I'm following a PHP tutorial which is teaching about $_POST and it had me create an exercise with two pages. On the first page (Form page) it creates a form where a user enters Username and Password. Once they click submit, it opens on the second page (process.php) where the Username and Password should be displayed as a result of using $_Post. However, when I click submit on the first page, it takes me to the second page where only the ":" in the Echo statement is displayed. No username, no password.
Any ideas? I've copied the form page and the process.php below.
Form page
<html>
<head>
<title>encode</title>
</head>
<body>
<form action="process.php" method="post">
Username: <input type="text" name="username" value="" />
<br/>
Password: <input type="password" name="password" value=""/>
<br/>
<input type="submit" name="submit" value="Submit"/>
</form>
</body>
</html>
Process.php
<html>
<head>
<title>encode</title>
</head>
<body>
<?php
$username = $_Post['username'];
$password = $_Post['password'];
echo "{$username}: {$password}";
?>
</body>
</html>
Try using $_POST (all caps).
Functions are case insensitive, but variables aren't.
$_Post['username'] doesn't work. Must be $_POST['username']. Same with the password field. You need to enable error reporting in your php.ini configuration file. It would have told you the problem.
Variable names in PHP are case sensitive. You wrote $_Post where it should be $_POST
As far as I can tell, PHP is case-sensitive when it comes to variable names, so change:
$username = $_Post['username'];
$password = $_Post['password'];
To:
$username = $_POST['username'];
$password = $_POST['password'];
Related
I'm trying to create a registration page. The page is successfully connected to phpMyAdmin database but it does not echo anything when i click the register button.
<html>
<head>
</head>
<body>
<?php
INCLUDE "connect.php";
INCLUDE "functions.php";
INCLUDE "titlebar.php";
?>
<div id="loginform">
<h1>Register</h1>
<form name="Register" action="register.php" method="post">
<?php
if(isset($POST["submit"])){
$username = $_POST["username"];
$password = md5 ($_POST["password"]);
if(empty($username) or empty($password)){
echo "<p>Fields Empty!</p>";
} else {
mysql_query("INSERT INTO login VALUES('',$username','$password','2','')");
echo "<p>Successfully Registered!</p>";
}
}
?>
<p>
<label for="username">Username: </label>
<input type="text" name="username" id="username"/></p><p>
<label for="password">Password: </label>
<input type="password" name="password" id="password"/></p><p>
<input type="submit" name="submit" value="Register" />
</p>
</form>
</div>
</body>
The problem is with the post method.
use $_POST instead of $POST
You have mysql error
Not: $username'
but '$username'
And next time display mysql errors with mysql_error().
At the beginning, I am not sure what isset($_POST['submit'] should return, but as already mentioned in the comments you missed a single quote.
Additionaly i would use:
$password = password_hash($_POST['password'],
md5 is deprecated and thus not safe. If you write a login script you can use password_verify(plainPW, hashPW)
You also need to specify a database and login into it. I recommend to look at the W3 Schools examples they are very in-depth and have good examples.
W3 school mysqli page
also write a die() at the end of your script and do not foregt to close the connection.
I've created a working session (with help from here I might add) and I've managed to get it to store a variable across multiple files without any problems.
When $username isn't filled, there's a prompt for the user to submit their username and upon submitting $username is assigned the value of the user's name and the form is replaced with text, no longer prompting the user to enter a username, in theory.
Here's the code I have right now:
<?php
session_start();
?>
<header>
<!DOCTYPE html>
<link rel="stylesheet" type="text/css" href="style/main.css">
<title>webshop</title>
</header>
<div id="LogIn">
<?php
if(isset($_SESSION['username'])){
echo 'Current session username: '.$_SESSION['username'];
echo '<br />Destroy current session';
} else {
?>
<form class="form1" method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>" id="form1">
<fieldset>
<ul>
<p>Please enter your username to continue to the webshop.</p>
<label for="name">User Name:</label><span><input type="text" name="username" placeholder="User Name"
class="required" role="input"
aria-required="true"/></span>
<input class="submit transparentButton" value="Next" type="submit" name="Submit"/>
</ul>
<br/>
</fieldset>
</form>
<?php
if (isset($_POST['Submit'])) {
$_SESSION['username'] = $_POST['username'];
}
}
?>
</div>
cart<br />
index
The problem I'm having is that once the user has entered their username into the form and clicks "next", the page reloads and the form is still there. If you then refresh that page, it replaces the form with the text and the session variable $username parsed as plain text with a link to logout (session_destroy()).
My question is why do I have to refresh the page for the session variable to be displayed properly? Is it something to do with the if statement?
Thanks in advance.
You simply have a logic / ordering problem.
Move this piece of code that is currently below your form:
if (isset($_POST['Submit'])) {
$_SESSION['username'] = $_POST['username'];
}
to the top of your file, just below the session_start(), and it will behave as you intend.
