I've written some html code, and once i tried to place some PHP inside it, anything below this sign ?> wouldn't appear!!! I have some pictures and text that wouldn't appear unless I place it above. I'm writing with Bootstrap 2.3 and phpMyAdmin 4.10. all languages. Thank you for your time in advance.
here is my code so far:
<!DOCTYPE html>
<html>
<head>
<link type="text/css" rel="stylesheet" href="bootstrap/css/bootstrap.css">
<link type="text/css" rel="stylesheet" href="bootstrap/css/myStyle.css">
<title>OJRA - Registration</title>
</head>
<body>
<div style="width:400px; height:400px; border-radius:5px; background-color:#aaa; margin-left:100px;">
<form action="" method="post" style="margin-left:20px;">
<h6>Username</h6>
<input type="text" name="username" placeholder="Your Username">
<h6>Password</h6>
<input type="password" name="usrPassowrd" placeholder="Your password">
<h6>Email</h6>
<input type="email" name="usrEmail" placeholder="Your Email"><br>
<input class = "btn btn-default" type="submit" value = "Register">
</form>
</div>
<div style="width:400px; height:400px; border-radius:5px; background-color:#aaa; margin-left:100px;">
<form action="" method="post" style="margin-left:20px;">
<h6>Username:</h6> <input type="text" name="username" placeholder="Your username">
<h6>Password:</h6> <input type="password" name="usrPassowrd" placeholder="Your password">
<input class = "btn btn-default" type="submit" value="Sign in">
</form>
<?php
define('INCLUDE_CHECK',true);
require 'connect.php';
$username = $_POST['username'];
if($username == "")
{
die("cannot go empty");
header("location:index.php");
exit;
}
$password = $_POST['usrPassword'];
$email = $_POST['usrEmail'];
$query = "insert into tz_members values('$username', '$password', '$email')";
mysql_query($query) or die(mysql_error());
?>
</div>
<img src="sexymotivation.jpg" style="margin-top:-800px; margin-right:10px;" class="pull-right">
</body>
</html>
A few things have already been outlined (as answers) that do make sense, however I spotted a few typos in your inputs that will prevent your form from working, plus a few other points.
Here are a few of my recommendations:
First, this (in 2 instances) has a typo in it name="usrPassowrd" which should read as name="usrPassword" to go with your existing $password = $_POST['usrPassword'];
As I stated in my original comments:
Comment #1: die("cannot go empty"); header("location:index.php"); exit; Your header won't do anything, because it DIE()'d and that will cease to go any further.
Comment #2: What I suspect is going on is, because you've got your entire code inside one big clump, and that if certain conditions aren't met... it still wants to keep going. Now, I suggest that you put a conditional statement wrapped around your PHP....
such as if(isset($_POST['submit'])){ // PHP } then add this to your submit button name="submit" --- I also suggest you split up your form and your PHP/SQL altogether and make it submit to another page instead, with the same conditional statement I've already outlined.
If you absolutely want to execute everything in one page, try the following:
Note: I borrowed the img src from user3009875's answer also.
(Rewrite)
<!DOCTYPE html>
<html>
<head>
<link type="text/css" rel="stylesheet" href="bootstrap/css/bootstrap.css">
<link type="text/css" rel="stylesheet" href="bootstrap/css/myStyle.css">
<title>OJRA - Registration</title>
</head>
<body>
<div style="width:400px; height:400px; border-radius:5px; background-color:#aaa; margin-left:100px;">
<form action="" method="post" style="margin-left:20px;">
<h6>Username</h6>
<input type="text" name="username" placeholder="Your Username">
<h6>Password</h6>
<input type="password" name="usrPassword" placeholder="Your password">
<h6>Email</h6>
<input type="email" name="usrEmail" placeholder="Your Email"><br>
<input class = "btn btn-default" type="submit" value = "Register">
</form>
</div>
<div style="width:400px; height:400px; border-radius:5px; background-color:#aaa; margin-left:100px;">
<form action="" method="post" style="margin-left:20px;">
<h6>Username:</h6> <input type="text" name="username" placeholder="Your username">
<h6>Password:</h6> <input type="password" name="usrPassword" placeholder="Your password">
<input class = "btn btn-default" name="submit" type="submit" value="Sign in">
</form>
<?php
// this below, will prevent a premature execution of code
if(isset($_POST['submit'])){
define('INCLUDE_CHECK',true);
require 'connect.php';
$username = $_POST['username'];
if($username == "")
{
die("cannot go empty");
// header("location:index.php"); // commented out
exit;
}
$password = $_POST['usrPassword'];
$email = $_POST['usrEmail'];
$query = "insert into tz_members values('$username', '$password', '$email')";
mysql_query($query) or die(mysql_error());
} // end brace for if(isset($_POST['submit']))
?>
</div>
<!-- commented out original img src -->
<!--
<img src="sexymotivation.jpg" style="margin-top:-800px; margin-right:10px;" class="pull-right">
-->
<!-- new img src by user3009875 in an answer given -->
<img src="sexymotivation.jpg" style="margin-top:100px; margin-right:10px;" class="pull-right">
</body>
</html>
You can't use header() there to perform a redirection because you've already outputted some HTML and PHP has flushed HTTP headers.
