This question already has answers here:
$_POST is empty after form submit
(6 answers)
Closed 6 months ago.
Form:
<form id="register" method="POST" action="pro/register.php">
<input type="text" maxlength="30" placeholder="Username" id="user" /><br />
<input type="email" maxlength="64" placeholder="Email" id="email" /><br />
<input type="password" placeholder="Password" id="pass1" /><br />
<input type="password" placeholder="Confirm Password" id="pass2" /><br />
<input type="submit" value="Register" id="submit_register" />
</form>
pro/register.php page:
$user = $_POST['user'];
$email = $_POST['email'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
//Debug only
echo "<strong>Details:</strong><br>";
echo $user.", ".$email.", ".$pass1.", ".$pass2."<br>";
if($pass1!==$pass2){
header('Location:../login.php?alert=pass');
exit;
}
$hash = hash('sha256', $pass);
include "../inc/functions.php";
$salt = createSalt();
$hash = hash('sha256', $salt . $hash);
include "../inc/connect.php";
$stmt = $dbh->prepare("INSERT INTO `users`
(`username`,`email`,`password`,`salt`,`pic`)
VALUES (:username,:email,:password,:salt,:pic)");
$stmt->bindParam(':username',$user);
$stmt->bindParam(':email',$email);
$stmt->bindParam(':password',$hash);
$stmt->bindParam(':salt',$salt);
$stmt->bindParam(':pic',$pic);
$stmt->execute();
$dbh=NULL;
header('Location:../login.php?alert=newreg');
Output when form is posted:
Details:
, , ,
<input type="text" maxlength="30" placeholder="Username" id="user" name="user"/><br />
try adding the name field.
You must include the 'name' attribute in your form inputs, this is what determines where the value goes in $_POST.
Related
This question already has answers here:
$_POST is empty after form submit
(6 answers)
Closed 5 months ago.
Form:
<form id="register" method="POST" action="pro/register.php">
<input type="text" maxlength="30" placeholder="Username" id="user" /><br />
<input type="email" maxlength="64" placeholder="Email" id="email" /><br />
<input type="password" placeholder="Password" id="pass1" /><br />
<input type="password" placeholder="Confirm Password" id="pass2" /><br />
<input type="submit" value="Register" id="submit_register" />
</form>
pro/register.php page:
$user = $_POST['user'];
$email = $_POST['email'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
//Debug only
echo "<strong>Details:</strong><br>";
echo $user.", ".$email.", ".$pass1.", ".$pass2."<br>";
if($pass1!==$pass2){
header('Location:../login.php?alert=pass');
exit;
}
$hash = hash('sha256', $pass);
include "../inc/functions.php";
$salt = createSalt();
$hash = hash('sha256', $salt . $hash);
include "../inc/connect.php";
$stmt = $dbh->prepare("INSERT INTO `users`
(`username`,`email`,`password`,`salt`,`pic`)
VALUES (:username,:email,:password,:salt,:pic)");
$stmt->bindParam(':username',$user);
$stmt->bindParam(':email',$email);
$stmt->bindParam(':password',$hash);
$stmt->bindParam(':salt',$salt);
$stmt->bindParam(':pic',$pic);
$stmt->execute();
$dbh=NULL;
header('Location:../login.php?alert=newreg');
Output when form is posted:
Details:
, , ,
<input type="text" maxlength="30" placeholder="Username" id="user" name="user"/><br />
try adding the name field.
You must include the 'name' attribute in your form inputs, this is what determines where the value goes in $_POST.
This question already has answers here:
PHP parse/syntax errors; and how to solve them
(20 answers)
Closed 6 years ago.
I have a HTML form which should post the data into an SQL database, No errors occur on submitting but the database does not receive the data.
