so I'm trying to simply send one field of data from a form to a php file. Below is my form in a table. I also posted my php code. It keeps returning that $username is null. Ive tried post/get and it doesn't seem to matter.
HTML:
<form action='http://k9minecraft.tk/scripts/adduser.php' method='POST'>
<table>
<tr>
<td>First Name:</td>
<td><input type='text' id='first'></td>
</tr>
<tr>
<td>Last Name:</td>
<td><input type='text' id='last'></td>
</tr>
<tr>
<td>Email:</td>
<td><input type='text' id='email'></td>
</tr>
<tr>
<td>Minecraft Name:</td>
<td><input type='text' name='user'></td>
</tr>
<tr>
<td><input type='submit' value='Send'></td>
<td><input type='reset' value='Reset'></td>
</tr>
</table>
</form>
PHP:
<?php
print_r($_POST);
if (isset($_POST['user'])) {
$username = $_POST['user'];
echo $username;
echo 'username is not null';
}
?>
The issue is that all of your inputs have id but not name. The id are used by JavaScript. The name are used for sending form data.
Change it to be like this:
<form action='http://k9minecraft.tk/scripts/adduser.php' method='POST'>
<table>
<tr>
<td>First Name:</td>
<td><input type='text' name='first' id='first'></td>
</tr>
<tr>
<td>Last Name:</td>
<td><input type='text' name='last' id='last'></td>
</tr>
<tr>
<td>Email:</td>
<td><input type='text' name='email' id='email'></td>
</tr>
<tr>
<td>Minecraft Name:</td>
<td><input type='text' name='user'></td>
</tr>
<tr>
<td><input type='submit' name='Send' value='Send'></td>
<td><input type='reset' name='Rest' value='Reset'></td>
</tr>
</table>
</form>
This code is working. You need to add some condition, that checks, if $username is posted or not.
Something like that:
if(count($_POST)){
$username ='';
if(isset($_POST['user'])){
$username = $_POST['user'];
if ($username==null || !$username)
echo 'username is null';
echo strlen($username);
echo $username;
}
}
Try this to find out if the field is posted by the formular:
isset($_POST['user'])
I think $username==null will be true even if $username really is equal to an empty string.
This is how people usually do it:
if(isset($_POST['user']) && !empty($_POST['user'])) {
$user = $_POST['user'];
}
Note: == null will not work with empty string. see here.
You also need to add a name attribute for other input fields of yours.
try using this
<?php
if(isset($_POST['submit'])){
$msg = "";
/* Validate post */
if(isset($_POST['user'])==""){
$msg .= "username is null";
}
/*End Validate*/
if($msg==""){
$user = $_POST['user'];
}else{
echo $msg;
}
}
?>
Related
I want to change the error code SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry 'xx#yahoo.com' for key 'email' message into something like "error email already in use"
create.php
<?php
require_once 'dbconfig.php';
if ($_POST) {
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$contactnum = $_POST['contactnum'];
$email = $_POST['email'];
$pass = $_POST['pass'];
$lang = $_POST['lang'];
try {
$stmt = $db_con->prepare("INSERT INTO tbluser(fname,lname,contactnum,email,pass,lang) VALUES(:ufname,:ulname,:ucontact,:uemail,:upass,:ulang)");
$stmt->bindParam(":ufname", $fname);
$stmt->bindParam(":ulname", $lname);
$stmt->bindParam(":ucontact", $contactnum);
$stmt->bindParam(":uemail", $email);
$stmt->bindParam(":upass", $pass);
$stmt->bindParam(":ulang", $lang);
if ($stmt->execute()) {
echo "Successfully Added";
} else {
echo "Query Problem";
}
} catch(PDOException $e) {
echo $e->getMessage();
}
}
?>
I tried to add something like this
if (mysql_errno() == 1062) {
echo"error email already in use!";
}
But can't make it work. Thanks for your help, I'm still new in php. Can someone advise me how to use PDO?
