I have an issue where a php page which runs twice, but it only runs twice when connecting through a proxy server. This code runs fine if the user doesn't connect through a proxy.
How do I fix this so that it will only run once, whether connecting through a proxy or not?
This php code is running within a Drupal CMS page, but independent of Drupal. The user gets to this page by clicking on a hyperlink.
Is it that I am using header to redirect the user to another page?
<?php
$userId = 0;
$userId = $_GET["userId"];
$userEmail = 0;
$userEmail = $_GET["userEmail"];
$userName = 0;
$userName = $_GET["userName"];
//connect to the database
$con = mysql_connect("HOSTNAME","USERNAME","PASSWORD");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
else
{
//echo "Connected.";
//echo "<br>";
}
mysql_select_db("formredirectdata", $con);
$userId = intval($userId);
mysql_query("INSERT INTO webforms
(userid, formisactive, formname, formtitle, shortdesc, confirmationlink) VALUES('$userId', '1', 'Form Name', 'Form Title', 'Short Description', 'Confirmation Link') ")
or die(mysql_error());
$newformnum = mysql_insert_id();
$recipientname = 0;
$recipientemail = 0;
$recipientname = "default" . $newformnum;
$recipientemail = $userEmail;
//send to the next script
header('Location: addtriggernewform.php?formnum2=' . $newformnum . '&recipientemail=' . $recipientemail . '&operator=(default)&inputname=(default)&triggervalue=(default)&userName=' . $userName);
?>
I later found out that the reason the query was getting processed twice is that I was logged into the website (Drupal based) in two different browsers with different user accounts. After logging out in one of the browsers then the query no longer gets processed twice. This must be a quirk involving Drupal and temporary internet files.
Related
localhost redirected you too many times. Try clearing your cookies. ERR_TOO_MANY_REDIRECTS
My code was working perfectly fine, but today this error occurred not quite sure why. I have cleared browsing data, deleted cookies but nothing works. The rest of my site is functioning well, just this user login page. I am using PHPstorm.
<?php
include_once("db.php");
if (isset($_POST['Login'])) {
$email = $_POST['email'];
$password = $_POST['pwd'];
$path = "home.php";
$select = "SELECT * FROM finalflight.tbl_book
WHERE email='" . $email . "'
AND ContactNo='" . $password . "'";
$query = mysqli_query($conn, $select);
}
if ($row = mysqli_fetch_assoc($query)) {
session_start();
$_SESSION['email'] = $row['email'];
$_SESSION['name'] = $row['BookedBy'];
$_SESSION['ContactNo'] = $row['ContactNo'];
$_SESSION['bookid'] = $row['SrNo'];
$_SESSION['uid'] = session_id();
$path = "home.php";
} else {
$path = "login.php?msg='unable to login'";
}
header("location:$path");
I have attached the error message screenshot. I am intrigued to know why the error has occurred wondering if someone could explain what is actually going on. PHPstorm came up with a redirect link for my page which I copied to clipboard and pasted it into my browser but that didn't seem to work. Is this a programming issue or a web browser issue? I have checked through my code and there doesn't seem to be any errors. I have tried reloading the web browser many times, deleted history nothing seems to work.
Error Message
you are calling header function while page leading that's why too many redirections. call header after post submitted
try this,
<?php
include_once("db.php");
if (isset($_POST['Login'])) {
$email = $_POST['email'];
$password = $_POST['pwd'];
$path = "home.php";
$select = "SELECT * FROM finalflight.tbl_book
WHERE email='" . $email . "'
AND ContactNo='" . $password . "'";
$query = mysqli_query($conn, $select);
if ($row = mysqli_fetch_assoc($query)) {
session_start();
$_SESSION['email'] = $row['email'];
$_SESSION['name'] = $row['BookedBy'];
$_SESSION['ContactNo'] = $row['ContactNo'];
$_SESSION['bookid'] = $row['SrNo'];
$_SESSION['uid'] = session_id();
$path = "home.php";
} else {
$path = "login.php?msg='unable to login'";
}
header("location:$path");
}
Your browser will tell you what is going wrong if you dig a bit deeper. Likely your PHP error logging is trying to tell you about some of the problems too.
At a guess, The code you've shown us is probably working OK, but the page you are redirecting to is sending you back to this page - but you should NEVER REDIRECT TO THIS CODE! Actually, the code you've shown us should be re-written to handle the case where it is retrieved without the required POST vars without going completely pear-shaped.
Use the network monitor in your browser to see where you are getting 302 responses and where they are directing you to. Make sure your error logging is working properly and recording errors.
I've spent some hours on finding a suitable free web hosting service for a project's website. It's nothing overly fancy and doesn't include much more than a MySQL database connection and a very simple login system. However, I have not been able to find a single hosting service that gets the site running properly (everything is working fine locally).
