I want to use one div at a time using an echo and $_SESSION. When I put this on the web it only shows $form. Can you see if I'm doing anything wrong?
$signedIn ='<h3 id="throughHeader"> Account options</h3><br/>
<p id="throughP"> <a href="convenientaccountinfo.php> Account Info </a></p><br/>
<p id="throughP"><a href="convenientaddaddress.php> Add Address </a></p><br/>
<p id="throughP"> <a href="convenientaddcreditcard.php> Add C. Card </a></p><br/>
<p id="throughP"> <a href="convenientsignout.php> Sign Out </a></p>';
$form='<form id="signInForm" method="POST" action=""><h3 id="formHeader">Sign Into Account</h3><br/>
<p id="pRegister"><a id="register" href="convenientregisterpage.php"> Register </a></p><br/>
<label>Email Addr:</label><input type="text" name="userEmail" id="email" size="15"/><br/>
<label>Password:</label><input type="password" name="password" id="password" size="15"/><br/>
<input type="submit" value="Sign In" id="formSubmit" name="submit"/> </form>';
$username = $_SESSION['userEmail'];
if(!$username){
$signedInForm="$form";
}
else{
$signedInForm="$signedIn";
}
}
This is the form POST with validating until it sets the $_SESSION. Thanks for looking at it again.
$email=$_POST['userEmail'];
$password=$_POST['password'];
if(isset($_POST['submit'])){
if(empty($email) || empty($password)){
$msg_to_user3="Fill in both fields";
}
else{
$results=mysql_query("SELECT * FROM register WHERE userEmail='$email'");
if (mysql_num_rows($results)==0)
$msg_to_user3 ="No such User";
else
{
while ($login_row = mysql_fetch_assoc($results))
{
$password_db = $login_row['password'];
if ($password!=$password_db){
$msg_to_user3 ="Password doesn't match";
}
if ($password_db!=$password){
$msg_to_user2="<a id='forgetpassword' href='convenientforgotpassword.php'>Forget Password</a>";
}
else
{
$active = $login_row['active'];
$userEmail = $login_row['userEmail'];
if ($active==0){
$msg_to_user3= "Activate account at ($userEmail) </p>";
}
else
{
$_SESSION['userEmail']=$username;//assign session
}
}
}
}
}
}
<html>
<body>
<div id="formSignIn">
<?php echo $signedInForm ;?>
</div>
</body>
</htmo>
Ok, I got the $_SESSION working which switched in between the $form and $signedIn variables. And as far as two only showing with the p s I took the ids off and in the a href the quotes weren't closed so it didn't shut each link. Thanks for all your help!!
Related
[SOLVED]: This code is functional, i made a mistake by displaying an old version of my .php page into the browser, which didn't have the updated code below. I would like to echo an error 'error' produced from my php code which is meant to validate a sign in form, into the page of the sign in form, the error appears in the URL only , for example : signin.php?error= User name is incorrect. So i would like the same message to appear within the sign in form itself , i tried to use $_GET['error'] and echo'ed it within my form,
<form method="post" onsubmit=" return formSubmit() " action="signinphp.php">
<div class="userimage">
<img class="userlogo" src="image/userlogo.png" alt="Picture- User Profile picture">
</div><br>
<?php if (isset($_GET['error'])){?>
<p class="error"><?php echo $_GET['error'];?></p>
<?php } ?>
<div class="error" id= "errorMsg"></div> <br>
<div class="error" id= "errorMsg1"></div>
<div class="field">
<label class="stafflabel"> Staff Name </label>
<input class="area" placeholder="staffmember or admin" onclick=" return userValidation()" onchange=" return userValidation()" id="staff" name="staffname" type="text" >
</div> <br>
<div class="error" id= "errorMsg2"></div>
<div class="field">
<label class="passlabel"> Password </label>
<input class="area" placeholder="password" onclick=" return userValidation()" onchange=" return userValidation()" id="pass" name="password" type="password" >
</div><br>
<div class="checkbox">
<input type="checkbox" class="remember-me">
<label class="remember" for="remember-me">Remember me </label>
<a class="pass-link" href="#"> Forgot password?</a>
</div><br><br><br>
<div class="field">
<input class="btn" onclick="check(this.form)" type="submit" value="Sign in">
</div> <br>
<div class="account-link">
Didn't create an account yet? Create Account
</div>
</form>
PHP
<?php
if (isset($_POST['staffname'])&& isset($_POST['password'])){
function validate($data){
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$staffname = validate($_POST['staffname']);
$pass= validate($_POST['password']);
if (empty($staffname)){
header("Location:signin2.php?error=Staff name and password are required!");
exit();
} else if (empty($pass)){
header ("Location:signin2.php?error=Staff name and password are required!");
exit();
} else {
if ($staffname == "staffmember" && $pass== "letmein!123"){
echo "Logged in!";
header("Location: log-it-reportsbeta.php");
exit();
}
else if ($staffname == "admin" && $pass== "heretohelp!456"){
echo "Logged in!";
header("Location: sql_select_updated.php");
exit();
}
}
}
else{
header("Location: signin2.php");
exit();
}
but it did not work , i provided my form code below and the php code for the form validation, please take a look , thank you.