The reason that <img> disappeared is probably that you called die(). This function terminates the whole page at once.
If you see cannot go empty, you should check the form to make sure you posted username field. If you see some error message about MYSQL, it is mysql_query($query) that fails.
By the way, your code has a SQL Injection problem.
IT doesn't load below ?> because script fails. This is common behaviour when there is a bug.
Check tail -f /var/log/apache2/error.log on linux (terminal)
Check tail -f /var/log/apache2/error_log on max (terminal)
windows -> I have no idea... somewhere in C:\\
At this point:
die("cannot go empty");
you stop the script. The following PHP code will not be executed and the HTML will not be sent to the user.
It's possible that there is an error when executing your PHP code, that would prevent it from going through the rest of the file.
Using your browser's Developer Tools, check the contents of the HTML that was returned, it's possible that the last line could be an error message. If you have erorr_reporting off then it would write to your error log only.
/var/log/apache2/error.log is a common location for the error log file if you are using Apache on a Linux machine.
As a side note, that code you have is very dangerous, do not use data sent from the client directly in a SQL statement, you need to sanitize otherwise you make your web app vulnerable to SQL injection.
Consider using a prepared statement
http://php.net/manual/en/pdo.prepare.php
Try:
<img src="sexymotivation.jpg" style="margin-top:100px; margin-right:10px;" class="pull-right">
I think setting the top margin to -800px will cause it to disappear from the screen.
Also, make sure your image is of .jpg.
Related
i am making a "login and signup form" actions for my file. i searched about this many times but i cant find the answer and most of the topics are about sql which i don't use for these files.
im looking for a answer without include, sql, or session in my files
here's my codes
html:
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Gleacc</title>
<!-- Load external CSS styles -->
<link rel="stylesheet" href="styles.css">
</head>
<body>
<h1>Gleacc GG</h1>
<br>
<form action="data/signedup.php" method="get">
<label for="usn">
<input placeholder="Username" name="usn" required>
</label>
<br>
<label for="psw">
<input placeholder="Password" name="psw" required>
</label>
<br>
<input type="submit" value="Submit">
</form>
<!-- Load external JavaScript -->
<script src="scripts.js"></script>
</body>
</html>
signuped. php:
<?php
$psw = $_GET['psw'];
$usn = $_GET['usn'];
echo "<form action="data/logined.php" method="post"><input placeholder="Username" name="usn" required><br><input placeholder="Password" name="psw" required><br><input type="submit" value="Submit"></form>";
?>
logined.php: none since we cant compair the input because we cant get the $usn and $psw from signuped.php
I think you are being silly.
Are the users signing up every time they are on the website? If not, then you need to save their username and password in some sort of database.
Any other method used in signuped is exposing data that you shouldn't be exposing.
Here is one way to do what you want and make it a tad secure.
<?php
$psw = encrypt($_POST['psw']);
$usn = encrypt($_POST['usn']);
echo "<form action='data/logined.php' method='post'>
<input placeholder='Username' name='usn' required><br>
<input placeholder='Password' name='psw' required><br>
<input class='hidden' value='$usn' name='encusn'><br>
<input class='hidden' value='$psw' name='encpsw'><br>
<input type='submit' value='Submit'></form>";
?>
Where you use CSS to hide the two inputs. Be warned that it is not hard to expose them in the browser by anyone with even a little knowledge of CSS.
In your logined file you encrypt the entered values and compare them with encrypted values from the hidden inputs. I wouldn't use a two-way algorithm and try to decrypt the encrypted values.
first make sure that signuped.php is placed inside the folder data which placed same level as the html file.
then change the action in the html file from get to post and try var_dump($_POST) to see if the inputs has been submited.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 1 year ago.
Improve this question
I'm a beginner in PHP and MySQL and I want to add values that come from an input in HTML, to a MySQL database.