In particular, the login script doesn't work online (similar problem with two web hosting services, Byethost and Web4Free.eu
<?php
error_reporting(E_ALL);
session_start();
include "db-connect.php";
if (isset($_GET['login'])) {
$login = $_GET['login'];
if ($login == 1 && isset($_POST['email']) && isset($_POST['password'])) {
$email = $_POST['email'];
$password = $_POST['password'];
$mysqli = checkDataBaseConnection();
$query = $mysqli->query("SELECT `user`.`password` FROM `user`, `alumni` WHERE `alumni`.`mail`='".$email."' AND `alumni`.`id`=`user`.`id`");
$hash_raw = $query->fetch_array();
if (!empty($hash_raw)) {
$hash = $hash_raw[0];
if (password_verify($password, $hash)) {
$_SESSION['loggedin'] = 1;
header('Location: dash.php');
exit;
}
}
}
}
?>
db-connect.php:
<?php
function checkDataBaseConnection() {
// Defining all variables, etc.
if(!isset($mysqli)) {
$mysqli = new mysqli($mysql_host, $mysql_name, $mysql_pw, $mysql_db);
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
if (!mysqli_set_charset($mysqli, "utf8")) {
printf("Error loading character set utf8: %s\n", mysqli_error($mysqli));
}
}
return $mysqli;
}
?>
Despite having set the error_reporting to E_ALL, no error is displayed after submitting an e-mail adress that is saved within the database (no matter if the password is correct or not). In fact, nothing is displayed, only a literally empty page. If the e-mail adress is not in the database, everything works fine. Even more strangely, the database connection works perfectly in another (non-login).
Is there some obvious error I have overlooked or are these problems related to some PHP settings of the hosting service? If so, can you recommend another free hosting service that is supporting these features?
Thanks a lot,
My PHP script was written to send email and SMS when some new information is entered in the front end to members in database. However the email code and SMS code are working individually, but when put together the code is not getting executed.
The code in fact skipped. I tried making a deliberate error in the called function but it did not recognize it. Why?
<?php
error_reporting(E_ALL ^ E_NOTICE);
define('INCLUDE_CHECK', true);
require 'functions.php';
include ("generatesms.php");
include ("class.phpmailer.php");
include ("../sendsmsV3.5/sendsmsV3.5/CurlProcess.php");
include ("../sendsmsV3.5/sendsmsV3.5/Way2Sms.php");
include ("class.smtp.php");
// The above files can be included only if INCLUDE_CHECK is defined
$host = "localhost"; // Host name
$username = "root"; // Mysql username
$password = ""; // Mysql password
$db_name = "test"; // Database name
$tbl_name = "mails"; // Table name
// Connect to server and select database.
mysql_connect($host, $username, $password) or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
// Get values from form
$subject = $_POST['subject'];
$email = $_POST['email'];
$phone = $_POST['phone'];
//$dept = $_POST['dept'];
$content = $_POST['content'];
$month = $_POST['birthday-mm'];
$day = $_POST['birthday-dd'];
$year = $_POST['birthday-yyyy'];
$date_eve = "$year-$month-$day";
$dept = $_POST['branch'];
if (empty($dept)) {
echo("You didn't select any DEPEARTMENTS.");
} else {
$N = count($dept);
for($i=0; $i < $N; $i++) {
echo $dept[$i]; echo "<br>";
$dep = $dept[$i];
// Insert data into mysql
$sql = "INSERT INTO $tbl_name(subject, body, dept, phone, email, date_eve) VALUES ('$subject', '$content', '$dep', '$phone', '$email', '$date_eve')";
$result = mysql_query($sql);
// if successfully insert data into database, displays message "Successful".
if ($result) {
echo "Successful";
echo "<BR>";
newssender($dept, $content, $subject);
generatesms($dept,$date_eve,$subject);
echo "<a href='index.php'>Back to main page</a>";
} else {
echo "ERROR";
}
}
}
// close connection
mysql_close();
Firstly you have a big problem with all of your SQL. You shouldn't use mysql_* functions as they are deprecated and you're not sanitizing your inputs leaving you exposed to vulnerabilities. (http://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php)
If you could pose your newssender() function code I can give you a detailed/specific answer but in the meantime I will give a general solution that goes through some debugging processes for other users.
if you have code like this:
myFunction1();
myFunction2();
and myFunction1() is run but myFunction2() is NOT, you can try commenting out // myFunction1() (which it sounds like you did) and at that point if myFunction2() runs then obviously the problem resides in myFunction1(). Here are the things to look for:
Fatal errors. Make sure you have errors and notices turned on to find syntax or other errors in your code
Look for any die or exit that may exist in your code. Those end the script and no more code is executed.