addform.php
<style type="text/css">
#dis{
display:none;
}
</style>
<div id="dis">
<!-- here message will be displayed -->
</div>
<form method='post' id='emp-SaveForm' action="#">
<table class='table table-bordered'>
<tr>
<td>First Name</td>
<td><input type='text' name='fname' class='form-control' required /></td>
</tr>
<tr>
<td>Last Name</td>
<td><input type='text' name='lname' class='form-control' required></td>
</tr>
<tr>
<td>Contact Number</td>
<td><input type='number' name='contactnum' class='form-control' required></td>
</tr>
<tr>
<td>Email</td>
<td><input type='email' name='email' class='form-control' required /></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name='pass' class='form-control' required /></td>
</tr>
<tr>
<td>Language</td>
<td><input type='text' name='lang' class='form-control' required /></td>
</tr>
<tr>
<td colspan="2">
<button type="submit" class="btn btn-primary" name="btn-save" id="btn-save">
<span class="glyphicon glyphicon-plus"></span> Save this User
</button>
</td>
</tr>
</table>
</form>
mysql_errno is part of the deprecated mysql extension - you're using PDO, so you need to check the error with it too:
if ($stmt->execute()) {
echo "Successfully Added";
} else {
if ($stmt->errorCode() == 1062) {
# Here ^
echo "error email already in use!";
} else {
echo "some other problem...";
}
}
Errors can show up in event/error logs and cause unnecessary noise if you are ever trying to find a legit error, so if you can I would avoid relying on them. Instead try:
IF (SELECT 1 = 1 FROM users WHERE email=?) THEN
BEGIN
SELECT 0 AS Result--signals already exists to the application
END;
ELSE
BEGIN
INSERT INTO users(columns) VALUES(values);
SELECT LAST_INSERT_ID() AS Result;
END;
END IF;
Or something along those lines.
I'm trying to find how to retain my text value after submit, so the text that i submit is still keep in the textbox, there's so many reference in internet but too hard for me to understand (newbie here), so i'd like to ask here, if anyone have some solution.
Here's my form code:
echo
"<form method='post' action='process.php'>
<tr>
<td>Nama Jurusan</td>
<td>:</td>
<td><input type='text' name='jurusan' size='50%'></td>
</tr>
<tr>
<td>Nama Laboratorium</td>
<td>:</td>
<td><input type='text' name='lab' size='50%></td>
</tr>
<input name='submit' type='submit' id='ajukan' value='Ajukan'>
</form>";
As you can see, i was placing the form inside echo.
Here's my process.php code:
<?php
if(isset($_REQUEST['submit'])) {
include "../conf/koneksi.php";
$jurusan = $_POST['jurusan'];
$lab = $_POST['lab'];
$urutkan= "ALTER TABLE tb_pengusul AUTO_INCREMENT = 1";
mysql_query($urutkan);
$input = mysql_query("INSERT INTO tb_pengusul (nama_jurusan,nama_laboratorium)
VALUES ('$jurusan','$lab')") or die (mysql_error());
echo "<script language=\"Javascript\">\n";
echo "window.alert('Input sukses !')";
echo "</script>";
echo "<META HTTP-EQUIV=\"REFRESH\" CONTENT=\"0;URL='../koordinator.php?url='\">";
}
?>
Use Post value as,
This will works only if you form page and submit code are in same page ( process.php )
<?php echo"<form method='post' action='process.php'>
<tr><td>Nama Jurusan</td>
<td>:</td>
<td><input type='text' name='jurusan' value='".$_POST['jurusan']."' size='50%'></td>
</tr>
<tr>
<td>Nama Laboratorium</td>
<td>:</td>
<td><input type='text' name='lab' value='".$_POST['lab']."' size='50%'></td>
</tr>
<input name='submit' type='submit' id='ajukan' value='Ajukan'>
</form>";?>
Also you have error in your code in line
<td><input type='text' name='lab' size='50%></td>
it should be <td><input type='text' name='lab' size='50%'></td>
If your form is still available in the process.php file, change it like this:
echo "<form method='post' action='process.php'>
<tr><td>Nama Jurusan</td>
<td>:</td>
<td><input type='text' name='jurusan' size='50%'";
if (isset($_POST['jurusan']))
{
echo " value=\'$_POST['jurusan']\'";
}
echo "></td>
</tr>
<tr>
<td>Nama Laboratorium</td>
<td>:</td>
<td><input type='text' name='lab' size='50%'";
if (isset($_POST['lab']))
{
echo " value=\'$_POST['lab']\'";
}
echo "></td>
</tr>
<input name='submit' type='submit' id='ajukan' value='Ajukan'>
</form>";
you need to use PHP sessions.
