I have a form in a file index.php that posts to a second page like this:
<form method="post" id="signupform" name="signupform" action="functions.php">
<label for="user_id">Username:</label><span id="asterix">*</span> <br>
<input name="user_id" type="text" id="user_id" required><br><br>
<label for="new_password">Password:</label><span id="asterix">*</span> <br>
<input name="new_password" type="password" id="new_password" required><br><br>
<label for="confirm_password">Confirm password:</label><span id="asterix">*</span> <br>
<input name="confirm_password" id="confirm_password" type="password" required><br><br>
<label for="new_email">Email:</label><span id="asterix">*</span> <br>
<input name="new_email" id="new_email" type="email" required>
<input hidden="hidden" name="action" value="signup">
<br><br>
<input id="createaccount" type="submit" value="Create account">
</form>
The submit is done through jQuery submitHandler like this:
submitHandler: function(signupform) {
$(signupform).ajaxSubmit({
target:'#result',
success: function(){
$("#result").css("display","block");
$('#box').animate({'top':'-800px'},500,function(){
$('#overlay').fadeOut('fast');
$('#loginmain').hide();
});
}
})
}
The result is shown in a div in the same page as follows:
<div id="result" class="success_message" style="display: none"></div>
On the second page, functions.php, I have what needs to be displayed in the div.
Now the problem is that I created a third file called db.php to do database operations.
if (isset($_POST['action']) && $_POST['action'] == "signup") {
$user_id = mysql_real_escape_string($_POST["user_id"]);
$new_password = md5(mysql_real_escape_string($_POST["new_password"]));
$new_email = mysql_real_escape_string($_POST["new_email"]);
$create_account = "INSERT INTO users(username, email, password ) VALUES ('" . $user_id . "','" . $new_password . "','" . $new_email . "')";
if($create_account){echo "done";}else echo "failed";
if(mysqli_query($str, $create_account)){
echo "successful insert";
}
}
Although I have included db.php in the index.php, the queries do not get executed because in fact, it seems that the form does not postcorrectly because if I put an echo "test" after the if statement, it does not show, but if I replace the action="functions.php" by action="", things work, but then the submithandler does not behave correctly.
Shouldn't you specify type=hidden instead of hidden=hidden in your input declaration as:
<input type="hidden" name="action" value="signup">
instead of
<input hidden="hidden" name="action" value="signup">
Did you check the posted values in your php scripts before the if statement?
You should include db.php in functions.php as well in order to have these functions work there as well.
Related
I am trying to write a simple html form which requires the user to enter the correct email and password, using $_SERVER as the action for my form. I do not want to send the POST info to another php page, but I want to do it on the same page instead.
I have set two variables, $correct_email and $correct_password.
Here is the form;
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<label for="eml">Email:</label>
<input type="email" name="eml" id="eml" required>
<br>
<label for="pwd">Password:</label>
<input type="password" name="pwd" id="pwd" required>
<br>
<input type="hidden" name="checkMe" value="12345">
<input type="submit" name="submit" value="Submit">
</form>
Here is what I am trying to get work in PHP
$correct_email = "(my personal email)";
$correct_password = "password"];
if ($_POST['eml']) == $correct_email && ($_POST['pwd']) == $correct_password {
echo "<h1>You are logged in</h1>";
} else {
echo "<h1>error</h1>";
}
It is not working, please help! I am also unclear on whether the PHP should come before or after the form.
Also, I would like to have the form be cleared from view, on the page, when the correct info is entered.
Thanks so much
Change the name of the submit button - never call anything "submit" in a form
Put the test at the top
You had issues with the ( and ) in the test
Also an issue with a ] after "password"
<?php
if ($_POST["subBut"] === "Submit") {
$correct_email = "(my personal email)";
$correct_password = "password";
if ($_POST['eml'] == $correct_email && $_POST['pwd'] == $correct_password) {
echo "<h1>You are logged in</h1>";
} else {
echo "<h1>error</h1>";
}
}
else {
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER[" PHP_SELF "]); ?>">
<label for="eml">Email:</label>
<input type="email" name="eml" id="eml" required>
<br>
<label for="pwd">Password:</label>
<input type="password" name="pwd" id="pwd" required>
<br>
<input type="hidden" name="checkMe" value="12345">
<input type="submit" name="subBut" value="Submit">
</form>
<?php } ?>
I have created a HTML form which will need to insert the data that was entered into the form straight into a table in mySQL.
