I need to be able to store the password submitted in a session, as at present using the php_self method the page is just reloading as if the user has not entered the password correctly (this is happening in Firefox, it actually works fine with no session in Chrome / Safari) and so I believe a session is needed for it to work in FF, but I'm newish to PHP and not sure how I can go about this, here's the code:
Thanks in advance
<?php
session_start();
$Password = 'hello';
if (isset($_POST['submit_pwd'])){
$pass = isset($_POST['passwd']) ? $_POST['passwd'] : '';
if ($pass != $Password) {
showForm("error", "WRONG PASSWORD");
exit();
}
} else {
showForm();
exit();
}
function showForm($Inputclass="mister", $Placeholder="PLEASE ENTER PASSWORD"){
?>
With HTML:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="pwd" id="pwd">
<input class="<?php echo $Inputclass; ?>" name="passwd" type="password" size="79" style="margin-left: -100px;" placeholder="<?php echo $Placeholder; ?>"/>
<br/>
<input class="text" name="submit_pwd" value="Login" type="image" src="loginkey.png" style="position: relative; left: 240px; top: -35px;">
</form>
If you hit the button, then $_POST['submit_pwd_x'] and $_POST['submit_pwd_y'] should be set, not $_POST['submit_pwd']
If you hit "enter" then $_POST['submit_pwd'], $_POST['submit_pwd_x'] or $_POST['submit_pwd_y'] should NOT be set - but sometimes are depending on the browser.
You can't rely on either, so your check if (isset($_POST['submit_pwd'])) will be unreliable
The trick is to add a hidden field in the form, and check for sbmission of that hidden field in $_POST.
More details on the answer (based on comment):
PHP is
if (isset($_POST['formsubmitted'])){
....
}
HTML is
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="pwd" id="pwd">
<input class="<?php echo $Inputclass; ?>" name="passwd" type="password" size="79" style="margin-left: -100px;" placeholder="<?php echo $Placeholder; ?>"/>
<br/>
<input type="hidden" name="formsubmitted" value="1" />
<input class="text" name="submit_pwd" value="Login" type="image" src="loginkey.png" style="position: relative; left: 240px; top: -35px;">
</form>
Edit:
If you don't click on the button (hit enter):
IE will send none
FF,Opera will send the submit_pwd_x=0 and submit_pwd_y=0
Chrome,Safari will send the submit_pwd_x=0, submit_pwd_y=0 and submit_pwd
If you click the button:
IE will send submit_pwd_x=X and submit_pwd_y=Y
FF,Opera will send submit_pwd_x=X and submit_pwd_y=Y
Chrome,Safari will send the submit_pwd_x=X, submit_pwd_y=Y and submit_pwd
Related
please correct me here.
i have created multi page form where i want to pass data from each pages to final pages and then submit those on email. first one is apply.php, there are many input fields, but i have listed some of those, here when some enters passport number in passport field, i want this to be passed in everypage of the form and print this at couple of places on each page. here getting some issues when passing some of these fields.
this is first page ( apply.php )
<?php
// Start the session
session_start();
?>
<form name="search_form" method="post" onSubmit="return chk();" action="apply2.php">
<input name="passportno" id="passportno" type="text" maxlength="20" placeholder="Enter Passport No." size="43" >
<input name="birthdate" type="date" class="textBoxDashed" size="43" id="birthdate" datepicker="true" datepicker_min="01/01/1900" datepicker_max="21/11/2017" maxlength="10" datepicker_format="DD/MM/YYYY" isdatepicker="true" value="">
<input name="button1" type="submit" value="Continue">
this is apply2.php . here there is some issues, i am not able to find, as you can see below codes, i am able to print date of birth but not able to print passport no ( input from form1 ). Please correct where i am wrong here.