add the following string to your process.php page
session_start();
$_SESSION['prev_values'] = $_POST;
and the following to your form page
$lab = "";
$jur = "";
session_start();
if(isset($_SESSION['prev_values'])){
$jur = $_SESSION['prev_values']['jurusan'];
$lab = $_SESSION['prev_values']['lab'];
}
echo
"<form method='post' action='process.php'>
<tr>
<td>Nama Jurusan</td>
<td>:</td>
<td><input type='text' name='jurusan' size='50%' value='$jur'></td>
</tr>
<tr>
<td>Nama Laboratorium</td>
<td>:</td>
<td><input type='text' name='lab' size='50%' value='$lab'></td>
</tr>
<input name='submit' type='submit' id='ajukan' value='Ajukan'>
</form>";
SECURITY NOTICE:
Please note: this script is basic and it is vulnerable to XSS (just to name one). As a rule of thumb, you should NEVER display directly user inputs without some form of sanitation
I am trying to add a captcha to my guestbook submission form but cannot get the if(($_POST['code']) == ($_SESSION['code'])) statement to work. Please see code below. Any help would be greatly appreciated.
if ($_POST['postbtn']){
$name = strip_tags($_POST['name']);
$email = strip_tags($_POST['email']);
$comment = strip_tags($_POST['comment']);
if(($_POST['code']) == ($_SESSION['code'])) {
$code = strip_tags($_POST['code']);
}
if($name && $email && $comment && $code){
$time = date("h:i A");
$date = date("F d, Y");
$ip = $_SERVER['REMOTE_ADDR'];
// add to the database
mysqli_query($con,"INSERT INTO guestbook VALUES (
'', '$name', '$email', '$comment', '$time', '$date', '$ip'
)");
echo "Your post has been added.";
}
else
echo"You did not enter in all the required info.";
}
echo "<form action='./index.php' method='post'>
<table>
<tr>
<td>Name:</td>
<td><input type='text' name='name' style='width: 200px;' /></td>
</tr>
<tr>
<td>Email:</td>
<td><input type='text' name='email' style='width: 200px;' /></td>
</tr>
<tr>
<td>Comment:</td>
<td><textarea name='comment' style='width: 197.5px; height: 50px;'>
</textarea></td>
</tr>
<tr>
<td><img src='captcha.php?'/></td>
<td><input type='text' name='code' style='width: 200px;' /></td>
</tr>
<tr>
<td></td>
<td><input type='submit' name='postbtn' value='Post' /></td>
</tr>
</table>
</form>";
Can you try echo on both $_POST['code'] and $_SESSION['code'] so that you can debug it and see if you are getting the values correctly? I don't think you are getting them right. if not just add up a complete scenario here with proper field names and values.
