I am trying to find a way to check whether there is a session. And if there isn't, redirect back to the start.php page.
These are the pages I have made.
start.php
<form action="form.php" method="post">
<p>Please enter your name to continue:</p>
<input type="text" name="name" id="name" />
<input type="submit" name="enter" id="enter" value="Enter" />
</form>
form.php
Above the head:
<?php session_start(); ?>
In the body:
<?php
if(isset($_POST['enter'])){
if($_POST['name'] != ""){
$_SESSION['name'] = stripslashes(htmlspecialchars($_POST['name']));
}
}
$name = $_SESSION['name'];
echo $name;
?>
Attempt
I have putting this above the head of the form (along with what is there now) but it just keeps me on the start.php page
<?php
if (!isset($_SESSION["name"]))
{
header("location: start.php");
}
else{
}
?>
more info
So currently if there is no session and I enter form.php it will redirect me to start.php. But if there is a session it will stay on form.php.
But if I start on start.php and submit the form (creating the session and moving to form.php) it will straight away redirect me back to start.php (the same page)?
code of the two pages in full:
start.php
<?php session_start(); ob_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Untitled Document</title>
<script type="text/javascript" src="http://code.jquery.com/jquery-1.8.2.js"></script>
</head>
<body>
<form action="deletethis.php" method="post">
<p>Please enter your name to continue:</p>
<input type="text" name="name" id="name" />
<input type="submit" name="enter" id="enter" value="Enter" />
</form>
</body>
</html>
form.php
<?php
session_start();
if (!isset($_SESSION["name"]))
{
//header("location: delete1.php");
die('<meta http-equiv="refresh" content="0;URL='.'delete1.php'.'" />');
}
else{
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Untitled Document</title>
</head>
<body>
<?php
if(isset($_POST['enter'])){
if($_POST['name'] != ""){
$_SESSION['name'] = stripslashes(htmlspecialchars($_POST['name']));
}
}
$name = $_SESSION['name'];
echo $name;
?>
</body>
</html>
What I have decide to do instead
if (strlen($name) <1){
echo '<script> window.location.replace("delete1.php");</script>';
}
You need to add
<?php session_start(); ?>
on each page in the very beginning..
So, the code should be like this
<?php
session_start();
if (!isset($_SESSION["name"]))
{
//header("location: delete1.php");
die('<meta http-equiv="refresh" content="0;URL=\'delete1.php\'" />');
}
else{
}
?>
Related
php code for adding html table dyanamically is given below,
but it fails to insert all values in database
<?php
session_start();
require_once("include/config.php");
$num=$_POST['n'];
$i=0;
if( isset($_POST['submit']) )
{
$num=$_POST['n'];
echo "ji".$num;
for($i=0;$i<=$num; $i++)
{
$j=addslashes($_POST['t1'][$i]);
$m=addslashes($_POST['t2'][$i]);
$sql= "INSERT INTO ba (a,b)values('$j','$m');";
$res =mysqli_query($con,$sql) ;
$i++;
if($res)
{
echo "<script>alert('Family details submitted successfully');document.location.href='b.php';</script>";
}
else
{
echo "<script>alert('Error. Please Retry');document.location.href='b.php';</script>";
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<form name="sdfs" method="post">
<table border="3">
<?php
while($i<$num)
{
echo "<tr><td><input type='text' id='t1[$i]' name='t1[$i]'></td><td>
<input type='text' id='t2[$i]' name='t2[$i]'></td>
";
$i++;
}
?>
<input type="submit" name="submit" id="submit" value="submit" />
</tr>
</form>
</body>
</html>
value of num is obtained from another page ....
Alternate values are inserting in db...but i want to insert all values to database that obtained through form
pls find a solution for this problem.......................
I am working on a guessing game. The guessing code is working, however, when i want to click the 'give up' to display the number, is not passing the value to the give up. My apology, I am fairly new with php.