<?php
session_start();
$msg="";
////include("connect.php");
if (isset($_POST['button1']))
{
extract($_POST);
$code=strtolower($_POST['captcha_code']);
$sess=strtolower($_SESSION["code"]);
if ($sess==$code)
{
$appid=time().rand();
$result=mysqli_query($con,"select *from registration where email='$email'");
if (mysqli_fetch_row($result)>0)
{
?>
<script>
alert("This email is already exist");
</script>
<?php
}
else
{
$query="insert into registration values('$appid','$passportno','$birthdate','$email')";
if (mysqli_query($con,$query))
$msg="Data saved Successfully.Please note down the Temporary Application ID $appid";
else
echo "not inserted".mysqli_error($con);
if (!isset($_SESSION["appid"]))
{
$_SESSION["appid"]=$appid;
}
}
}
else
{
?>
<?php
}
}
?>
<form name="OnlineForm" method="post" onsubmit="return OnSubmitForm();" action="apply3.php">
<input name="applid" id="applid" value="<?php echo $_SESSION["appid"];?>">
<input type="hidden" name="birthdate" value="<?php echo $birthdate;?>"><b><?php echo $birthdate;?>
<input name="passportno" type="text" class="textBoxDashed" id="passportno" value="" size="43" maxlength="14" value="<?php echo $passportno;?>">
input name="sc" type="submit" class="btn btn-primary" id="continue" value="Save and Continue" onclick="document.pressed=this.name">
Don't use extract. Also do some checking to see if the data is set. As for not getting the the data try $_POST['passportno'] and if you want to pull the values and put them back into the input boxes simply use <?php echo isset($_POST['passportno'])?$_POST['passportno']:'' ?> to return nothing if it is not defined.
Also you need to do add some protection to your inputs.
You can add protection by using $passportno = mysqli_real_escape_string($con, $passportno);
I have a hyperlink as shown:
<div style="clear:both"> <a color="grey" accesskey=""style="float: right" href="newbattle.php? userid= <?php echo $id0; ?>"> [<font color="grey">Attack</font>]</a><br></div> <br>
Is it possible, using only only php, to carry POST data? I want to put this
<input type="hidden" name="test" value="<?php echo $number;?>
So I can $_POST['test'] on the other page and get the $number. I can switch over to normal form but I really like what I have
No, that's not possible. If you want to submit a POST request, you should go through a <form> and submit it.
You cannot post through a hyperlink, unless you use JavaScript to capture the click event and simulate a click on a submit button.
But a better approach, I think, would be to make an actual submit button. With a bit of CSS you can style that button to look as if it was a hyperlink. That way, if the CSS fails, you've still got a working button, while if a JavaScript issue would occur, you have a disfunctional link with unexpected behaviour.
input[type=submit] {
display: inline;
border: none;
background-color: transparent;
color: blue;
cursor: pointer;
}
input[type=submit]:hover {
text-decoration: underline;
}
<form action="otherpage.php" method="POST">
<input type="hidden" name="test" value="<?php echo $number;?>">
<input type="submit" value = "Look, I'm a link!">
</form>
A link redirects user to another page, it's purpose is not for get/post requests.
If you want to send a post request on a click, you can do it with a submit button inside form. For example,
<form action="another_page.php" method="POST">
<input type="hidden" name="test" value="<?php echo $number;?>
<input type="submit" />
</form>
Style the button like a hyperlink and it will send a post request as expected.
You can do that using a form.
When the user clicks the link, the form is submitted with the "test" variable and the "userid" variable.
Here's the code:
<form method="post" action="newbattle.php" id="myForm">
<div style="clear:both">
<a color="grey" accesskey="" style="float:right;" href="" onclick="javascript:document.myForm.submit(); return false;">[<font color="grey">Attack</font>]</a>
<br/>
</div>
<br/>
<input type="hidden" name="userid" value="<?php echo $id0; ?>" />
<input type="hidden" name="test" value="<?php echo $number; ?>" />
</form>
For my specific problem, here's what I ended up doing.
href="newbattle.php?userid= <?php echo $id0; ?>&num=<?php echo $number; ?>"
I added the $number on to the hyperlink and then retrieved it with $_GET on the next page
If you want to access test value by $_POST you have to use form like this :
<form action="another_page.php" method="POST">
<input type="hidden" name="test" value="<?php echo $number;?>
<input type="submit" />
</form>
get.php :
<?php
$num = $_POST['test'];
echo $num;
?>
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I'm new to PHP and I just want a very simple insecure(for testing) login form.
I wrote this code: but I do not get what I want, can you correct what I did wrong or what should I add, correct ...
<html>
<body>
<form>
Username: <input type="text" name="name" value="<?php $name ?>" ><br>
Password: <input type"password" name="pass" value="<?php $pass ?>" ><br>
<input type="submit">
</form>
<?php
if ($name == "root" && $pass == "laptop") {
header("Location: /index.html");
exit;
}
?>
Your PHP writes HTML which is then sent to the browser for rendering - once it has completed sending to the browser it exits. Hence your first mistake appears to be that you haven't understood the seperation of what happens at the server and what happens at the client.
Your next mistake is that your PHP operates on variables which happen to have the same names as form elements - but form vales are not automatically converted into PHP variables.
