Jump to content

[SOLVED] How can i stop the url changing when i submit a form. It adds ?table......


Recommended Posts

I have a lot of forms,

<?php
/*Random Game Design: PHP Website Template/CMS
Version 1
Copyright Dean Whitehouse, 2008*/
if(isset($_POST['continue']))
{
require_once '../includes/db_connect.php';

$user_name = $_POST["user_name"];		
$user_password = $_POST["user_password"];		
$user_password2 = $_POST["user_password2"];
$user_email = $_POST["user_email"];		
$user_email2 = $_POST["user_email2"];
$ip = $_SERVER['REMOTE_ADDR'];

if(isset($_POST['admin_signup'])){	
if ($user_name && $user_password && $user_password2 && $user_email && $user_email2)
{
	$user_check = mysql_num_rows(mysql_query("SELECT * FROM `$user` WHERE userlevel=1 "));	
if ($user_check >= 1)	
{
include_once 'create_admin.php';
	echo "Sorry, but the head admin account is already created. Please delete the table in your mysql database and run the install.php file.";
}
elseif ($user_password == $user_password2 && $user_email == $user_email2)
{
$salt = substr($user_password, 0, 2);
$userPswd = crypt($user_password, $salt);
mysql_query("INSERT INTO `$user` (user_id,  user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userPswd','$user_email','$ip','1')")
or die('Error ' . mysql_error());
include'main_write.php';
require_once 'redirect_install.php';
 }
else
{
include_once 'create_admin.php';
echo "Either the passwords or emails you entered do not match. Please check these details and try again";
}
} 

else 
{
include_once 'create_admin.php';
echo "Please fill in all of the required fields.";
}
}
mysql_close();
?>
<html>
<table bgcolor='#999999' align='center' width="400px">
<form action='<?php $_SERVER['PHP_SELF']; ?>' method='POST'>
<tr><td width="10px">Username: </td><td><input type='text' name='user_name' maxlength="20" width="400px" /><br /></td></tr>
<tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr>
<tr><td width="10px">E-mail Address:</td> <td><input type='text' name='user_email' /><br /></td></tr>
<tr><td width="10px">Confirm E-mail Address: </td><td><input type='text' name='user_email2' /><br /></td></tr>
<tr><td width="10px">Password:</td><td> <input type='password' name='user_password' maxlength="30" /><br /></td></tr>
<tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr>
<tr><td width="10px">Confirm Password:</td><td> <input type='password' name='user_password2'  maxlength="30"/><br /></td></tr>
<tr><td><input type='submit' value='Complete Registration' name='admin_signup' /></td><td><input type="reset" value="Reset Fields" name="reset" /></td></tr>
</form>
</table>
</html>
<?php
exit();
}
if(isset($_POST['tablename_saved']))
{
require_once '../includes/db_connect.php';
$sql_user = "CREATE TABLE $user(
user_id int(11) AUTO_INCREMENT NOT NULL PRIMARY KEY,
user_name varchar(100) NOT NULL,
user_password varchar(100) NOT NULL,
user_email varchar(100) NOT NULL,
user_ip varchar(20) NOT NULL,
user_ban varchar(3) NOT NULL,
ban_reason varchar(100) NOT NULL,
ban_length varchar(25) NOT NULL,
userlevel tinyint(1) unsigned NOT NULL,
random_key varchar(32) NOT NULL,
user_activated varchar(25) NOT NULL
)";


$sql_forumques = "CREATE TABLE $forum_quest(
id int(4) NOT NULL AUTO_INCREMENT PRIMARY KEY,
topic varchar(255) NOT NULL default '',
detail longtext NOT NULL,
name varchar(65) NOT NULL default '',
email varchar(65) NOT NULL default '',
datetime varchar(25) NOT NULL default '',
view int(4) NOT NULL default '0',
reply int(4) NOT NULL default '0'
)AUTO_INCREMENT=1";


$sql_forumansw = "CREATE TABLE $forum_answ(
question_id int(4) NOT NULL default '0',
a_id int(4) NOT NULL default '0',
a_name varchar(65) NOT NULL default '',
a_email varchar(65) NOT NULL default '',
a_answer longtext NOT NULL,
a_datetime varchar(25) NOT NULL default '',
KEY a_id (`a_id`)
)";