<?php
include 'init.php';
//check if submit button is clicked
if(isset($_POST['submit'])) {
$User_Username = $_POST['User_Username'];
$User_First_Name = $_POST['User_First_Name'];
$User_Surname = $_POST['User_Surname'];
$User_Email = $_POST['User_Email'];
$User_Password = $_POST['User_Password'];
// prepare sql and bind parameters
$stmt = $pdo->prepare("INSERT INTO users (User_Username, User_First_Name, User_Surname,User_Password,User_Email)
VALUES (:User_Username, :User_First_Name, :User_Surname, :User_Password, :User_Email");
$stmt->bindParam(':User_Username', $User_Username);
$stmt->bindParam(':User_First_Name', $User_First_Name);
$stmt->bindParam(':User_Surname', $User_Surname);
$stmt->bindParam(':User_Email', $User_Email);
$stmt->bindParam(':User_Password', $User_Password);
$stmt->execute();
}
?>
<br>
<form action="" method="post">
<label>Username :</label><br>
<input type="text" name="User_Username" id="User_Username" required="required" placeholder=""/><br /><br />
<label>First Name :</label><br>
<input type="text" name="User_First_Name" id="User_First_Name" required="required" placeholder=""/><br /><br />
<label>Surname :</label><br>
<input type="text" name="User_Surname" id="User_Surname" required="required" placeholder=""/><br /><br />
<label>Email :</label><br>
<input type="email" name="User_Email" id="User_Email" required="required" placeholder=""/><br/><br />
<label>Password :</label><br>
<input type="Password" name="User_Password" id="User_Password" required="required" placeholder=""/><br /><br />
<br>
<input type="submit" value=" submit " name="submit"/><br />
</form>
</body>
</html>
You didn't close VALUES (....
You should have:
$pdo->prepare("INSERT INTO users (User_Username, A_Lot_more)
VALUES (:User_Username, :A_Lot_More)");
// ^ This one was missing
And you should NEVER save passwords as plain-text. Use something like password_hash() -- http://php.net/password_hash
This should be printed on output browser side:
$form = <<<EOT
<form action="register.php" method="POST">
First Name: <input type="text" name="name" /></br>
Last Name: <input type="text" name="lname" /></br>
Username: <input type="text" name="uname" /></br>
Email: <input type="text" name="email1" /></br>
Confirm Email: <input type="text" name="email2" /></br>
Password: <input type="password" name="pass1" /></br>
Confirm Password: <input type="password" name="pass2" /></br>
<input type="submit" value="Register" name="submit" />
</form>
EOT;
echo $form;
But there is nothing.
This is my full code, which I should have added in the first place.
<?php
require("config.php");
?>
<?php
if(isset($_POST['submit'])){
$email1 = $_POST['email1'];
$email2 = $_POST['email2'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
if($email1 == $email2) {
if($pass1 == $pass2) {
//All good. Nastavi broo.
$name = mysql_escape_string($_POST['name']);
$lname = mysql_escape_string($_POST['lname']);
$uname = mysql_escape_string($_POST['uname']);
$email1 = mysql_escape_string($email1);
$email2 = mysql_escape_string($email2);
$pass1 = mysql_escape_string($pass1);
$pass2 = mysql_escape_string($pass2);
}else{
echo "Sorry, your password is not corrext.";
exit();
}
}else{
echo "Sorry!";
}
$form = <<<EOT
<form action="register.php" method="POST">
First Name: <input type="text" name="name" /></br>
Last Name: <input type="text" name="lname" /></br>
Username: <input type="text" name="uname" /></br>
Email: <input type="text" name="email1" /></br>
Confirm Email: <input type="text" name="email2" /></br>
Password: <input type="password" name="pass1" /></br>
Confirm Password: <input type="password" name="pass2" /></br>
<input type="submit" value="Register" name="submit" />
</form>
EOT;
echo $form;
}
?>
Your form will only appear once you click the submit button because it is set inside the if(isset($_POST['submit'])){...} conditional statement. Therefore, you need to move your last brace } above $form = <<<EOT.
