Jump to content

Search the Community

Showing results for tags 'showform() user validation'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to PHP Freaks
    • Announcements
    • Introductions
  • PHP Coding
    • PHP Coding Help
    • Regex Help
    • Third Party Scripts
    • FAQ/Code Snippet Repository
  • SQL / Database
    • MySQL Help
    • PostgreSQL
    • Microsoft SQL - MSSQL
    • Other RDBMS and SQL dialects
  • Client Side
    • HTML Help
    • CSS Help
    • Javascript Help
    • Other
  • Applications and Frameworks
    • Applications
    • Frameworks
    • Other Libraries
  • Web Server Administration
    • PHP Installation and Configuration
    • Linux
    • Apache HTTP Server
    • Microsoft IIS
    • Other Web Server Software
  • Other
    • Application Design
    • Other Programming Languages
    • Editor Help (PhpStorm, VS Code, etc)
    • Website Critique
    • Beta Test Your Stuff!
  • Freelance, Contracts, Employment, etc.
    • Services Offered
    • Job Offerings
  • General Discussion
    • PHPFreaks.com Website Feedback
    • Miscellaneous

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Age


Donation Link

Found 1 result

  1. I wrote a very simple log in page that I am going to build on by adding code to prevent XSS and to encrypt the password but as of right now I cannot get the showForm() messages to display properly. In fact if nothing is entered, or if any information is entered (valid or not), it takes you to a blank screen. Here is the code I wrote. Can anyone see as to where I missed something? I've looked it over so many times I am most likely missing the obvious. Thank you. <?php session_start(); //validate text was entered in UserName text box switch(true){ case (empty($_POST['btnSubmit']) && empty($_POST['txtUserName']) && empty($_POST['txtPassword'])): showForm('Log in to WisCon'); break; case (isset($_POST['btnSubmit']) && isset($_POST['txtPassword']) && empty($_POST['txtUserName'])): showForm('Enter your user name.'); break; case (isset($_POST['btnSubmit']) && isset($_POST['txtPassword']) && empty($_POST['txtUserName'])): showForm('Enter your password.'); break; case (isset($_POST['btnSubmit']) && (isset($_POST['txtUserName'])) && isset($_POST['txtPassword'])): $UserName = $_POST['txtUserName']; $Password = $_POST['txtPassword']; //database login $dsn = 'mysql:host=XXX;dbname=XXX'; $username='XXX'; $password='XXX'; //variable for errors $options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION); //try to run code try { //object to open database $db = new PDO($dsn,$username,$password, $options); //check username against password $SQL = $db->prepare("Select USER_PASSWORD FROM user WHERE user_name = :UserName and USER_PASSWORD = :Password"); $SQL->bindValue(':UserName', $UserName); $SQL->bindValue(':Password', $Password); $SQL->execute(); $username = $SQL->fetch(); if($username === false) { $password = null; } else { $password = $username['USER_PASSWORD']; include 'index.php'; } return $password; $SQL->closeCursor(); $db = null; } catch(PDOException $e){ $error_message = $e->getMessage(); echo("<p>Database Error: $error_message</p>"); exit(); } } function showForm($formMessage = "Welcome.") {?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Log In</title> <link rel="stylesheet" href="styles/default-styles.css" type="text/css" /> <link rel="stylesheet" href="styles/FormStyle.css" type="text/css" /> <script type="text/javascript" src="js/validateLogInForm.js/validateLogInForm.js"></script> </head> <body id="logPage"> <div id="wrapper"> <?php include('includes/header.php'); ?> <?php include('includes/topNavigation.php'); ?> <div id="mainContent"> <div class="formDiv"> <form name="registerForm" id="registerForm" action="" method="post"> <?php if ($formMessage !="") echo "<h2 style=\"color:#FF0000; text-align: center\">".$formMessage."</h2>"; ?> <h1 style="color:#FF530D; text-align: center">Log into your account here!</h1> <fieldset id="security"> <legend>Security</legend> <label for="txtUserName" class="boxLabel">User Name:</label> <input type="text" id="txtUserName" name="txtUserName" autofocus="autofocus" required="required" /> <script type="text/javascript"> if(!