Your third error is that even when you've fixed the 2 previous problems your script won't work: any HTTP headers must be emitted before writing to the html body - so your redirect isn't going to work. Consider instead:
<?php
if ('root' == $_POST['name'] && 'laptop' == $pass) {
header("Location: /index.html");
exit;
}
?>
<html>
<body>
<form method='POST'>
<?php print $_POST['name'] ? "Try again...." : "login..."; ?>
<br />
Username: <input type="text" name="name"
value="<?php print $_POST['name']; ?>" ><br />
Password: <input type"password" name="pass"
value="<?php print $_POST['pass'] ?>" ><br />
<input type="submit">
</form>
</body>
</html>
The php code you inserted into the form has no function, it does nothing. I edited your form, so that it sends data to the same page. You can then do:
$name = $_POST['name'];
$pass = $_POST['pass'];
Your old code comes after that.
You can put it in the same file index.php
<?php
if (isset($_POST['submit']))
{
echo 'you submitted name='.$_POST['name'].' And password='.$_POST['pass'].'<br /><br />';
}
echo '<form method="post">
Name <input name="name" type="text" /><br />
Pass <input name="pass" type="password" /><br />
<input name"submit" type="submit" />
</form>';
?>
Make two files - one with html and the other one with php function.
in html add to form action and method
<html>
<body>
<form action="php_file_name.php" method="post">
Username: <input type="text" name="name" value="" ><br>
Password: <input type"password" name="pass" value="" ><br>
<input type="submit">
</form>
and put in php_file_name.php this php code that you wrote, knowing that you're using POST method, that is:
<?php
if ($_POST[name] == "root" && $_POST[pass] == "laptop") {
header("Location: /index.html");
exit;
}
It should work then. Of course you can choose other name of php_file_name.php but with changing it accordingly
I am using php_self to submit a form. Once the data has been posted, I want to pass a calculated value to another form field on the same page, original form.
The $title_insurance field stays blank. Any ideas on why? Thanks!
<?php
if(isset($_POST['submit']))
{
$sale_price = $_POST['sale_price']; // posted value
$title_insurance = ($sale_price * 0.00575) + 200;
?>
<script type="text/javascript">
document.getElementById("title_insurance").value='<?php echo $title_insurance ; ?>';
</script>
<?php } ?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
<input name="sale_price" type="text" id="sale_price" size="15">
<input name="title_insurance" type="text" id="title_insurance" size="15" value="<?php echo $title_insurance; ?>" />
<input name="submit" type="submit" class="bordered" id="submit" value="Calculate" />
</form>
The submit button is called button, also if you are outputting a javascript to amend the value it need to be run after the DOM has created the element title_insurance.
if(isset($_POST['button']))
{
$sale_price = $_POST['sale_price']; // posted value
$title_insurance = ($sale_price * 0.00575) + 200;
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
<input name="sale_price" type="text" id="sale_price" size="15">
<input name="title_insurance" type="text" id="title_insurance" size="15" value="<?php echo $title_insurance; ?>" />
<input name="button" type="submit" class="bordered" id="button" value="Calculate" />
</form>
<script type="text/javascript">
document.getElementById("title_insurance").value='<?php echo $title_insurance ; ?>';
</script>
A better way in this case would be to forget about the javascript as it is unnecessary and do this
// I am assuming you have initialized $title_insurance
// somewhere above here to its default value!!!!
$title_insurance = isset($_POST['button']) ? ($_POST['sale_price'] * 0.00575) + 200 : $title_insurance;
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
<input name="sale_price" type="text" id="sale_price" size="15">
<input name="title_insurance" type="text" id="title_insurance" size="15" value="<?php echo $title_insurance; ?>" />
<input name="button" type="submit" class="bordered" id="button" value="Calculate" />
</form>
You have an extra space in your getElementById parameter:
// VV
document.getElementById("title_insurance ").value='<?php echo $title_insurance ; ?>';
What you want to do is best done by AJAX. The <form> construction is outdated and not useful unless you are transferring the user to another page and sending some data along with it - or, if you are finished getting user data and just want to process what was entered and display a completion message.
If you wish to continue processing on the same page, then AJAX is the way to go. And the best way to use AJAX is to have a separate processor file (PHP) that receives the data, processes it, and sends it back.