} // it belongs here instead of below echo $form;
$form = <<<EOT
<form action="register.php" method="POST">
First Name: <input type="text" name="name" /></br>
Last Name: <input type="text" name="lname" /></br>
Username: <input type="text" name="uname" /></br>
Email: <input type="text" name="email1" /></br>
Confirm Email: <input type="text" name="email2" /></br>
Password: <input type="password" name="pass1" /></br>
Confirm Password: <input type="password" name="pass2" /></br>
<input type="submit" value="Register" name="submit" />
</form>
EOT;
echo $form;
?>
and make sure you are accessing it as http://localhost/file.php and not as c://file.php
EDIT:
Here's a rewrite:
<?php
require("config.php");
?>
<?php
if(isset($_POST['submit'])){
$email1 = $_POST['email1'];
$email2 = $_POST['email2'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
if($email1 == $email2) {
if($pass1 == $pass2) {
//All good. Nastavi broo.
$name = mysql_escape_string($_POST['name']);
$lname = mysql_escape_string($_POST['lname']);
$uname = mysql_escape_string($_POST['uname']);
$email1 = mysql_escape_string($email1);
$email2 = mysql_escape_string($email2);
$pass1 = mysql_escape_string($pass1);
$pass2 = mysql_escape_string($pass2);
}else{
echo "Sorry, your password is not corrext.";
exit();
}
}else{
echo "Sorry!";
}
} // brace for submit conditional
$form = <<<EOT
<form action="register.php" method="POST">
First Name: <input type="text" name="name" /></br>
Last Name: <input type="text" name="lname" /></br>
Username: <input type="text" name="uname" /></br>
Email: <input type="text" name="email1" /></br>
Confirm Email: <input type="text" name="email2" /></br>
Password: <input type="password" name="pass1" /></br>
Confirm Password: <input type="password" name="pass2" /></br>
<input type="submit" value="Register" name="submit" />
</form>
EOT;
echo $form;
?>
Passwords
I also noticed that you may be storing passwords in plain text. This is not recommended. If you intend on going LIVE with this, do read the following.
Use one of the following:
CRYPT_BLOWFISH
crypt()
bcrypt()
scrypt()
On OPENWALL
PBKDF2
PBKDF2 on PHP.net
PHP 5.5's password_hash() function.
Compatibility pack (if PHP < 5.5) https://github.com/ircmaxell/password_compat/
Other links:
PBKDF2 For PHP
I'm trying to make registration form, but there is some problem, I can't get where it is.
Errors:
Notice: Undefined index: username in ...
Notice: Undefined index: password in ...
<form method="POST">
<?php
if(isset($_POST['submit'])) {
$username = $_POST['username'];
$password = md5($_POST['password']);
if(empty($username) or empty($password)) {
echo "<p>Fields are empty!</p>";
} else {
mysql_query("INSERT INTO users VALUES('', '$username', '$password', '2', '')");
echo "<p>Registration successful!</p>";
}
}
?>
<p><label for="username">Username: </label><input type="text" id="username" /></p>
<p><label for="password">Password: </label><input type="password" id="password" /></p>
<input type="submit" name="submit" value="Sign up">
</form>
Thanks!
You need to put the name for your inputs:
<label for="username">Username: </label><input type="text" name="username" id="username" />
<label for="password">Password: </label><input type="password" name="password" id="password" />
That should fix the problem!
This question already has an answer here:
Submission form won't stay on same page
(1 answer)
Closed 9 years ago.
Okay so, I've posted this already but still haven't found a solution. I can't seem make my form stay on the same page and I've basically tried EVERYTHING I could possibly think of.
