in my controller i have
if(isset($username) && trim($username)!=='')
{
$exist = $user_obj->checkUsernameExist($username);
if($exist == '1')
{
$form->getElement('username')->addError('This username exists.');
}
}
if ($form->isValid($_POST) ) {
$user_obj->insertUser($_POST);
$this->_helper->flashMessenger->addMessage('User Added Successfully.');
$this->_redirect('/users/usersadministration/');
exit();
}else { //echo 'failure';
//print_r($form->getErrors());
}
but my error message is not displayed even though the value of $exist is 1
Try
if(isset($username) && trim($username)!=='')
{
$exist = $user_obj->checkUsernameExist($username);
if($exist == '1')
{
$form->getElement('username')->addError('This username exists.');
$form->markAsError();
}
}
Your code looks correct you need to provide more lines of code for review.
Related
Hi i need help to make a login check thourght db working anyone can say to me where is the error?
This is the code
if (!empty($_POST['user']) && !empty($_POST['password']))
{
$user=stripslashes(trim($_POST['user']));
$password=stripslashes(trim($_POST['password']));
mysql_connect("localhost","root","");
mysql_select_db("project");
$check=mysql_query("SELECT * FROM utenti WHERE nome='$user' AND password='$password'");
if(mysql_num_rows($check)!0)
{
$details=mysql_fetch_array($check);
$_SESSION['display_name']=$details[0];
$_SESSION['username']=$details[1];
$_SESSION['password']=$details[2];
print "Login succesful. <p> Level access: " . $details["type"] ;
}
else
{
print "Error";
}
}
else
{
print "Not all fields are compiled" ;
}
if ($details["type"] == "admin" )
{
$admn = 1;
}
else
{
$admn = 0;
}
I've no clue why is not working. Thanks in advance.
Change this:
if(mysql_num_rows($check)!0)
To This:
if(mysql_num_rows($check) != 0)
The Script Always Returns Failure(Regardless Of Correct/Incorrect User Information. Nothing Is Wrong with any other files. The Config File works and is just a starter of the sql connection and selects the database.
#include('../settings/config.php');
if (!#include('../settings/config.php')) {
die("<center>Login Failed</center>");
}
//======================================================================
// POST Check(Isset submit comes from html form)
//======================================================================
if(isset($_POST['submit'])) {
// Sanitize All POST Fields
$_POST = array_map('trim', $_POST);
$_POST = array_map('strip_tags',$_POST);
$login_form_user = $_POST['login_user'];
$login_form_pass = $_POST['login_pass'];
// Testing Only
echo("
<center>
Your Username is: $login_form_user!
<br>
Your Password is: $login_form_pass!
</center>
");
//======================================================================
// Input/Database Check
//======================================================================
$user_fetch = <<<LOGIN
SELECT `id` FROM `users`
WHERE `username`='$login_form_user'
AND `password`='$login_form_pass'
LIMIT 1
LOGIN;
$user_result = $sql_connection->query($user_fetch);
if(!$user_result) {
die("<center>Cannot Execute SQL Login Query</center>");
}
if ($sql_connection->num_rows == 1) {
echo("<center>User $login_form_user Exists</center>");
}
if($row = $user_result->fetch_assoc()) {
if(($row['username'] === $login_form_user) && ($row['password'] === $login_form_pass)) {
// Login Is Successful
echo("<center>Login Successful</center>");
} else {
echo("<center>Login Failed</center>");
}
}
} else {
// No Direct File Access Allowed
unset($_POST);
die('No Direct File Access Allowed!');
}
?>
Change:
if(($row['username'] === $login_form_pass)...
To:
if(($row['username'] === $login_form_user)...
You have typo error in this line please change it
if(($row['username'] === $login_form_pass) && ($row['password'] === $login_form_pass))
$row['username'] === $login_form_user// you are comparing it with $login_form_pass
sorry if my question not scene, but when I submit my form no action happen and even no error
appear and I don't know why so please can you help me !!