I have to find some things on the Internet but this doesn't work and so I tried to learn a little bit more PHP but I still don't understand why the condition in the code below is not valid:
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css">
<meta charset="utf-8">
<title>SHAR-APP</title>
</head>
<body>
<div class='div1'>
<div class='div2'>
<label for="name">Name of the user:</label>
<input class ='in'type="text" id="name" name="name" size="20">
</div>
<div class='div2'>
<label class = 'label' for="name">Code:</label>
<input class='in' id ='code' type="text" name="code" size="20">
</div>
<div class="div2" id='b'>
<input type="submit" value="send" class='button'>
</div>
</div>
<?php
echo "test1";
if (isset($_POST['name'])) {
echo "test2";
$mtsqli = mysqli_connect('localhost','the_name_of_my_project','my_password');
mysqli_select_db('project_database', $msqli);
$requete = 'INSERT INTO the_name_of_the_database's_table VALUES(NULL,"' . $_POST['name'] . '","' . $_POST['code'] . '")';
$query = "SELECT * FROM the_name_of_the_database's_table";
echo $_POST['name'];
echo "test3";
}
?>
</body>
</html>
I'm on this for 3 days and I'm really blocked. Maybe I have others mistake in the PHP code. If I can do that with another language i prefer to stay on PHP because I don't want to learn too much languages. If I can do a bridge between HTML and MySQL with Python or JavaScript I'm OK to know that.
THIS PART IS GOOD but another problem is come ...
when i want to connect on my database this error message is display
C:\Users\titou>set PATH=$PATH$;C:\Program Files\MySQL\MySQL Server 8.0\bin
C:\Users\titou>mysql -h localhost -u root -p
Enter password: **********
ERROR 1045 (28000): AccŠs refus‚ pour l'utilisateur: 'root'#'#localhost' (mot de passe: OUI)
its in french but you can see that there is two # instand of one ('root'#'localhost')
First you need to add a Form Method
<form action="" method="POST">
<div class='div2'>
<label for="name">Name of the user:</label>
<input class ='in'type="text" id="name" name="name" size="20">
</div>
<div class='div2'>
<label class = 'label' for="name">Code:</label>
<input class='in' id ='code' type="text" name="code" size="20">
</div>
<div class="div2" id='b'>
<input type="submit" value="send" class='button'>
</div>
</form>
The is some kind of class that tells the browser to expect inputs and then on the button click- to treat them.
The Action="" is for initializing where to treat the given inputs.
In your case, since your php code is in the same class as the form, you can leave it blank, either way you should initialize the path you want to send those data.
The Method="POST" is just a Method for treating your data on the web. It is also more secure than GET method which it works too but it's more sensitive since all the data from the inputs it's going to be exposed also in the URL.
Furthermore, I hope you have already installed XAMPP and already created a database in MySQL.
Add the form attribute to your form and in it add a method and an action. Method is needed to tell the form to post, and action is needed to tell the form what to do when you submit.
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css">
<meta charset="utf-8">
<title>SHAR-APP</title>
</head>
<body>
<form method="post" action="">
<div class='div1'>
<div class='div2'>
<label for="name">Name of the user:</label>
<input class ='in'type="text" id="name" name="name" size="20">
</div>
<div class='div2'>
<label class = 'label' for="name">Code:</label>
<input class='in' id ='code' type="text" name="code" size="20">
</div>
<div class="div2" id='b'>
<input type="submit" value="send" class='button'>
</div>
</div>
</form>
<?php
if (isset($_POST['name'])) {
$db = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);
$requete = 'INSERT INTO the_name_of_the_database's_table VALUES(NULL,"' . $_POST['name'] . '","' . $_POST['code'] . '")';
mysqli_query($db, $requete);
$query = "SELECT * FROM the_name_of_the_database's_table";
$Data = mysqli_query($db, $query);
var_dump[$Data];
}
?>
</body>
</html>
Now an important thing to note, never use this in a live website as it would open up your website to SQL injection. You should use prepared statements instead, but for learning purposes, this is fine.
So i have a file with PHP and HTML in it. The HTML works fine but when i enter the PHP it does not render anything for some reason. See code for beter refrence.
Also logs don't really say anything about the issue.
This fails to do anything
<?php
echo $_POST['naam'];
die();
?>
<!DOCTYPE html>
<html>
<head>
<title>Scouts Permeke</title>
<link rel="stylesheet" type="text/css" href="siteStyle.css">
</head>
<body>
<H2>Login</H2>
<form action="login.php" method="POST">
<input name="naam" type="text" id="naam" class="form-control" placeholder="Gebruikersnaam"/><br>
<input name="psw" type="password" id="psw" class="form-control" placeholder="Passwoord"/><br>
<button type="submit">Login</button>
</form>
</body>
</html>
But this shows my HTML as intended.