$make_user= mysql_query($sql_user);
$make_forum = mysql_query($sql_forumques);
$make_foru = mysql_query($sql_forumansw);
$checkifexist_user = mysql_query ("SELECT * FROM '$user' LIMIT 0,1");
$checkifexist_quest = mysql_query ("SELECT * FROM '$forum_quest' LIMIT 0,1");
$checkifexist_answ = mysql_query ("SELECT * FROM '$forum_answ' LIMIT 0,1");

if (!$make_user)
{
echo("'$user' Table already exists.'$user' table could not be created.<br>");
}
elseif($make_user)
{
echo("'$user' Table Created.<br>");
}
if (!make_forum)
{
echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>");
}
elseif ($make_forum)
{
echo("'$forum_quest' Table Created.<br>");
}
if (!make_foru)
{
echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>");
}
elseif($make_foru)
{
echo("'$forum_answ' Table Created.<br>");
}
?><form action="<?php $_SERVER['PHP_SELF'] ?>">
<input type="submit" value="Continue" name="continue"/>';
<?
mysql_close();
exit();
}

if(isset($_POST['table_names']))
{
require_once '../includes/db_connect.php';
$dbhost = $_POST["dbhost"];			
$user = $_POST["user"];
$forum_quest = $_POST["forum_question"];
$forum_answ = $_POST ["forum_answers"];
if ($user.$forum_quest.$forum_answ)
{
include ("config_writetable.php");
?>
<p>Table name's saved, press continue to create the table.<form action="<?php $_SERVER['PHP_SELF'] ?>">
<input type='submit' value='Continue' name='tablename_saved'>
</form>
</p>
<?php
}
else
{
echo ("Please go back and fill in the required fields");
}
exit();
}
if(isset($_POST['check']))
{
// Database Connection Information
$dbhost = $_POST["dbhost"];			// Database Host
$dbuser = $_POST["dbuser"];		// Database Username
$dbpass = $_POST["dbpass"];		// Database Password
$dbname = $_POST["dbname"];			// Database Name


// Attempt to connect to the database using the user submitted form.
$con = mysql_connect($dbhost, $dbuser, $dbpass);
if ($con)
{
include 'config_write.php';
echo "You have successfully connected with these details to '$dbname'. <br>Username - '$dbuser'<br> Password - '$dbpass'<br> Database Host - '$dbhost'<br>Please enter the table names you want, or if you want to use the preset names click continue. NOTE: Each table must be a different name. Please do not leave any blank spaces.
";
?>
<table align="center" bgcolor="#333333" width="300px" border="0">
<form method="post" action="<?php $_SERVER['PHP_SELF']; ?>">
<tr><td><font color="#FFFFFF">User Details:</td><td><input type='text' name='user' value='rgd_users'></td></tr>
<tr><td><font color="#ffffff">Forum Questions</td>
<td><input type="text" name='forum_question' value='forum_question'></td></tr>
<tr><td><font color='#ffffff'>Forum Answers</td>
<td><input type='text' name='forum_answers' value='forum_answers'><br></td></tr>
<tr><td></td><td><input type='submit' value='Continue' name='table_names'></td></tr>
</font>
</form>
</table>	
<?php exit();	
}					
else
{
	echo 'Error connecting to database:'  . mysql_error() . '\n';		// Database creation failed
?>
<p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form>
</p>
<?php
}
// Close connection to the database
mysql_close();
}
else
{
?>
<p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form>
</p>
<?php

}
if(isset($_POST['start']))
{
echo ('Please enter the details used to connect to your MySql database.');
?>
<table align='center' bgcolor='#333333' width='300px' border='0'><form method='post' action="<?php $_SERVER['PHP_SELF']; ?>">
<tr><td>
Database Host:</td><td>  
<input type='text' name='dbhost'><br></td></tr>
<tr><td>
Database Username:</td><td>  
<input type='text' name='dbuser'><br></td></tr>
<tr><td>
Database Password:  </td><td>
<input type='text' name='dbpass'><br></td></tr>
<tr><td>
Database Name:  </td><td>
<input type='text' name='dbname'><br></td></tr>
<tr><td></td><td><input type='submit' value='Continue' name='check'>
</td></tr></form>
</table>
<?php
}
else
{
?>
<p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form>
</p>
<?php
}
?>

 

to help i will this is where the form is that is causing the problem

if(isset($_POST['continue']))
{
require_once '../includes/db_connect.php';

$user_name = $_POST["user_name"];		
$user_password = $_POST["user_password"];		
$user_password2 = $_POST["user_password2"];
$user_email = $_POST["user_email"];		
$user_email2 = $_POST["user_email2"];
$ip = $_SERVER['REMOTE_ADDR'];

if(isset($_POST['admin_signup'])){	
if ($user_name && $user_password && $user_password2 && $user_email && $user_email2)
{
	$user_check = mysql_num_rows(mysql_query("SELECT * FROM `$user` WHERE userlevel=1 "));	
if ($user_check >= 1)	
{
include_once 'create_admin.php';
	echo "Sorry, but the head admin account is already created. Please delete the table in your mysql database and run the install.php file.";
}
elseif ($user_password == $user_password2 && $user_email == $user_email2)
{
$salt = substr($user_password, 0, 2);
$userPswd = crypt($user_password, $salt);
mysql_query("INSERT INTO `$user` (user_id,  user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userPswd','$user_email','$ip','1')")
or die('Error ' . mysql_error());
include'main_write.php';
require_once 'redirect_install.php';
 }
else
{
include_once 'create_admin.php';
echo "Either the passwords or emails you entered do not match. Please check these details and try again";
}
} 