here my php code
<?php
if (isset ($_POST["submitted"]))
{
if (isset($_POST["proName"]))
{
$namepro=$_POST["proName"];
}
$filename= $_FILES["imgfile"]["name"];
if ((($_FILES["imgfile"]["type"] == "image/gif")|| ($_FILES["imgfile"]["type"] == "image/jpeg") || ($_FILES["imgfile"]["type"] == "image/png") ||
($_FILES["imgfile"]["type"] == "image/pjpeg")) && ($_FILES["imgfile"]["size"] < 200000))
{
if(file_exists($_FILES["imgfile"]["name"]))
{
echo "File name exists.";
}
else
{
move_uploaded_file($_FILES["imgfile"]["tmp_name"],"uploads/$filename");
}
}
else
{
echo "invalid file.";
}
if (isset($_POST["selectcat"]))
{
$selectpro=$_POST["selectcat"];
}
if (isset($_POST["shortDescr"]))
{
$desc=$_POST["shortDescr"];
}
else
{$desc=NULL;}
if (isset($_POST["cost"]))
{
$cost=$_POST["cost"];
}
else
{$cost=NULL;}
if (isset($_POST["product"]))
{
$product=$_POST["product"];
}
else
{$product=NULL;}
if (isset($_POST["marketing"]))
{
$mark=$_POST["marketing"];
}
else
{$mark=NULL;}
if (isset($_POST["power"]))
{
$p=$_POST["power"];
}
else
{$p=NULL;}
if (isset($_POST["risk"]))
{
$risk=$_POST["risk"];
}
else
{$risk=NULL;}
if (isset($_POST["compititiors"]))
{
$comp=$_POST["compititiors"];
}
else
{$comp=NULL;}
$teamWork='';
if (isset($_POST["team1"]))
{
$team=$_POST["team1"];
}
if (isset($_POST["s"]))
{
$s=$_POST["s"];
$teamWork=$team."\t\t".$s;
}
if (isset($_POST["team2"]))
{
$team2=$_POST["team2"];
$teamWork=$team."\t\t".$s."<br>".$team2;
}
else
{$team2=NULL;}
if (isset($_POST["s2"]))
{
$s2=$_POST["s2"];
$teamWork=$team."\t\t".$s."<br>".$team2."\t\t".$s2;
}
else
{$s2=NULL;}
if (isset($_POST["team3"]))
{
$team3=$_POST["team3"];
$teamWork=$team."\t\t".$s."<br>".$team2."\t\t".$s2."<br>".$team3."\t\t";
}
else
{$team3=NULL;}
if (isset($_POST["s3"]))
{
$s3=$_POST["s3"];
$teamWork=$team."\t\t".$s."<br>".$team2."\t\t".$s2."<br>".$team3."\t\t".$s3;
}
else
{$s3=NULL;}
$dbc = mysqli_connect("localhost", "root", "", "gettogether");
$q = "INSERT INTO project (projectname,projecttype,personid,imgProject,status,createDate) VALUES
('$namepro','$selectpro',1,'uploads/$filename','unsubmitted',now())";
$r = #mysqli_query ($dbc, $q);
if ($r ) {
$sql="select projectid from project where personid=1 order by createDate desc";
$qur=mysql_query($sql) or die(mysql_error());
if($qur){
$row=mysql_fetch_array($qur);
$proID=$row['projectid'];
$result2 = "INSERT INTO plan (projectid,description,products,marketingplan,financialplan,strenght,risk,team,competitor) VALUES
($proID,'$desc',$product','$mark','$cost','$p','$risk','teamWork','$comp')";
$result=#mysqli_query ($dbc,$result2) or die(mysql_error());
if ($result)
{
header( "Location:project.php" );
}
else
{
echo "error";
}
}
}
else
{ echo" <script>
alert('try again');
</script>
";
}
}
?>
Note :
in my Database I have 2 table one called plan and another called project
and projectid is a foreign key in plan table
before if statement where you are check is submitted is setted put this code to see what is received
echo '<pre>';
print_r($_POST);
echo '</pre>';
I have some issues with the following PHP code:
require '../core/connection.php';
require '../includes/functions.php';
if (isset($_SESSION['user_id'])) {
if (isset($_POST['current_user_password'])) {
$current_user_password = md5($_POST['current_user_password']);
if ($current_user_password != $_SESSION['user_password']) {
header('Location:../edit_credentials.php?edit=password&error=current_password');
} else {
$new_password = $_POST['new_user_password'];
$new_password2 = $_POST['new_user_password2'];
if ($new_password == '' || ($new_password2 == '') {
header('Location:../edit_credentials.php?edit=password&error=new_password_empty');
}
if ($new_password != $new_password2) {
header('Location:../edit_credentials.php?edit=password&error=new_password_not_equal');
} else {
$new_password = md5($new_password);
edit_user_password($user_id,$new_password);
}
}
} else {
echo 'current_user_password not set';
}
} else {
echo 'Session not set';
}
Here is the function as well:
function edit_user_password($user_id,$user_password){
global $db;
$user_password_data = $db->query('
UPDATE `users`
SET `user_password` = "'.$user_password.'" WHERE `user_id` = "'.$user_id.'";');
$_SESSION['user_password'] = $user_password;
$db->query($user_password_data);
header("Location:../edit_credentials.php?saved=password");
}
Everything works besides this part:
if ($new_password == '' || ($new_password2 == '') {
header('Location:../edit_credentials.php?edit=password&error=new_password_empty');
}
When it comes to this part, where the passwords are empty, if i switch out the redirection with a die('test'), it works, but it wont work with the redirect. Any chance you guys know why this is not working?
Thanks in advance for all help.