("autofocus" in document.createElement("input"))) { setTimeout(function(){ document.getElementById("txtUserName").focus(); }, 10); } </script> <label for="txtPassword" class="boxLabel">Password:</label> <input type="password" id="txtPassword" name="txtPassword" required="required" /> </fieldset> <fieldset id="submission"> <div id="buttons"> <input type="submit" id="btnSubmit" name="btnSubmit" value="Submit" onclick="return validateLogInForm()"/> <input type="reset" id="btnReset" name="btnReset" > </div><!--end buttons--> </fieldset> </p> </form> </div><!--end div class=formDiv--> </div><!--end div id=mainContent--> <?php include('includes/footer.php'); ?> </div><!--end div id=wrapper--> </body> </html> <?php } ?> Also, here is a more crude form of the log in page. This one displays the first showForm("Please Enter A User Name") message when you first hit the page (which I'd prefer the "Welcome " message to display and does not change to the other messages if improper data is entered, but hits the database and if the username and password do not exist or match it keeps you on the log in page and if they do match it sends you to the index.php page, as it should. <?php session_start(); //validate text was entered in UserName text box if(empty($_POST['txtUserName'])) { showForm('Please Enter A User Name'); exit(); } else { $UserName = $_POST['txtUserName']; } //validate text was entered in password text box if(empty($_POST['txtPassword'])) { showForm('Please Enter A Valid Password'); exit(); } else { $Password = $_POST['txtPassword']; } if($Password != Password($UserName)) { showForm('User Name And Password Do Not Match!'); exit(); } function Password($UserName) { //database login $dsn = 'mysql:host=XXX;dbname=XXX'; $username='XXX'; $password='XXX'; //variable for errors $options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION); //try to run code try { //object to open database $db = new PDO($dsn,$username,$password, $options); //check username against password $SQL = $db->prepare("Select USER_PASSWORD FROM user WHERE user_name = :UserName and USER_PASSWORD = :Password"); $SQL->bindValue(':UserName', $UserName); $SQL->bindValue(':Password', $Password); $SQL->execute(); $username = $SQL->fetch(); if($username === false) { $password = null; } else { $password = $username['USER_PASSWORD']; include 'index.php'; } return $password; $SQL->closeCursor(); $db = null; } catch(PDOException $e){ $error_message = $e->getMessage(); echo("<p>Database Error: $error_message</p>"); exit(); } } function showForm($formMessage = "Welcome.") {?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Log In</title> <link rel="stylesheet" href="styles/default-styles.css" type="text/css" /> <link rel="stylesheet" href="styles/FormStyle.css" type="text/css" /> <script type="text/javascript" src="js/validateLogInForm.js/validateLogInForm.js"></script> </head> <body id="logPage"> <div id="wrapper"> <?php include('includes/header.php'); ?> <?php include('includes/topNavigation.php'); ?> <div id="mainContent"> <div class="formDiv"> <form name="registerForm" id="registerForm" action="" method="post"> <?php if ($formMessage !="") echo "<h2 style=\"color:#FF0000; text-align: center\">".$formMessage."</h2>"; ?> <h1 style="color:#FF530D; text-align: center">Log into your account here!</h1> <fieldset id="security"> <legend>Security</legend> <label for="txtUserName" class="boxLabel">User Name:</label> <input type="text" id="txtUserName" name="txtUserName" autofocus="autofocus" required="required" /> <script type="text/javascript"> if(!("autofocus" in document.createElement("input"))) { setTimeout(function(){ document.getElementById("txtUserName").focus(); }, 10); } </script> <label for="txtPassword" class="boxLabel">Password:</label> <input type="password" id="txtPassword" name="txtPassword" required="required" /> </fieldset> <fieldset id="submission"> <div id="buttons"> <input type="submit" id="btnSubmit" name="btnSubmit" value="Submit" onclick="return validateLogInForm()"/> <input type="reset" id="btnReset" name="btnReset" > </div><!--end buttons--> </fieldset> </p> </form> </div><!--end div class=formDiv--> </div><!--end div id=mainContent--> <?php include('includes/footer.php'); ?> </div><!--end div id=wrapper--> </body> </html> <?php } ?>
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.