A quick way to test #2 is to do this:
myFunction1();
echo 'I made it here!';
If you don't see "I made it here!" on your screen then obviously the code didn't get that far, meaning the code ended before it returned from myFunction1()
I hope that helps!
Hello, I'm kind of new to php, so don't bash on me, but I just can't figure out what the problem is with this code. So basically I have several forms of output, but as soon as I do anything with mysql ( even just connect and disconnect! ), it won't allow me to do any kind of output. It also won't allow me to redirect.
I tried taking all the code out between the mysql connect and disconnect code and it didn't help to resolve anything, However, as soon as I comment out the mysql connection code, all my outputs and redirects work! I'm trying to build a simple login script that gets the email and password from a form elsewhere. I would love to get this resolved so I could figure out if the rest of it works. And I know that 'header' will not work after echo; the echo and the file writes will not be there as soon as I can make sure this is working. Any help would be appreciated! Thanks!
<?php
/*
Login.php searches for the email address given by loginPage.php in the data base.
If the email is found and the password given by loginPage.php matches that stored
in the data base, a session will begin and the client will be redirected to the
main page.
*** INCOMPLETE ***
*/
echo "HELLO!";
$email = $_POST["email"];
$password = $_POST["password"];
$errorLog = fopen("login.txt", "w");
fwrite($errorLog, "***Sesion started***");
$mysql_id = mysql_connect("localhost", "root", "12131");
if (!$mysql_id)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db('informationStation', $mysql_id);
$results = mysql_query("SELECT password FROM Personals WHERE email = '" . $email . "';", $mysql_id);
if($results != null && $password == mysql_fetch_array($result))
{
$redirect = 'Location: http://127.0.1.1/main.php';
}
else
{
$redirect = 'Location: http://127.0.1.1/loginPage.php';
{
mysql_close($mysql_id);
fwrite($errorLog, "result: " . $results);
fwrite($errorLog, "redirect: " . $redirect);
fclose($errorLog);
header($redirect);
?>
Try this to get you started..
$results = mysql_query("SELECT password FROM Personals WHERE email = '" . $email . "'", $mysql_id) or die(mysql_error());
But you also need to read about sql injection.
And you should not store passwords in your database without salting and hashing them.
And you also need to use array syntax to access the data from your result...
$mysql = mysql_connect("localhost", "root", "12131") or die('Could not connect: ' . mysql_error());
mysql_select_db('informationStation', $mysql);
function loged($email, $password) {
$result = mysql_query("SELECT id FROM Personals WHERE email = '" . $email . "' AND password='" . $password . "'");
if(mysql_num_rows($result) != 1)
return false;
return true;
}
if(loged(mysql_real_escape_string($email), md5($password))) {
header('Location: http://127.0.1.1/mainPage.php');
exit;
}
header('Location: http://127.0.1.1/loginPage.php');
In this example you need to store users password using md5 encryption method (search for other more securely encryption methods).
Also we've escaped the email address against sql injection.
I've created a function which can be called every time you want to see if the user is loged in or not.
Note that this is not a complete login script. You will also need to make a login function where you'll have to start a new session for each user.
I am creating a ajax notification and this is part of my system allowing a user to favorite, or archive, that notification. The problem is that this php code below won't work and there is no error in the queries because the or die returns nothing. What is returned is just error. That is all it is echoing. I know the javascript is correct and sending the correct information because I have checked the network tab to see. Are there any major errors that I am missing?
<?php
require_once('.conf.php');
$notid = mysql_real_escape_string($get['notification_id']);
$username = mysql_real_escape_string($_SESSION['uname']);
$action = mysql_real_escape_string($get['action']);
if ($action == 'add') {
$insert = mysql_query("UPDATE updates SET object_fav = 1 WHERE username = '$username' AND id = '$notid'") or die('Could not connect: ' . mysql_error());
echo 'success';
} elseif($action == 'sub') {
$remove = mysql_query("UPDATE updates SET object_fav = 0 WHERE username = '$username' AND id = '$notid'") or die('Could not connect: ' . mysql_error());
echo 'remove';
} else {
echo 'error';
}
?>
PHP has no default array called $get. Perhaps you intend to use the $_GET superglobal.
$action = mysql_real_escape_string($_GET['action']);
$notid = mysql_real_escape_string($_GET['notification_id']);
It prints error when $action is not matched in your if/else chain, because the variable isn't correctly set.
Be sure that you are developing with display_errors turned on, and error_reporting(E_ALL);. The undefined variable $get would display warnings on screen.
ini_set('display_errors', 1);
error_reporting(E_ALL);