
echo "Hi<br>";
echo '<a href = logout.php>logout?</a>'
?>
and my log out
<?php
session_destroy();
header('Location: loginform.inc.php');
ob_flush();
?>
Suggestions or edits are welcome. Thanks a lot!
hello i have simple problem with my functions there is 2 codes :
i need when i put the right input answer echo $row['answer']; and sucess in next code.
it means i need when $_POST['answer'] = $row['answer']; echo my password
can someone help me with if cond.
this code is working perfect :
<?php
$username = $_POST['username'];
include('config.php');
$result = mysqli_query($con,"SELECT * FROM persons WHERE username='$username'");
while($row = mysqli_fetch_array($result)){
echo $row['username'];
echo "</br>";
echo "</br>";
echo "<p><b>Secret Question</b></p>";
echo $row['secret'];
$freeanswer = $row['answer'];
}
?>
code problem in same page :
</br>
</br>
<form action="" method="POST">
<p><b>Answer is :</b><p>
<input type="text" name="answer">
</br>
</br>
<input type="Submit" value="Submit">
</form>
</div>
<?php
$anme = $_POST['answer'];
if ($anme==$freeanswer) {
echo "sucess";
} else {
echo "wrong";
}
?>
Do you have problem sending the data?
If you want to post the form data to the same page you could use this:
<form action="<?php echo $_SERVER['REQUEST_URI'];?>" method="post">
And this code will catch whatever you posted. (Put it in the same page as the form)
<?php
if(isset($_POST['answer'])) {;
if($name==$freeanswer) {
echo "success";
} else {
echo "wrong";
}
} else {
// Just for testing
var_dump("No data sent yet");
}
?>
Where is the $freeanswer variable declared in the second code?
This if statement is failing cause there is no $freeanswer declared.
$anme = $_POST['answer'];
if ($anme==$freeanswer) { ..
I see you declared it in first code but I dont see it in the second code..
EDIT :
Actually I didn't see It's all the same code. But still the problem is $freeanswer cause It's not declared in public scope It's only in the scope of while loop
Try declaring / writing this line of code here :
$username = $_POST['username']; // Near this line
$freeanswer = ""; // Declare this here
You should put a name to submit button, and the check the existence of $_POST['name_of_button'];
This is a dirty example I wrote quickly so you can get the idea, I didn't test it
<?php
// if the button has not been sent show the form
if(!isset($_POST['submit'])) {
?>
<form action="/test.php" method="POST">
<p><b>Answer is :</b><p>
<input type="text" name="answer">
</br>
</br>
<input type="Submit" value="Submit" name="submit">
</form>
</div>
<?php
// otherwise means the form has been sent, show the password or wrong
} else {
include('config.php');
$result = mysqli_query($con,"SELECT * FROM persons WHERE username='$username'");
$row = mysqli_fetch_array($result);
if($row) {
if($row['answer'] == $_POST['answer']) {
echo 'your password is ' . $row['password'];
} else {
echo 'wrong!';
}
}
}
I have a page with a who does a post to the same page. I want that page to be refreshed with new data after a succesful database INSERT.
Let me add some code.
default.php
<?php
session_start();
require("dbconfig.php");
include("head.php");
//if user is not signed in, redirect to login page
if (!isset($_SESSION['sess_user']) ) {
header ("Location: login.php");
exit;
}
?>
<body>
<div id="menu">
<?php
include("menu.php"); //include the menu
?>
</div>
<div id="page_content">
<?php
include ($p); //Include selection from menu.php
?>
</div>
?>
dbconfig.php
<?php
DEFINE ('DB_USER', 'someuser');
DEFINE ('DB_PASSWORD', 'somepassword');
DEFINE ('DB_HOST', 'localhost');
DEFINE ('DB_NAME', 'somedatabase');
$connection = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD) or
die('Connection to the specified database couldn\'t be established');
mysql_select_db(DB_NAME) or
die ('Specified database couldn\'t be selected');
function db_escape ($post)
{
if (is_string($post) ) {
if (get_magic_quotes_gpc() ) {
$post = stripslashes($post);
}
return mysql_real_escape_string ($post);
}
foreach ($post as $key => $val) {
$post [$key] = db_escape($val);
}
return $post;
}
?>
page/cities.php
<?php
//if not signed in correctly, redirect to login page
session_start();
if (!isset($_SESSION['sess_user']) ) {
header ("Location: login.php");
exit;
}
?>
<h2>Available cities</h2>
<?php
//List all available cities from database
$cities_query = "SELECT city_name FROM city_selection";
$cities_result = mysql_query($cities_query);
while ($row = mysql_fetch_assoc($cities_result)) {
echo $row['city_name'] . "<br />";
}
?>
<?php
//Add new city to list
if(isset($_POST['submit'])){
$city_name = $_POST['city_name'];
$query="INSERT into city_selection (city_name) values ('$city_name')";
$result = mysql_query($query);
}
?>
<hr>
<h2>Add new city</h2>
<form method="post" action="default.php?p=settings_cities">
Namn: <input type="text" name="city_name">
<input type="submit" name="submit" value="Add city">
</form>
This code may not be pretty but it works. It succesfully adds a new record to the database however I want the page/cities.php to be refreshed with my ny record after the post. Is this possible?
Let me add that this i my first ever php page. I've only read some books so don't bash me for beeing a bad programmer :)
Yes, just move your insert part to above your select part.
page/cities.php
<?php
//if not signed in correctly, redirect to login page
session_start();
if (!isset($_SESSION['sess_user']) ) {
header ("Location: login.php");
exit;
}
//Add new city to list
if(isset($_POST['submit'])){
$city_name = $_POST['city_name'];
$query="INSERT into city_selection (city_name) values ('$city_name')";
$result = mysql_query($query);
}
?>
<h2>Available cities</h2>
<?php
//List all available cities from database
$cities_query = "SELECT city_name FROM city_selection";
$cities_result = mysql_query($cities_query);
while ($row = mysql_fetch_assoc($cities_result)) {
echo $row['city_name'] . "<br />";
}
?>
<hr>
<h2>Add new city</h2>
<form method="post" action="default.php?p=settings_cities">
Namn: <input type="text" name="city_name">
<input type="submit" name="submit" value="Add city">
</form>
You can also refresh a page with javascript :
<script type="text/javascript">
document.location = "URL"
</script>
Read up on the Post-Redirect-Get pattern, and redirect the browser to the same page after saving the record. The redirect should be done through PHP's header function.
As your code works now, someone refreshing through F5 will insert the same value again... P-R-G avoids this problem.
Just do the
if(isset($_POST['submit'])){
//yada yada
before you do the select