The way your code is written now, the session variable is not set until AFTER the form displays. You want the session variable to be set BEFORE the form displays (if in fact the $_POST username is set).
I have created a webpage (lets call the root as main.php) and decided to put a login on top of it (file index.php). The login works fine, but the problem is this. If I type the address of the page (main.php) directly in the browser, it is opened.
Is there any way to prevent opening the page unless I go through the login?
In case it is relevant, this is the login code:
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title>Login</title>
<link rel="stylesheet" href="/css/style.css">
</head>
<body>
<div class="login_container">
<div id="login-form">
<h3>Login</h3>
<fieldset>
<form action="checklogin.php" method="post">
<input name="username" type="text" required placeholder="Username">
<input name="password" type="password" required placeholder="*******">
<input type="submit" value="Login">
</form>
</fieldset>
</div>
</div>
</body>
</html>
and it directs to :
<?php
ob_start();
// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];
$username = stripslashes($username);
$password = stripslashes($password);
$username = pg_escape_string($username);
$password = pg_escape_string($password);
if($username == "username" && $password == "password"){
$_SESSION['username']="username";
$_SESSION['password']="password";
header("location:main.php");
}
else header("location:index.php");
ob_end_flush();
?>
You need to check, on every request that requires a login, that the user is logged in and is authorized.
A good way of looking at this is seeing the request URL as part of the input to your program. Just like the cookies and GET/POST parameters are input.
main.php will either return a page with data or a request for login.
Sure.
Check if the user is currently logged on when they access the page using php sessions if they aren't logged on send an error, or redirect them elsewhere.
Hi guys i have three simple php pages login.php,process.php and login_success.php.The problem is that login.php and process.php is present in my localhost:8080 but login_success.php is present at 192.168.1.36:8080 but on same lan.I am perfectly accessing my login.php but on clicking button it is not displaying login_success.php.I am using XAMPP server and it is installed in both the systems.The other thing is that i am accessing logout_success.php through url directly for e.g. http://192.168.1.36/xampp/logout_success.php. My code is very simple All my code is as follows:
Login.php:
<form action="process.php" method="POST">
username:<input type="text" name="username"/>
<br/>
password:<input type="password" name="pass"/>
<br/>
<input type="submit" value="Login!"/>
</form>
Process.php:
<?php
$username = $_POST['username'];
$password = $_POST['pass'];
if($username == 'test' AND $password == 'test')
{
header('Location : http://192.168.1.36/xampp/logout_success.php');
}
else
{
echo "You have not logged in,username or password is incorrect!";
}
?>
Login_success.php:
<html>
<body>
Logout Success<br>
Thanks for using the Captive Portal...
</body>
</html>
Can anyone tell me how to access login_success.phppage.Any help would be greatly appreciable.
Got a white space within the header call.
Change
header('Location : http://192.168.1.36/xampp/logout_success.php');
to
header('Location: http://192.168.1.36/xampp/logout_success.php');
Entire Code:
index.php
<form action="process.php" method="POST">
username:<input type="text" name="username"/>
<br/>
password:<input type="password" name="pass"/>
<br/>
<input type="submit" value="Login!"/>
</form>
process.php
<?php
$username = $_POST['username'];
$password = $_POST['pass'];
if($username == 'test' AND $password == 'test')
{
header('Location: login_success.php');
}
else
{
echo "You have not logged in,username or password is incorrect!";
}
?>
login_success.php
<html>
<head></head>
<body>
Logout Success<br>
Thanks for using the Captive Portal...
</body>
</html>
Make sure the file names are right (lowercase). I have tried it on my test server and it seems to work. (http://jagmit.co.uk/test/php_login/)
Also, i just would like to remind you that this is a bad example of how NOT to implement a login security system.
Use relative paths
header('Location : ./logout_success.php');
So I'm working on a simple PHP log in form. My first page is index.php with a form that posts to process.php
<form action="process.php" method="POST">
<li><label>Username: </label><input type="text" name="user"> </input></li>
<li><label>Password: </label><input type="password" name="pass"></input></li>
<li><label> </label><input type="submit" name="loginbutton" value="Log In" id="button"></li>
</form>
Simple HTML, nothing complicated. On the next page I have something in the beginning that looks like this:
$_SESSION['name'] = $_POST['user'];
$_SESSION['password'] = $_POST['pass'];
header('Location: thirdpage.php');
On the thirdpage.php I would like to echo $_SESSION['name'];, but it simply doesn't work; nothing appears on the page. I feel that I'm missing something really obvious.
Process.php:
start_session();
$_SESSION['name'] = $_POST['user'];
$_SESSION['password'] = $_POST['pass'];
header('Location: thirdpage.php');
thirdpage:
session_start();
echo $_SESSION['name'];
This should work, you must always perform a session_start(); when you wish to work with a session variable.
This is an example, you should perform validations on your POST array, if you are going to be using this in full prduction