i have a form error when i put password and click submit button query executed but on database password row empty :(
please help me to sort out this problem i tried but didn't solve. php contain html via double quotes
thanks
<?php echo errormessage();
if(isset($_REQUEST['email']) && !empty($_REQUEST['email']) AND isset($_REQUEST['token']) && !empty($_REQUEST['token'])){
// Verify data
$email = mysql_prep($_REQUEST['email']); // Set email variable
$token = mysql_prep($_REQUEST['token']); // Set hash variable
$result = mysqli_query($connection,"SELECT email, hash FROM job_seeker WHERE email='".$email."' AND hash='".$token."'");
$num_rows = mysqli_num_rows($result);
if($num_rows > 0){
echo '<form method="post" action=""><table class="table table-bordered" width="100%" >
<tr>
<td width="40%">New Password :</td>
<td width="60%"><input type="password" required="" value="" name="pass"></td>
</tr>
<tr>
<td>Confirm New Password : </td>
<td><input type="password" required="" value="" name="cpass"></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submit" value="Update"></td>
</tr>
</table></form>';
//<?php //var_dump($_POST);
#$pass = mysql_prep($_POST['pass']);
#$cpass = mysql_prep($_POST['cpass']);
if(isset($_POST)){
if($pass == $cpass)
{
//echo $hashed_password = password_encrypt($pass);
$hashed_password = $pass;
$result = mysqli_query($connection,"UPDATE job_seeker SET hashed_password='$hashed_password', hash='' WHERE email='".$email."' AND hash='".$token."'");
if ($result) {
// Success
$_SESSION["message"] = "Password Successfully Changed.";
} else {
// Failure
$_SESSION["message"] = "Oops... Something went wrong.";
}
}
}
}else{
$_SESSION["message"] = "OOPS: Link Expired. Please check your inbox.";
}
}else{
//var_dump($_REQUEST);
redirect_to('index.php');
}
?>
The code line:
if(isset($_REQUEST['email']) && !empty($_REQUEST['email']) AND isset($_REQUEST['token']) && !empty($_REQUEST['token'])){
checks for the password and executes query only if the password (token) is posted.
Please update it to:
if(isset($_REQUEST['email']) && !empty($_REQUEST['email'])){
And you code will work.
Problem solved if(isset($_POST)){ lol every one gave new instruction except to change the code if(isset($_POST))
There are errors in the "password change" portion of your code.
$result = mysqli_query($connection,"UPDATE job_seeker SET hashed_password='$hashed_password', hash='' WHERE email='".$email."' AND hash='".$token."'");
depending on your php configuration, it might set the password column to
"$hashed_password"
or to whatever was in the variable $hashed_password
You probably meant to do this :
$result = mysqli_query($connection,"UPDATE job_seeker SET hashed_password='".$hashed_password."', hash='' WHERE email='".$email."' AND hash='".$token."'");
But that is still a terrible idea, because this is vulnerable to sql injection.
Also, make sure you have your column names right, down to the letter. ( i can't check that for you )
I could be because you have predefined Value in form.
Try to change this:
echo '<form method="post" action=""><table class="table table-bordered" width="100%" >
<tr>
<td width="40%">New Password :</td>
<td width="60%"><input type="password" required="" value="" name="pass"></td>
</tr>
<tr>
<td>Confirm New Password : </td>
<td><input type="password" required="" value="" name="cpass"></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submit" value="Update"></td>
</tr>
</table></form>';
For this:
echo '<form method="post" action=""><table class="table table-bordered" width="100%" >
<tr>
<td width="40%">New Password :</td>
<td width="60%"><input type="password" required="" name="pass"></td>
</tr>
<tr>
<td>Confirm New Password : </td>
<td><input type="password" required="" name="cpass"></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submit" value="Update"></td>
</tr>
</table></form>';
Without value attribute
I am new here and I have a question. I have a problem that I can't figure it out with _POST. I have been searching for hours before start writing! As far as I can see I haven't done any of the mistakes that are posted for other similar question (form action..., name attribute...,etc). Please, can you check my code below to tell me what am I doing wrong??
I use xampp 1.7.3 on windows 7.