newuser.php file
<?php
//including the connection page
include('./DB_Connect.php');
//get an instance
$db = new Connection();
//connect to database
$db->connect();
//fetch username and password
$usertype = $_POST['userType'];
$firstname = $_POST['firstName'];
$lastname = $_POST['lastName'];
$username = $_POST['userName'];
$password = $_POST['password'];
$address1 = $_POST['add1'];
$address2 = $_POST['add2'];
//write the sql statement
$query = "INSERT INTO USERS (usertype, fname, lname, username, password, add1, add2)
VALUES ('$usertype', '$firstname', '$lastname', '$username', '$password', '$address1', '$address2')";
mysql_query($query,$db);
if (($query) == TRUE) {
echo "New record created successfully";
header("Location: login.php", true);
exit();
}
else
{
echo "Error: " . $sql . "<br>" . $conn->error;
header("Location: register.php", true);
exit();
}
//close once finished to free up resources
$db->close();
?>
With the following html form:
<form action="newuser.php" method="POST" class="form" id="registerForm">
<label> Type of user: </label> <br>
<input type="radio" name="userType" id="itemSeeker">Item Seeker </input>
<input type="radio" name="userType" id="itemDonor">Item Donor </input>
<input type="radio" name="userType" id="peopleSeeker">People Seeker </input>
<input type="radio" name="userType" id="peopleDonor">People Donor </input>
<br>
<br>
<div class="form-inline">
<div class="form-group">
<input type="text" name="firstName" placeholder="First Name: " align="center" class="form-control" ></input>
</div>
<div class="form-group">
<input type="text" name="lastName" placeholder="Last Name: " align="center" class="form-control" ></input>
</div>
</div>
<br>
<input type="text" name="email" placeholder="Email Address: "align="center" class="form-control" ></input>
<br>
<div class="form-inline">
<div class="form-group">
<input type="text" name="userName" placeholder="Username: " align="center" class="form-control" ></input>
</div>
<div class="form-group">
<input type="password" name="password" placeholder="Password: " align="center" class="form-control" ></input>
</div>
</div>
<br>
<!-- <label> Address 1: </label>-->
<input type="text" name="add1" placeholder="Address 1: " align="center" class="form-control" ></input>
<!-- <label> Address 2: </label>-->
<input type="text" name="add2" placeholder="Address 2: " align="center" class="form-control" ></input>
<br>
<button class="btn btn-primary" name="submitReg" type="submit">Submit</button><br>
<br>
<a href="login.php" >Already have an account?</a>
</form>
The USERS table
The above two blocks of code and the code that I'm working with.
My problem here is, when the form is submitted, the data isn't actually being entered into the table. Note that the first ever submission actually did work. All submissions after the first one don't seem to be entering anything into the database.
I'm not quite sure what's wrong with my code for it to not work. It does go to the 'login.php' page which means there aren't any faults and the query submitted correctly.
Could someone please tell me what I'm doing wrong, thank you.
right now you have alot more trouble than your insert problem. your code is totaly insecure. (mysql injections).
Dont use mysql_* functions use pdo instead with prepared statements!
you output spaces before you send a header you cant send header if you have output. your redirect wouldnt work. dont relay on a clientside redirect use may have it disabled so output a link where you want the user to go.
anotherthing your radio buttons have no value check html syntax
var_dump($_POST) and check if you submit everything. also check for isset or empty befor assign variables. do some sort of validation.
have a look at some php frameworks they provide much more flexibility and error checking
dont reinvent the wheel by writing everthing by your own in a 10 or more year behind procedural way
<?php require 'db_connect.php'; ?>
<form id="form1" name="form1" method="post" enctype="multipart/form-data" action="register.php" >
Username :
<input type="text" id="username" class="username" name="username" value="">
<br>
Password :
<input type="password" id="password" class="password" name="password" value="">
<br>
Confirm Password :
<input type="password" id="con_password" class="con_password" name="con_password" value="">
<br>
Phone No. :
<input type="text" id="phoneno" class="phoneno" name="phoneno" value="">
<br>
<input type="submit" id="submit" name="submit" class="submit" value="Register">
</form>
<?php
if(isset($_REQUEST['submit']))
{
$res = "insert into register(username, password, phoneno) value('".$_POST["username"]."','".$_POST["password"]."','".$_POST["phoneno"]."')";
mysqli_query($conn, $res);
if(!empty($_POST)){
echo "Registered!";
}
else {
echo "Try Again!";
}
}
?>
I want to check all $_Post fields check for empty, null or 0 if values of form is not filled show error "try again" and filled show error "registered"? please tell me first is this function is correct or not. if not correct what the correct function.