You should add an exit; after each header('Location:...'); call.
Otherwise the script continues to run.
I would like to redirect to the next page after clicking on the submit page, but I get the following error:
Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\forms\P_details.php:80) in C:\xampp\htdocs\P_details.php on line 70
the following is the php code on P_details.php
//connect to connect to the database and initialize all functions
include 'scripts/functions/init.php';
include 'html/head.php';
include 'html/page_title.php';
include 'html/top_menu.php';
include 'titles/P_details.php';
//Generate a random Personid
$Personid = rand(1,9999999);
$_SESSION['Personid'] = $Personid;
//Carry over the Jobid to this page
$Jobid = $_SESSION['SESS_MEMBER_JOB'];
if(empty($_POST)=== false)
{
$R_fields = array('Title','Surname','Forename','IdentityNumber','Gender','Race','Nationality');
foreach($_POST as $key=>$value)
{
if (empty($value) && in_array($key,$R_fields)=== true)
{
$errors[] = 'fields marked with (*) are required';
break 1;
}
}
if(empty($errors)=== true)
{
if($_POST['title'] == '-Select-')
{
$errors[] ='Please select Title';
}
if($_POST['Gender'] == '-Select-')
{
$errors[] ='Please select Gender';
}
if($_POST['Race'] == '-Select-')
{
$errors[] ='Please select Race';
}
if($_POST['Nationality'] == '-Select-')
{
$errors[] ='Please select Nationality';
}
}
}
include 'forms/P_details.php';
if(empty($_POST) === false && empty($errors)=== true)
{
//submit personal details
$personal_details = array(
'Personid'=>$Personid,
'Title' => $_POST['title'],
'Surname'=>$_POST['Surname'],
'Forename' => $_POST['Forename'],
'IdentityNumber'=>$_POST['IdentityNumber'],
'Gender'=>$_POST['Gender'],
'Race'=>$_POST['Race'],
'Nationality'=>$_POST['Nationality'],
'WorkPermitNumber'=>$_POST['WorkPermitNumber'],
'JobID'=>$Jobid);
personal_details($personal_details);
//redirect
header('Location:Address_insert.php');
exit();
}
else if(empty($errors) === false)
{
//output errors if the errors array is not empty
echo output($errors);
}
?>
Please assist
Either call ob_start() at the top of page and ob_end_flush() at the bottom or don't echo anything on the page before your header()
header('Location:Address_insert.php');
before any output.
Possible your included files contains any output?
include 'html/head.php';
include 'html/page_title.php';
include 'html/top_menu.php';
include 'titles/P_details.php';
Or
include 'forms/P_details.php';
Any output possible to insert only after header('Location:Address_insert.php');
That error appears when you've echoed any output to the browser before heading to another page.
Check your includes and be sure that you are not doing an echo anywhere.
I moved the line include 'forms/P_details.php' below the header statement
<?php
//connect to connect to the database and initialize all functions
include 'scripts/functions/init.php';
include 'html/head.php';
include 'html/page_title.php';
include 'html/top_menu.php';
include 'titles/P_details.php';
//Generate a random Personid
$Personid = rand(1,9999999);
$_SESSION['Personid'] = $Personid;
//Carry over the Jobid to this page
$Jobid = $_SESSION['SESS_MEMBER_JOB'];
if(empty($_POST)=== false)
{
$R_fields = array('Title','Surname','Forename','IdentityNumber','Gender','Race','Nationality');
foreach($_POST as $key=>$value)
{
if (empty($value) && in_array($key,$R_fields)=== true)
{
$errors[] = 'fields marked with (*) are required';
break 1;
}
}
if(empty($errors)=== true)
{
if($_POST['title'] == '-Select-')
{
$errors[] ='Please select Title';
}
if($_POST['Gender'] == '-Select-')
{
$errors[] ='Please select Gender';
}
if($_POST['Race'] == '-Select-')
{
$errors[] ='Please select Race';
}
if($_POST['Nationality'] == '-Select-')
{
$errors[] ='Please select Nationality';
}
}
}
if(empty($_POST) === false && empty($errors)=== true)
{
//submit personal details
$personal_details = array(
'Personid'=>$Personid,
'Title' => $_POST['title'],
'Surname'=>$_POST['Surname'],
'Forename' => $_POST['Forename'],
'IdentityNumber'=>$_POST['IdentityNumber'],
'Gender'=>$_POST['Gender'],
'Race'=>$_POST['Race'],
'Nationality'=>$_POST['Nationality'],
'WorkPermitNumber'=>$_POST['WorkPermitNumber'],
'JobID'=>$Jobid);
personal_details($personal_details);
//redirect
header('Location: Address_insert.php');
exit();
}
else if(empty($errors) === false)
{
//output errors if the errors array is not empty
echo output($errors);
}
include 'forms/P_details.php';
?>