You may wanna use an extra condition to get an error message instead of passing the whole error string in your URL.
In your php script :
if (empty($staffname)){
header("Location:signin2.php?error=1");
exit();
} else if (empty($pass)){
header ("Location:signin2.php?error=2");
exit();
}
In your form :
if (isset($_GET['error'])) {
if ($_GET['error'] == 1) {
$message = "Staff name and password are required!";
}
else if ($_GET['error'] == 2) {
$message = "Another error message";
}
echo '<p class="error">'.$message.'</p>';
}
When I press the Login button it refreshes the page and doesn't do anything. I tried entering wrong Server IP just to check the error, but I guess it's not responding to the login button and directly refreshing the page.
Unable to call a PHP function in the HTML file, tried using the same code in a different code and it's working fine there but not here:
<title> Database Login </title>
<body>
</head>
<body>
<span>
<div class="heading">
<h3><img src="http://zicom.com/img/ilayashop-1482233381.jpg" alt="Zicom Logo" >
<h1><b>MAaaS Login<b></h1><br>
</span>
</div>
<div class='admin'>
<form method='post' action=''>
<p class='main'> Enter your Details </p>
<p> Enter User Name <input type="text" name="name" id="userInput"></p>
<p> Enter password <input type="password" name="pass" id="userInput"> </p>
<br>
<input id="login" type="submit" name="submit" value="Login">
</form>
</div>
<?php
if($_POST){
$UN = $_POST['name'];
$PS = $_POST['pass'];
$scon=odbc_connect("Driver={SQL Server};Server=XXXXXXX; Database=Sampledata;","XX","XXXXX");
$query="SELECT [password] FROM [Simcarddata].[dbo].[MasterUser] Where username='$UN'";
$rs=odbc_exec($scon,$query);
if (!$rs)
{
$msg="SQL statement failed with error:\n";
$msg.=odbc_error($scon).": ".odbc_errormsg($scon)."\n";
} else {
$number_of_rows = odbc_num_rows($rs);
$msg="$number_of_rows records found.\n";
}
while(odbc_fetch_row($rs))
{
$field1 = odbc_result($rs,1);
// print ("$PS and $field1");
if ($PS == $field1){
print ("TRUE");
header("Location: /test.php");
}
else {
print ("Incorrect Username or password");
}
}
odbc_close($scon);
header("Refresh:2");
}
?>
</body>
</html>
I just tidied up the HTML tags a little and used a better method of checking for POST data - but I think the issue was the badly formed HTML was confusing the form
<html>
</head>
<title> Database Login </title>
</head>
<body>
<span>
<div class="heading">
<h3><img src="http://zicom.com/img/ilayashop-1482233381.jpg" alt="Zicom Logo" ></h3>
<h1><b>MAaaS Login<b></h1>
<br>
</div>
</span>
<div class='admin'>
<form method='post'>
<p class='main'> Enter your Details </p>
<p>Enter User Name <input type="text" name="name" id="userInput"></p>
<p>Enter password <input type="password" name="pass" id="userInput"></p>
<br>
<input id="login" type="submit" name="submit" value="Login">
</form>
</div>
<?php
if( $_SERVER['REQUEST_METHOD']=='POST' && isset( $_POST['name'], $_POST['pass'] ) ){
$UN = $_POST['name'];
$PS = $_POST['pass'];
$scon=odbc_connect("Driver={SQL Server};Server=XXXXXXX;Database=Sampledata;","XX","XXXXX");
$query="SELECT [password] FROM [Simcarddata].[dbo].[MasterUser] Where username='$UN'";
$rs=odbc_exec( $scon, $query );
if (!$rs) {
$msg="SQL statement failed with error:\n";
$msg.=odbc_error($scon).": ".odbc_errormsg($scon)."\n";
} else {
$number_of_rows = odbc_num_rows($rs);
$msg="$number_of_rows records found.\n";
}
while( odbc_fetch_row( $rs ) ) {
$field1 = odbc_result($rs,1);
if ($PS == $field1){
print ("TRUE");
header("Location: /test.php");
} else {
print ("Incorrect Username or password");
}
}
odbc_close($scon);
header("Refresh:2");
}
?>
</body>
</html>
if ($_SERVER['REQUEST_METHOD'] === 'POST') use this please instead of if($_POST) or use if(isset($_POST))
I am a very beginner in php.I tried a form validation in php while validating my form.when wrong data is found the browser will show an alert box, when i click it the browser reloads the page and the details already entered in the form get refreshed and i need to enter it from the first.