<!DOCTYPE html>
<html>
<head>
<title>Scouts Permeke</title>
<link rel="stylesheet" type="text/css" href="siteStyle.css">
</head>
<body>
<H2>Login</H2>
<form action="login.php" method="POST">
<input name="naam" type="text" id="naam" class="form-control" placeholder="Gebruikersnaam"/><br>
<input name="psw" type="password" id="psw" class="form-control" placeholder="Passwoord"/><br>
<button type="submit">Login</button>
</form>
</body>
</html>
You need to check if the variable is actually set, otherwise it will always print out the content of $_POST['naam'] without bothering if the user already inputted data and pressed the Submit-button.
if(isset($_POST['naam'])) {
echo $_POST['naam'];
die();
}
That is because it is ignoring an error as the $_POST array doesn't have the "naam" variable and your php.ini for display error is off. In php, if the array doesn't contain the key it will throw error and in this the error is ignored because of the production settings. Also, this is the reason why the "die();" line is not interpreted. Please check if php.ini has or commented
display_errors: Off
and make it into
display_errors: On
Restart apache to getting the settings work.
You can also remove/comment the first line of code in PHP tag and see if die() is working. Please do let us know if this fixed your error.
I'm trying to create a registration page. The page is successfully connected to phpMyAdmin database but it does not echo anything when i click the register button.
<html>
<head>
</head>
<body>
<?php
INCLUDE "connect.php";
INCLUDE "functions.php";
INCLUDE "titlebar.php";
?>
<div id="loginform">
<h1>Register</h1>
<form name="Register" action="register.php" method="post">
<?php
if(isset($POST["submit"])){
$username = $_POST["username"];
$password = md5 ($_POST["password"]);
if(empty($username) or empty($password)){
echo "<p>Fields Empty!</p>";
} else {
mysql_query("INSERT INTO login VALUES('',$username','$password','2','')");
echo "<p>Successfully Registered!</p>";
}
}
?>
<p>
<label for="username">Username: </label>
<input type="text" name="username" id="username"/></p><p>
<label for="password">Password: </label>
<input type="password" name="password" id="password"/></p><p>
<input type="submit" name="submit" value="Register" />
</p>
</form>
</div>
</body>
The problem is with the post method.
use $_POST instead of $POST
You have mysql error
Not: $username'
but '$username'
And next time display mysql errors with mysql_error().
At the beginning, I am not sure what isset($_POST['submit'] should return, but as already mentioned in the comments you missed a single quote.
Additionaly i would use:
$password = password_hash($_POST['password'],
md5 is deprecated and thus not safe. If you write a login script you can use password_verify(plainPW, hashPW)
You also need to specify a database and login into it. I recommend to look at the W3 Schools examples they are very in-depth and have good examples.
W3 school mysqli page
also write a die() at the end of your script and do not foregt to close the connection.
I am new to web designing. Now, I have created a form, and if the user input doesn't meet the requirements I display error message, and if it does I do some mysql commands to enter the info to the database. Now one way to do this is to code the php file into the html and use this command,<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> like described [here][1]
But I don't want to put the script in the same file. How do I do that in another php file such that if user input is invalid, it will return to the homepage with the error message updated?
Here is my code
<!DOCTYPE html>
<head>
<link rel="stylesheet" type="text/css" href="register.css">
</head>
<h1>Register as A new user</h1>
<div id="signup">
<form id="registration_form" action="registration.php" method="post">
<p>
<label>Name</label>
<input type="text" name="name"/>
<span class="errorMessage"></span>
</p>
<p>
<label>Email</label>
<input type="text" name="email"/>
<span class="errorMessage"></span>
</p>
<p>
<label>Password</label>
<input type="password" name="passwd"/>
<span class="errorMessage"></span>
</p>
<p>
<label>Repeat Password</label>
<input type="password" name="repasswd"/>
<span class="errorMessage"></span>
</p>
<input type="submit" class="button" value="sign up"/>
</form>
</div>
What should be in the registration.php? Like the link, I do everything, I set a flag to the error, Now if the flag is true I return the user to the homepage with the error messages, and if false, I show a message saying registration successful. How do I do the part,"return to homepage with the appended error message"?
All your validation and bulletproofing should be in the registration.php
stuff like this:
//both parameters are required, so make sure they were passed-in
if(!isset($_GET['name'])) {
die('Must pass \'name\');
//both parameters are required, so make sure they were passed-in
if(!isset($_GET['email'])) {
die('Must pass \'email\');
}
if(!isset($_GET['passwd'])) {
die('Must pass \'password\');
} else {
//do cool stuff here
}
Don't forget your JS validation as well for the front end. I really hope this helps and gives you a bit of direction.
put your validation codes in "validate.php" or any file name you like
then change the action to validate.php to
then in validate.php if validation matches the requirements.
header("Location: registration.php");
if not match
header("Location: back to the httml with form.php");
You can learn form validation here : http://allitstuff.com/registration-form-in-php-with-validation/