If you want to validate fields through php, you have to check each field individually. There are some checks you can apply on a data.
if ($_POST['field'] === null) //I would suggest === because it will return false if $_POST['field'] is 0 or empty string
if (empty($_POST['field'])) //to check empty data
if (isset($_POST['field'])) //to check if data exists
If you want to validate your fields like is either string? or digits? or alpha numeric? or all lowercase? or uppercase? There are certain functions which allows you to check field by just calling a single function
Please have a look at this page: CType Functions
You can also use this option. Make all fields required you want to check null or 0, this will make sure that data in field is must before submitting form.
Try changing input field from:
<input type="text" id="username" class="username" name="username" value="">
to:
<input type="text" id="username" class="username" name="username" value="" required >
Also as Rishi said you should also edit query, change values to values
Also 1 tip, you are inserting data in database first and then validating data, according to me it is not good practice, you should first validate data then if all went good then insert it into database, else you will add bad data in database also.
Your final code will be:
<?php require 'db_connect.php'; ?>
<form id="form1" name="form1" method="post" enctype="multipart/form-data" action="register.php" >
Username :
<input type="text" id="username" class="username" name="username" required >
<br>
Password :
<input type="password" id="password" class="password" name="password" required >
<br>
Confirm Password :
<input type="password" id="con_password" class="con_password" name="con_password" required >
<br>
Phone No. :
<input type="text" id="phoneno" class="phoneno" name="phoneno" required >
<br>
<input type="submit" id="submit" name="submit" class="submit" value="Register">
</form>
<?php
if(isset($_POST['submit']))
{
$res = "insert into register(username, password, phoneno) values('".$_POST["username"]."','".$_POST["password"]."','".$_POST["phoneno"]."')";
mysqli_query($conn, $res);
}
?>
Some thing is wrong in this code, because when i press the submit button the code inside this block of code it is not executed.
Here is the code:
if(isset($_POST["form"])) {
if (Form::isValid($_POST["form"])){
include 'config_php/insert_lead.php';
} else{
header("Location: " . $_SERVER["PHP_SELF"]);
exit();
}
}
This is a small portion of the form:
<form action="index.php?s=2468" id="multiphase" method="post" class="form-horizontal">
<fieldset>
<input type="text" class="form-control shadow" name="first_name" required="" placeholder="Voornaam:" id="multiphase-element-22">
<input type="text" class="form-control shadow" name="last_name" required="" placeholder="Achternaam: " id="multiphase-element-23">
<input type="email" class="form-control shadow" name="email1" required="" placeholder="E-mailadres:" id="multiphase-element-28">
<input type="submit" value="Submit" name="submit" class="btn btn-primary" id="multiphase-element-29">
</fieldset>
</form>
One more thing the form is generated using PFBC
There isn't a post value named 'form', so you should set one to look for on the submission.
Notice that I have also used the entire POST array in the Form::isValid() check.
PHP:
if(isset($_POST["postback"])) {
$valid = true;
if (Form::isValid($_POST)){
include 'config_php/insert_lead.php';
} else{
header("Location: " . $_SERVER["PHP_SELF"]);
exit();
}
}
HTML:
<form action="index.php?s=2468" id="multiphase" method="post" class="form-horizontal">
<fieldset>
<input type="text" class="form-control shadow" name="first_name" required="" placeholder="Voornaam:" id="multiphase-element-22">
<input type="text" class="form-control shadow" name="last_name" required="" placeholder="Achternaam: " id="multiphase-element-23">
<input type="email" class="form-control shadow" name="email1" required="" placeholder="E-mailadres:" id="multiphase-element-28">
<input type="hidden" name="postback" value="1">
<input type="submit" value="Submit" name="submit" class="btn btn-primary" id="multiphase-element-29">
</fieldset>
</form>
In your code $_POST["form"] is the fault you doing...
if you are using $_POST["form"] then it means you have named any of your input field as "form" which i dont see in your code...
so instead of $_POST["form"] you should use any of the input name you using...
I suggest to use..
$_POST["submit"] instead of $_POST["form"]
because you have already named submit input field as submit...
See if it help
Change form tor submit:
<?php
if(isset($_POST["submit"])) {
if (Form::isValid($_POST["form"])){
include 'config_php/insert_lead.php';
} else{
header("Location: " . $_SERVER["PHP_SELF"]);
exit();
}
}
The the if will be executed BUT the you will still have problems with the next if (Form::isValid($_POST["form"])) I don't know how isValid works but $_POST["form"] does not exist. You can validate all inputs one by one.
I wasn't sure how to phrase the title, but here's what I'm trying to do.
I have a form to login to webmail, I don't have access to the webmail - it just posts the form input to the website and the webmail server takes it from there.
Everyone logging in to this page will be using the same email extension (e.g. "#myemail.com"), so I want to save the hassle of typing that every time, instead they can just write "mike" and the form will add "#myemail.com" on it's own.