<?php require("includes/header.php"); ?>
<?php require_once("includes/connection.php"); ?>
<?php require_once("includes/functions.php"); ?><head>
<script type="text/javascript">
function theChecker()
{
if(document.getElementById('checker').checked){
document.getElementById('submitter').disabled=false;
}
else{
document.getElementById('submitter').disabled=true;
}
}
</script>
</head>
<?php require("includes/body_no_menus.php"); ?>
<div align="center">
<form name="signup" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<?php
echo "<hr/>
<table width='600' border='0'>
<tr>
<td width='237'>Κωδικός οικοδομής</td>
<td width='351'><input name='building_id' type='text' id='building_id' size='30' maxlength='40' />*</td>
</tr>
<tr>
<td>Κωδικός διαμερίσματος</td>
<td><input name='apartment_id' type='text' id='apartment_id' size='30' maxlength='40' />*</td>
</tr>
<tr>
<td></td>
<td height='31' colspan='2' ><label>
<input name='send' type='submit' value='Αποστολή' />
</label></td>
</tr>
</table>
";
?>
</form>
</div>
<p>
<?php
if(isset($_POST['send'])) {
// Check input / Required fields
$building_id = check_input($_POST['building_id'],"Εισάγετε τον κωδικό της οικοδομής!");
$apartment_id = check_input($_POST['apartment_id'],"Εισάγετε όνομα χρήστη!");
$query = "SELECT idTENANT,FNAME,LNAME,BUILDING_ADMIN,PHONE FROM TENANT,APARTMENT, BUILDING
WHERE TENANT.APARTMENT_ID = APARTMENT.idAPARTMENT
AND APARTMENT.BUILDING_ID = BUILDING.idBUILDING
AND idAPARTMENT = '$apartment_id'
AND idBUILDING = '$building_id'";
$result=mysql_query($query) or die ("Couldn't execute query.");
$row = mysql_fetch_array( $result );
$id = $row['idTENANT'];
$fname = $row['FNAME'];
$lname = $row['LNAME'];
$apartment = $row['APARTMENT_ID'];
$phone = $row['PHONE'];
if($row['BUILDING_ADMIN'] == 0)
$admin = "ΟΧΙ";
else
$admin = "ΝΑΙ";
echo " <hr />
<table width='300' border='0'>
<tr>
<td>Όνομα</td>
<td>$fname</td>
</tr>
<tr>
<td>Επίθετο</td>
<td>$lname</td>
</tr>
<tr>
<td>Όνομα χρήστη</td>
<td><input name='username' type='text' size='30' maxlength='20' />*</td>
</tr>
<tr>
<td>Κωδικός χρήστη</td>
<td><input name='password' type='password' size='30' maxlength='20'/>*</td>
</tr>
<tr>
<td>Επαλήθευση κωδικού</td>
<td><input name='verify_password' type='password' size='30' maxlength='40'/> *</td>
</tr>
<tr>
<td>Διαχείριση οικοδομής</td>
<td>$admin</td>
</tr>
<tr>
<td>Τηλέφωνο</td>
<td>$phone</td> </tr>
<tr>
<td></td>
<td><input name='checkterms' type='checkbox' id='checker' onclick='theChecker()' value='Ναι'/>
<label>Έχω διαβάσει και αποδέχομαι τους όρους χρήσης.</label> *</td>
</tr>
<tr>
<td></td>
<td><input type='submit' name='complete' id='submitter' value='Ολοκλήρωση εγγραφής' disabled/></td>
</tr>
</table>
";
}
if(isset($_POST['complete'])) {
// Password match
if ($password != $verify_password)
{
echo '<font color="red">Οι κωδικοί δεν ταιριάζουν</font>';
}//if
else
{
// Execute MySQL commands
$query = "UPDATE TENANT SET USERNAME = '$un', PASSWD='$pw' WHERE idTENANT='$id'";
$result=mysql_query($query) or die ("Couldn't execute query.");
header("Location: main_login.php");
}//else
}//if
?>
</p>
<?php require("includes/footer.php"); ?>
The first _POST (if(isset($_POST['send']))...) works perfectly. But if(isset($_POST['complete'])) {... does nothing. I ve tried to echo some data to see if my connection doesn't work, but its the _POST...
Please help me!!!!
Thanks for your time!
what you could try:
use vardump to see what $_POST contains: var_dump($_POST);.
use firebug (or something similar for another browser) to lookup the request and see which POST-Parameters are sent.
The second set of form elements (username, password, verify_password, checkterms, complete) are not inside any html form element. Clicking the second button does not post the form to server.
header("Location: main_login.php");
Is not going to work, when $_POST["complete"] is reached. You already sent heaps of output before that. Enable more error_reporting.