How to avoid the page refresh while validating.
sorry for my poor english
Thank you in advance
This is my php form coding
formvalidate.php
<html>
<head>
<title>USER REGISTRATION</title>
</head>
<body>
<form name="registrationform" id="formid" method="get";>
name:<input type="text" id="n1" name="name"> <br><br>
username:<input type="text" id="u1" name="username"> <br><br>
password:<input type="password" id="p1" name="password"> <br><br>
confirm password:<input type="password" id="p2" name="password2"> <br><br>
Address :<textarea name="address" id= "a1"rows="4" cols="40"> </textarea><br><br>
phone :<input id="ph" type="numbers" name="phone" ><br><br>
<input type="submit" name="register" value="register" >
<input id="button" type="button" value="cancel">
<?php
$servername="localhost";
$username="root";
$password="";
$dbname="userlogin";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if(!$conn)
{
die("connection failed".mysqli_connect_error());
}
?>
<?php
if (isset($_GET['register'])) {
if(empty($_GET['name']))
{
echo'name should not empty';
}
if ( empty($_GET['username'])) {
echo 'user name should not be empty';
} else {
$name1=$_GET['name'];
$uname=$_GET['username'];
$sql = "select * from contact where username='$uname'";
$result=mysqli_query($conn,$sql);
if($result->num_rows==1)
{
echo"username already exists";
}
else
{
echo"username available";
}
return false;
}
if((empty($_GET['password']))||(empty($_GET['confirmpassword'])))
{
echo'password and confirm password should not be empty';
return false;
}
else{
$pwd=$_GET['password'];
$cpwd=$_GET['confirmpassword'];
if($pwd.length==6){
echo'password should not lesser than 6';
}
else
{
if($pwd==$cpwd){
echo'password accepted';
}
else
{
echo 'password does not matched';
return false;
}
}
}
if(empty($_GET['address']))
{
echo'address should not be empty';
return false;
}
if(empty($_GET['phone']))
{
echo'phone should not be empty';
return false;
}
}
?>
</body>
</form>
</html>
You could perform the check at the start of page, something like;
$sParam1 = "";
if (isset ($_GET['param1']) ){
$sParam1 = (string)$_GET['param1'];
}
Leave the form at the bottom of the page and echo the variables in the value param;
<form method="get">
<input type="text" name="param1" value="<?php echo htmlspecialchars($sParam1); ?>" />
</form>
Yoy can also set something like
if(isset($_GET['name'] ){echo "value=$_GET[name]";}
for each of the input attributes.
Though i believe you should use POST attribute in form rather tham GET.
Also, you have not set the 'action' attribute for the form !
I've written code to make a login page, this worked fine. However when I implemented it into my modified bootstrap-template, it wouldn't work anymore.
edit: it will just not give any result, if I understand firebug correctly the submit button does work but the rest of it doesn't, (atleast, it gives me an output in the firebug console) it doesn't seem to send a username or password, and it does sertainly not redirect me to the page set in action=" "
Here is my code:
<div id="login" class="container" style="color:#f7f7f7; background-color:#222222">
<div class="row">
<div class="col-lg-12 text-center">
<h2 class="section-heading">Login</h2>
</div>
</div>
<div class="row text-center">
<div class="col-md-4 col-md-offset-4">
<form method="POST" action="passwordunhash.php">
<p> username: <input type="text" name="username" value="username"></p>
<p> password: <input type="password" name="password" value=""></p>
<p> <input type="submit" value="Inloggen"></p>
</form>
</div>
</div>
</div>
<?php
if (empty($_POST['username']) && empty($_POST['password']) ){
echo " ";
}
else {
$query = "SELECT rank FROM users WHERE username='$username'";
if (!$resultaat = mysql_query($query) ){
$boodschap .= "query \"$query \" mislukt";
// echo "Dit is de boodschap: ".$boodschap." einde boodschap ";
echo "username not found";
}
else {
$rij = mysql_fetch_array($resultaat);
$_SESSION['rank'] = $rij["rank"];
}
$query = "SELECT password FROM users WHERE username='$username'";
if (!$resultaat = mysql_query($query) ){
$boodschap .= "query \"$query \" mislukt";
// echo "Dit is de boodschap: ".$boodschap." einde boodschap ";
echo "username not found";
}
$rij = mysql_fetch_array($resultaat);
$hash = $rij["password"];
if (password_verify($password, $hash)){
$_SESSION['loggedin'] = true;
header("Location: /index.php");
exit();
}
else {
echo 'username or password is incorrect';
session_unset();
session_destroy();
}
}
?>
this is the part I think the problem should be in.