I could post this form to a middle ground php page that sticks "mike" + "#mymail.com" together and posts this info to the webmail?
Or is there a simpler way to do this without having to create another page?
<form name="loginForm" action="http://webmail.emailsrvr.com/login.php" method="POST" target="_blank">
<input type="hidden" name="js_autodetect_results" value="SMPREF_JS_OFF">
<input type="hidden" name="just_logged_in" value="1">
<input type="hidden" name="type" value="v3">
<input type="hidden" name="useSSL" id="useSSL" value="">
<input type="email" name="user_name" placeholder="Username" required autofocus>
<input type="password" name="password" placeholder="Password" required>
<label for="remember"><input type="checkbox" name="remember">Remember my info</label>
<button type="submit">Sign In</button>
</form>
I want to take the value entered here...
<input type="email" name="user_name" placeholder="Username" required autofocus>
...and add an extension like "#myemail.com" to it, then post it.
Any idea? Thanks in advance for your help.
I could do something like this?
PAGE 1 - Enter username and password...
<input type="text" name="send_email" placeholder="Username" required autofocus>
<input type="password" name="send_password" placeholder="Password" required>
<label for="remember"><input type="checkbox" name="remember">Remember my info</label>
<button type="submit">Sign In</button>
</form>
PAGE 2 - PHP takes username and adds "#myemail.com" and sends form...
<?php
$form_email = $form_password = "";
if (!empty($_POST['send_email']) && !empty($_POST['send_password'])) {
$form_email = $test($_POST['send_email']) . '#fountaincreations.ca';
$form_password = $test($_POST['send_password']);
echo '<form name="loginForm" action="http://webmail.emailsrvr.com/login.php" method="POST" target="_blank">';
echo '<input type="hidden" name="js_autodetect_results" value="SMPREF_JS_OFF">';
echo '<input type="hidden" name="just_logged_in" value="1">';
echo '<input type="hidden" name="type" value="v3">';
echo '<input type="hidden" name="useSSL" id="useSSL" value="">';
echo '<input type="hidden" name="user_name" value="' . $form_email . '">';
echo '<input type="hidden" name="form_password" value="' . $form_password . '">';
echo '</form>';
} else {
echo '<p style="text-align:center;padding:40px 20px;">Please go back and try again.</p>';
}
function test($data) {
$data = strtolower(data);
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
How do I tell PHP to automatically submit the form though?
Here's what I have if I were to use jQuery:
It doesn't currently work though.
HTML:
<div class="box top">
<form name="loginForm" action="http://webmail.emailsrvr.com/login.php" method="POST" target="_blank">
<input type="hidden" name="js_autodetect_results" value="SMPREF_JS_OFF">
<input type="hidden" name="just_logged_in" value="1">
<input type="hidden" name="type" value="v3">
<input type="hidden" name="useSSL" id="useSSL" value="">
<div class="inner">
<div class="inner-row"><input type="text" name="user_name" placeholder="First Name" required autofocus></div>
<div class="inner-row"><input type="password" name="password" placeholder="Password" required></div>
<div class="inner-row">
<div class="inner-col col-2-4"><label for="remember"><input type="checkbox" name="remember">Remember my info</label></div>
<div class="inner-col col-2-4"><button type="submit">Sign In</button></div>
</div>
</div>
</form>
</div>
<div class="box bottom">
<div class="inner">
<div class="inner-row"><p>Already signed in? <b>Go to your inbox.</b></p>
</div>
</div>
JS:
<script type="text/javascript">
$(document).ready(function(){
$("button[type='submit']").on('click', function(e){
e.preventDefault();
var userEmail = $.trim($("input[name='user_name']").val());
$("input[name='user_name']").val(userEmail+"#fountaincreations.ca");
$("form[name='loginForm']").submit();
});
});
</script>
I think if you want to attach username + "#mymail.com" to useremail field, here is my suggestion:
1# create input user_email (just hide this field)
<input type="hidden" name="user_email" id="user_email" placeholder="User Email">
2# add js below
$('#user_name').on('input', function() {
username = this.value+'#myemail.com';
$('#user_email').val(username);
});
here example
I think this will go like this, hope this will help you. What i am doing in this code is, first I stop the form from being submitted through e.preventDefault(); and then i am taking the value of the required input and assigning it back value by attaching "#mymail.com".
$(document).ready(function(){
$("button[type='submit']").on('click', function(e){
e.preventDefault();
var userEmail = $.trim($("input[type='email']").val());
$("input[type='email']").val(userEmail+"#mymail.com");
$("form[name='loginForm']").submit();
});
});