<?php include("inc\incfiles\header.inc.php"); ?>
<?php
$reg = #$_POST['reg'];
//declaring variables to prevent errors
$fn = $ln = $un = $em = $em2 = $pswd = $pswd2 = $d = $u_check = "";
/*$fn = ""; //First Name
$ln = ""; //Last Name
$un = ""; //Username
$em = ""; //Email
$em2 = ""; //Email 2
$pawd = ""; //:Password
$pawd2 = ""; //Password 2
$d = ""; //Sign up Date
$u_check = ""; //Check if username exists*/
//registration form
$fn = mysql_real_escape_string(#$_POST['fname']);
$ln = mysql_real_escape_string(#$_POST['lname']);
$un = mysql_real_escape_string(#$_POST['username']);
$em = mysql_real_escape_string(#$_POST['email']);
$em2 = mysql_real_escape_string(#$_POST['email2']);
$pswd = mysql_real_escape_string(#$_POST['password']);
$pswd2 = mysql_real_escape_string(#$_POST['password2']);
$d = date("Y-m-d"); //Year - Month - Day
if ($reg)
{
//check all of the fields have been filled in
if ($fn && $ln && $un && $em && $em2 && $pswd && $pswd2) {
}
else{
echo "please fill in all fields...";
}
}
?>
<table class="homepageTable">
<tr>
<td width="60%" valign="top">
<center><h2>Join the community today!</h2></center>
<center><img src="images/photo.png" width="500"></center>
<form>
</td>
<td width="40%" valign="top">
<h2>Get started below...</h2>
<form action="#" method="post">
<input type="text" size="25" name="firstname" placeholder="First Name" value="<?php echo $fn; ?>"/>
<input type="text" size="25" name="lastname" placeholder="Last Name" value="<?php echo $ln; ?>"/>
<input type="text" size="25" name="username" placeholder="Username" value="<?php echo $un; ?>"/>
<input type="text" size="25" name="email" placeholder="Email" value="<?php echo $em; ?>">
<input type="text" size="25" name="email2" placeholder="Repeat Email" value="<?php echo $em2; ?>"/>
<input type="password" size="32" name="password" placeholder="Password"/>
<input type="password" size="32" name="password2" placeholder="Repeat Password"/><br />
<input type="submit" name="reg" value="Sign Up!"/>
</form>
</td>
</tr>
</table>
My biggest problem is with the:
<form action="#" method="post">
<input type="text" size="25" name="firstname" placeholder="First Name" value="<?php echo $fn; ?>"/>
<input type="text" size="25" name="lastname" placeholder="Last Name" value="<?php echo $ln; ?>"/>
<input type="text" size="25" name="username" placeholder="Username" value="<?php echo $un; ?>"/>
<input type="text" size="25" name="email" placeholder="Email" value="<?php echo $em; ?>">
<input type="text" size="25" name="email2" placeholder="Repeat Email" value="<?php echo $em2; ?>"/>
<input type="password" size="32" name="password" placeholder="Password"/>
<input type="password" size="32" name="password2" placeholder="Repeat Password"/><br />
<input type="submit" name="reg" value="Sign Up!"/>
</form>
I want to be able to press the submit button and have it stay on the same page.
I've tried leaving the blank I've tried a few other suggestions but I keep coming up with nothing. I've been trying to figure it out for 2 days now and it just won't budge. When pressing the submit button on my site in xampp, it just takes me to another page that says OBJECT NOT FOUND...etc.
If anyone can help, it would be greatly appreciated! I really don't want to have to start all over with my coding just because of one mistake.
Header.inc.php
<?php
include("inc/scripts/mysql_connect.inc.php");
?>
<html>
<head>
<link href="css\main.css" rel="stylesheet" type="text/css">
<title>website</title>
</head>
<body>
<div class="headerMenu">
<div id="wrapper">
<div class="logo">
<img src="images/Logo.png">
</div>
<div class="search_box">
<form method="GET" action="search.php" id="search">
<input name="q" type="text" size="60" placeholder="Search..."
</form>
</div>
<div id="menu">
Home
About
Sign Up
Log in
</div>
</div>
<br />
<br />
<br />
<br />
TRY USING $_SERVER['PHP_SELF']
http://php.net/manual/en/reserved.variables.server.php
By staying on the same page , I think you mean you want to submit the page , refresh & send data. if you mean that , so you may use this as your tag :
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" >
However , if you want your page not to be refreshed , you need to work with Jquery , JavaScript etc.
Your problem is this line in your inc\incfiles\header.inc.php
<input name="q" type="text" size="60" placeholder="Search..."
You are missing the closing bracket -
<input name="q" type="text" size="60" placeholder="Search..." />
^^
because of that, the closing form tag on the next line is not beinging parsed, so your form in index.php is being nestled inside the <form method="GET" action="search.php" id="search">
Instead of form action="#" write form action="" Notice there are 2 ticks with nothing in between.