To convert a <form> construct to AJAX, you really just need to remove the <form></form> tags and convert the submit button from type="submit" to type="button" id="mybutton", and use the IDs on the button and on the other elements to grab the data they contain and feed them to the AJAX code block. The examples in the link at bottom shows what you need to know - they are simple, helpful examples.
To conserve resources, you can use the same PHP processor page for multiple AJAX requests -- just send a variable (eg. 'request=save_to_db&first_name=bob&last_name=jones', ) and test for what "request" is received, that will determine what your PHP processor file does and echoes back.
This post, and the examples it contains, will help.
try this first
In you coding you missed this $_POST['button']
and
<?php
if(isset($_POST['button']))
{
$sale_price = $_POST['sale_price']; // posted value
$title_insurance = ($sale_price * 0.00575) + 200;
?>
<script type="text/javascript">
document.getElementById("title_insurance ").value='<?php echo $title_insurance ; ?>';
</script>
<?php } ?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
<input name="sale_price" type="text" id="sale_price" size="15">
<input name="title_insurance" type="text" id="title_insurance" size="15" value="<?php echo $title_insurance; ?>" />
<input name="button" type="submit" class="bordered" id="button" value="Calculate" />
</form>
and also refer this FIDDLE it will more helpful to you..
I'm a bit of a noob when it comes to PHP and forms but I will do my best to explain.
What I am trying to do is create a series of forms that are included in a content container. The user fills out form#1, clicks 'submit' and moves on to fill in form#2 and so on. The data from each form is sent to the next form and is stored in hidden fields and once form#3 is completed the data is all inserted into a MYSQL database.
All of this works fine so far. The problem I am having is that I can't seem to get the submit buttons to work as intended. What I had envisioned is that the user would navigate to 'blah.com/recruit.php?p=form1' and fill out form#1 and then the submit button would take them to 'blah.com/recruit.php?p=form2' and so forth.
<form id="form" action="recruit.php?p=form2" method="post">
This does not work but I don't understand why. I've looked around the internet and I've found a few forum topics that discuss similar issues but none of them actually go into much detail about the solution or why this approach won't work.
Can anyone explain to me what it is I am doing wrong please? I have a feeling it is stupidly obvious but I can't put my finger on it.
Many thanks,
Splatgore
Some working sample code to do what I think you're trying to achieve:
<?php
$p = intval($_GET['p']);
if ($p == 0)
{
$p = 1; // default to first form
}
if (strtoupper($_SERVER['REQUEST_METHOD']) == 'POST')
{
// get / set all forms values here since subsequent forms will be
// posting the previous forms' data via hidden fields
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$tel_number = $_POST['tel_number'];
if ($p == 3)
{
// all forms done, insert to MySQL here
}
if ($p == 2)
{
// form 2's validation
$p = 3; // set so that the form that follows will now show the
// third form
}
if ($p == 1)
{
// form 1's validation
$p = 2; // set so that the form that follows will now show the
// second form
}
}
?>
<form id="form" action="recruit.php?p=<?php echo $p; ?>" method="post">
<h2>Form #<?php echo $p; ?></h2>
<?php
if ($p == 1)
{
?>
<!-- form 1's fields // -->
<p><label for="first_name">First Name:</label>
<input type="text" name="first_name" id="first_name" size="40" value="<?php echo $first_name; ?>" /></p>
<p><label for="last_name">Last Name:</label>
<input type="text" name="last_name" id="last_name" size="40" value="<?php echo $last_name; ?>" /></p>
<?php
}
if ($p == 2)
{
?>
<!-- form 2's fields // -->
<p><label for="tel_number">Tel Number:</label>
<input type="text" name="tel_number" id="tel_number" size="25" value="<?php echo $tel_number; ?>" /></p>
<p><input type="hidden" name="first_name" value="<?php echo $first_name; ?>" />
<input type="hidden" name="last_name" value="<?php echo $last_name; ?>" /></p>
<?php
}
if ($p == 3)
{
?>
<!-- form 3's fields // -->
<div>
<input type="hidden" name="first_name" value="<?php echo $first_name; ?>" />
<input type="hidden" name="last_name" value="<?php echo $last_name; ?>" />
<input type="hidden" name="tel_number" value="<?php echo $tel_number; ?>" />
</div>
<?php
}
?>
<p><input type="submit" value="Submit"></p>
</form>
It looks somehow you have nested forms.
This is not possible in HTML.
If you are going with your approach, just use always the same submit button which leads to the same php script.
In the php script check which hidden fields are already set to see how far the process is.
A better approach IMO would be tough to store the data in a session var and always lead to another form page.