Any suggestion or hint how this could be done?
below is the guessinggame.php and the bottom one is the giveup.php
<?php
session_start();
$number = rand(1,100);
if(isset($_POST["guess"])){
$guess = $_POST['guess'];
$number = $_POST['number'];
$display = $_POST['submit'];
if ($guess < $number){
echo "The number needs to be higer!";
}else
if($guess > $number){
echo "The number needs to be lower!";
}else
if($guess == $number){
echo "Congratulation! You Guessed the hidden number.";
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Guess A Number</title>
</head>
<body>
<form action="<?=$_SERVER['PHP_SELF'] ?>" method="post" name="guess-a-number">
<label for="guess"><h1>Guess a Number:</h1></label><br/ >
<input type="text" name="guess" />
<input name="number" type="hidden" value="<?= $number ?>" />
<input name="submit" type="submit" />
<br/ >
Give Up
<br/ >
Start Over
</form>
</body>
</html>
giveup.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Guess A Number</title>
</head>
<body>
<form action="guessinggame.php" method="GET" name="guess-a-number">
<?php echo "<br />The hidden number is:".$number."<br />";?>
<br/ >
Start Over
</form>
</body>
</html>
You could store the number in the user session in your main script:
session_start();
$number = rand(1,100);
$_SESSION['number'] = $number;
Then, retrieve it in giveup.php:
$number = $_SESSION['number'];
When a person logs in, it directs them to the index.php band lets them checkout on my checkout page. When i change where i am directing them when they click login it doesnt work, then when they go to check out it keeps asking them to login. Anyone know where i may be going wrong?
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<div id="main">
<?php
include "base.php";
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Email']))
{
?>
<h1>Member Area</h1>
<p>Thanks for logging in! Your email address is: <b><?=$_SESSION['Email']?><b>
<ul>
<li>Logout.</li>
</ul>
<?php
}
elseif(!empty($_POST['email']) && !empty($_POST['password']))
{
$email = mysqli_real_escape_string($_SESSION['base'], $_POST['email']);
$password = md5(mysqli_real_escape_string($_SESSION['base'], $_POST['password']));
$checklogin = mysqli_query($_SESSION['base'], "SELECT * FROM Users WHERE Email = '".$email."' AND Password = '".$password."'");
if(mysqli_num_rows($checklogin) == 1)
{
$row = mysqli_fetch_array($checklogin);
$email = $row['Email'];
$_SESSION['Email'] = $email;
$_SESSION['LoggedIn'] = 1;
}
else
{
echo "<h1>Error</h1>";
echo "<p>Sorry, your account could not be found. Please click here to try again.</p>";
}
}
else
{
?>
<h1>Member Login</h1>
<p>Thanks for visiting! Please either login below, or click here to register.</p>
<form method="post" action="index.php" name="loginform" id="loginform">
<fieldset>
<label for="email">Email:</label><input type="text" name="email" id="email" /> <br />
<label for="password">Password:</label><input type="password" name="password" id="password" /><br />
<input type="submit" name="login" id="login" value="Login" />
</fieldset>
</form>
<?php
}
?>
</div>
</body>
</html>
And here is the base.php
<?php
session_start();
$dbhost = "localhost"; // this will ususally be 'localhost', but can sometimes differ
$dbname = "Abandoned"; // the name of the database that you are going to use for this project
$dbuser = "root"; // the username that you created, or were given, to access your database
$dbpass = ""; // the password that you created, or were given, to access your database
$base = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname); if (!$base){
echo "<p>server connection error:
mysqli_connect_error()</p>";
}
$_SESSION['base'] = $base; //database connection status transfer;
?>
To use cookie-based sessions, session_start() must be called before outputing anything to the browser.
ref: http://php.net/manual/en/function.session-start.php
To fix this, you can move
include "base.php";
to before your first line of html
Change:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<div id="main">
<?php
include "base.php";
to
<?php include "base.php"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<div id="main">
Bear in mind that I am making the assumption that session_start() is in your base.php file. If it isn't, it probably should be :) session_start() needs to be run before any output / headers. Without it, your sessions won't work.