I tried various things, including using the bootstrap form functions and leaving the action blank.
Sorry for the dutch words in it.
This is also my first question on stackoverflow, so if I missed any critical info you might need, please tell me.
I have following login form (login.php) in which I am asking for username and password.
<form action="processlogin.php" method="post">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" value="Login">
</form>
Following is the code snippet from my processlogin.php file
if(!$_POST["username"] || !$_POST["password"])
{
$msg = "You left one or more of the required fields.";
echo $msg;
//header("Location:http://localhost/login.php");
}
This code checks whether all the mandatory fields are filled on not. If not, it shows the error message.
Till now everything is fine.
My problem is that, error message is shown in plain white page. I want to show it above the login form in login.php file. How should I change my code to get
my functionality.
I would prefer Jquery Validation or Ajax based Authentication. But still you can do it this way:
Put your Error Message in Session like this :
$_SESSION['Error'] = "You left one or more of the required fields.";
Than simple show it like this:
if( isset($_SESSION['Error']) )
{
echo $_SESSION['Error'];
unset($_SESSION['Error']);
}
In this case you can assign multiple messages in different Operations.
header("Location:http://localhost/login.php?x=1")
In the login.php
if(isset($_GET('x'))){
//your html for error message
}
Hope it helps you,
In processlogin.php,
if(!$_POST["username"] || !$_POST["password"])
{
$msg = "You left one or more of the required fields.";
$msgEncoded = base64_encode($msg);
header("location:login.php?msg=".$msgEncoded);
}
in login.php file,
$msg = base64_decode($_GET['msg']);
if(isset($_GET['msg'])){
if($msg!=""){
echo $msg;
}
}
You can display the message in table or span above the form.
<span>
<?php if(isset($_REQUEST[$msg]))
echo $msg;
?>
</span>
<form>
</form>
And also don't echo $msg in the form's action page.
Try this:
html:
<form action="processlogin.php" method="post">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" value="Login">
<span>
<?php if(isset($_GET['msg']))
echo $_GET['msg'];
?>
</span>
</form>
php:
if(!$_POST["username"] || !$_POST["password"])
{
$msg = "You left one or more of the required fields.";
header("Location:http://localhost/login.php?msg=$msg");
}
Use only one page (your login.php) to display the form and also to validate its data if sent. So you don't need any $_SESSION variables and you have all in one and the same file which belongs together.
<?php
$msg = null;
if(isset($_GET['send'])) {
if(!$_POST["username"] || !$_POST["password"]){
$msg = "You left one or more of the required fields.";
//header("Location:http://localhost/login.php");
}
}
?>
<?php echo ($msg !== null)?'<p>ERROR: ' . $msg . '</p>':null; ?>
<form action="?send" method="post">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" value="Login">
</form>
use these functions:
<?php
session_start();
define(FLASH_PREFIX,'Flash_')
function set_flash($key,$val){
$_SESSION[FLASH_PREFIX.$key]=$val;
}
function is_flash($key){
return array_key_exits(FLASH_PREFIX.$key,$_SESSION);
}
function get_flash($key){
return $_SESSION[FLASH_PREFIX.$key];
}
function pop_flash($key){
$ret=$_SESSION[FLASH_PREFIX.$key];
unset($_SESSION[FLASH_PREFIX.$key]);
return $ret;
}
?>
And when you want to send a message to another page use
set_flash('err_msg','one field is empty');
header('location: another.php');
exit();
another.php
<html>
.
.
.
<body>
<?php if(is_flash('err_msg')){?>
<span class="err_msg"><?php echo pop_flash('err_msg'); ?></span>
<?php } ?>
.
.
.
</body></html>
<?php
if($_SERVER['REQUEST_METHOD'] == "POST")
{
if(!$_POST["username"] || !$_POST["password"])
{
$msg = "You left one or more of the required fields.";
echo $msg;
//header("Location:http://localhost/login.php");
}
}
?>
<form action="<?php echo $PHP_SELF;?>" method="post">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" value="Login">
</form>