This question already has an answer here:
Closed 10 years ago.
Possible Duplicate:
Undefined index: username in C:\wamp\www\Website\storeadmin\admin_login.php..and the same for password
//admin_login.php
<?php
session_start();
if(isset($_SESSION["member"])){
header("location:index.php");
exit();
}
?>
<?php
if(isset($_POST["username"]) && isset($_POST["password"])){ // <- Check the user has clicked the button
$manager = preg_replace('#[A-Za-z0-9]#i',"",$_POST["username"]);
$password = preg_replace('#[A-Za-z0-9]#i',"",$_POST["password"]);
include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT * FROM admin WHERE username ='$manager' AND password ='$password'LIMIT 1");
$exist_count = mysql_num_rows($sql);
if($exist_count == 1){
while(mysql_fetch_array($sql)){
$id = $row["id"];
}
$_SESSION["id"]= $id;
$_SESSION["manager"]= $manager;
$_SESSION["password"]= $password;
header("location:index.php");
exit();
}
else{
echo 'This information is incorrect,try again Click Here';
exit();
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title> AdminLogin</title>
<link rel="stylesheet" href="../style/style.css" type="text/css" media="screen"/>
</head>
<body>
<div id="mainWrapper" >
<?php include_once("../template_header.php");?>
<div id="pageContent" >
<div align="left" "style="margin-left:040px;"><h1>Please login to continue</h1><br />
</div>
<form id="form1" name="form1" method="post" action="admin_login.php">
UserName<br />
<input type="text" name="username" id="username" size="40"/>
Password<br />
<input type="password" name="password" id="password" size="40"/>
<br />
<br />
<br />
<input type="submit" name="button" id="button" value="LogIn"/>
</form>
</div>
<?php include_once("../template_header.php");?>
</div>
</body>
</html>
//index.php
<?php
session_start();
if(!isset($_SESSION["member"])){
header("location:admin_login.php");
exit();
}
$managerID = preg_replace('#[^0-9]#i',"",$_SESSION["id"]);
$manager = preg_replace('#[A-Za-z0-9]#i',"",$_SESSION["manager"]);
$password = preg_replace('#[A-Za-z0-9]#i',"",$_SESSION["password"]);
include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT * FROM admin WHERE id ='managerID' AND username ='$manager' AND password ='$password'LIMIT 1");
$exist_count = mysql_num_rows($sql);
if($exist_count == 0){
echo("Your login session data in not in the database");
exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<html >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Service Admin Area</title>
<link rel="stylesheet" href="../style/style.css" type="text/css" media="screen"/>
</head>
<body>
<div id="mainWrapper" >
<?php include_once("../template_header.php");?>
<div id="pageContent" >
<div align="left" "style="margin-left:040px;"><h1>Hello Store Manager .What would you loke to do today</h1><br />
<h3>Manage Inventory</h3><br/><h3>Manage Me</h3><br/></div></div>
<?php include_once("../template_header.php");?>
</div>
</body>
</html>
The problem i am facing is that i am not able to login to my index.php page even after i have put in the correct username and password as specified in my database which i have set through phpmyadmin.Everytime i try to login it invokes the [echo 'This information is incorrect,try again Click Here'] as mentioned in the admin_login.php.I am getting a bit frustrated.Can you help me out guys?
I am not sure why you use the preg_replace. Looks to me you are clearing the variables. Which explains why you cant find yourself in the database. Try to remove the preg_replace and see what happens. Also when you when you the SQL query you forgot a space between your password and limit.
Hope this solves your problem
This question already has an answer here:
Closed 10 years ago.
Possible Duplicate:
Undefined index: username in C:\wamp\www\Website\storeadmin\admin_login.php..and the same for password
//admin_login.php
<?php
session_start();
if(isset($_SESSION["member"])){
header("location:index.php");
exit();
}
?>
<?php
if(isset($_POST["username"]) && isset($_POST["password"])){ // <- Check the user has clicked the button
$manager = preg_replace('#[A-Za-z0-9]#i',"",$_POST["username"]);
$password = preg_replace('#[A-Za-z0-9]#i',"",$_POST["password"]);
include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT * FROM admin WHERE username ='$manager' AND password ='$password'LIMIT 1");
$exist_count = mysql_num_rows($sql);
if($exist_count == 1){
while(mysql_fetch_array($sql)){
$id = $row["id"];
}
$_SESSION["id"]= $id;
$_SESSION["manager"]= $manager;
$_SESSION["password"]= $password;
header("location:index.php");
exit();
}
else{
echo 'This information is incorrect,try again Click Here';
exit();
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title> AdminLogin</title>
<link rel="stylesheet" href="../style/style.css" type="text/css" media="screen"/>
</head>
<body>
<div id="mainWrapper" >
<?php include_once("../template_header.php");?>
<div id="pageContent" >
<div align="left" "style="margin-left:040px;"><h1>Please login to continue</h1><br />
</div>
<form id="form1" name="form1" method="post" action="admin_login.php">
UserName<br />
<input type="text" name="username" id="username" size="40"/>
Password<br />
<input type="password" name="password" id="password" size="40"/>
<br />
<br />
<br />
<input type="submit" name="button" id="button" value="LogIn"/>
</form>
</div>
<?php include_once("../template_header.php");?>
</div>
</body>
</html>
//index.php
<?php
session_start();
if(!isset($_SESSION["member"])){
header("location:admin_login.php");
exit();
}
$managerID = preg_replace('#[^0-9]#i',"",$_SESSION["id"]);
$manager = preg_replace('#[A-Za-z0-9]#i',"",$_SESSION["manager"]);
$password = preg_replace('#[A-Za-z0-9]#i',"",$_SESSION["password"]);
include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT * FROM admin WHERE id ='managerID' AND username ='$manager' AND password ='$password'LIMIT 1");
$exist_count = mysql_num_rows($sql);
if($exist_count == 0){
echo("Your login session data in not in the database");
exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<html >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Service Admin Area</title>
<link rel="stylesheet" href="../style/style.css" type="text/css" media="screen"/>
</head>
<body>
<div id="mainWrapper" >
<?php include_once("../template_header.php");?>
<div id="pageContent" >
<div align="left" "style="margin-left:040px;"><h1>Hello Store Manager .What would you loke to do today</h1><br />
<h3>Manage Inventory</h3><br/><h3>Manage Me</h3><br/></div></div>
<?php include_once("../template_header.php");?>
</div>
</body>
</html>
The problem I am facing is that I am not able to login to my index.php page even after I have put in the correct username and password as specified in my database which I have set through phpmyadmin. Everytime I try to login it invokes the echo 'This information is incorrect,try again Click Here' as mentioned in the admin_login.php. I am getting a bit frustrated. Can you help me out guys?
Try some debugging;
Check the values of $_POST['username'] and $_POST['password'] before and after your preg_replace calls.
Add an 'or die mysql_error()' to your call to mysql_query() to see if that is running ok
Echo out the value of $sql so you can have a look at the query.
Does the header() command not require a space between the name and value? or a \r\n afterwards? Worth double-checking.
Generally provide more output at various stages and it should be trivial to track down the issue.
And (once it is working), please please add a crypt() or md5() + salt to your password field in the database.
im pretty sure the preg_replace is emptying your variables
$manager = preg_replace('#[A-Za-z0-9]#i',"",$_POST["username"]); $password = preg_replace('#[A-Za-z0-9]#i',"",$_POST["password"]);
according to the php docs http://uk.php.net/manual/en/function.preg-replace.php
have you tried removing them?