else 
{
include_once 'create_admin.php';
echo "Please fill in all of the required fields.";
}
}
mysql_close();
?>
<html>
<table bgcolor='#999999' align='center' width="400px">
<form action='<?php $_SERVER['PHP_SELF']; ?>' method='POST'>
<tr><td width="10px">Username: </td><td><input type='text' name='user_name' maxlength="20" width="400px" /><br /></td></tr>
<tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr>
<tr><td width="10px">E-mail Address:</td> <td><input type='text' name='user_email' /><br /></td></tr>
<tr><td width="10px">Confirm E-mail Address: </td><td><input type='text' name='user_email2' /><br /></td></tr>
<tr><td width="10px">Password:</td><td> <input type='password' name='user_password' maxlength="30" /><br /></td></tr>
<tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr>
<tr><td width="10px">Confirm Password:</td><td> <input type='password' name='user_password2'  maxlength="30"/><br /></td></tr>
<tr><td><input type='submit' value='Complete Registration' name='admin_signup' /></td><td><input type="reset" value="Reset Fields" name="reset" /></td></tr>
</form>
</table>
</html>
<?php
exit();
}
if(isset($_POST['tablename_saved']))
{
require_once '../includes/db_connect.php';
$sql_user = "CREATE TABLE $user(
user_id int(11) AUTO_INCREMENT NOT NULL PRIMARY KEY,
user_name varchar(100) NOT NULL,
user_password varchar(100) NOT NULL,
user_email varchar(100) NOT NULL,
user_ip varchar(20) NOT NULL,
user_ban varchar(3) NOT NULL,
ban_reason varchar(100) NOT NULL,
ban_length varchar(25) NOT NULL,
userlevel tinyint(1) unsigned NOT NULL,
random_key varchar(32) NOT NULL,
user_activated varchar(25) NOT NULL
)";


$sql_forumques = "CREATE TABLE $forum_quest(
id int(4) NOT NULL AUTO_INCREMENT PRIMARY KEY,
topic varchar(255) NOT NULL default '',
detail longtext NOT NULL,
name varchar(65) NOT NULL default '',
email varchar(65) NOT NULL default '',
datetime varchar(25) NOT NULL default '',
view int(4) NOT NULL default '0',
reply int(4) NOT NULL default '0'
)AUTO_INCREMENT=1";


$sql_forumansw = "CREATE TABLE $forum_answ(
question_id int(4) NOT NULL default '0',
a_id int(4) NOT NULL default '0',
a_name varchar(65) NOT NULL default '',
a_email varchar(65) NOT NULL default '',
a_answer longtext NOT NULL,
a_datetime varchar(25) NOT NULL default '',
KEY a_id (`a_id`)
)";

$make_user= mysql_query($sql_user);
$make_forum = mysql_query($sql_forumques);
$make_foru = mysql_query($sql_forumansw);
$checkifexist_user = mysql_query ("SELECT * FROM '$user' LIMIT 0,1");
$checkifexist_quest = mysql_query ("SELECT * FROM '$forum_quest' LIMIT 0,1");
$checkifexist_answ = mysql_query ("SELECT * FROM '$forum_answ' LIMIT 0,1");

if (!$make_user)
{
echo("'$user' Table already exists.'$user' table could not be created.<br>");
}
elseif($make_user)
{
echo("'$user' Table Created.<br>");
}
if (!make_forum)
{
echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>");
}
elseif ($make_forum)
{
echo("'$forum_quest' Table Created.<br>");
}
if (!make_foru)
{
echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>");
}
elseif($make_foru)
{
echo("'$forum_answ' Table Created.<br>");
}
?><form action="<?php $_SERVER['PHP_SELF'] ?>">
<input type="submit" value="Continue" name="continue"/>';
<?
mysql_close();
exit();
}

if(isset($_POST['table_names']))
{
require_once '../includes/db_connect.php';
$dbhost = $_POST["dbhost"];			
$user = $_POST["user"];
$forum_quest = $_POST["forum_question"];
$forum_answ = $_POST ["forum_answers"];
if ($user.$forum_quest.$forum_answ)
{
include ("config_writetable.php");
?>
<p>Table name's saved, press continue to create the table.<form action="<?php $_SERVER['PHP_SELF'] ?>">
<input type='submit' value='Continue' name='tablename_saved'>
</form>
</p>
<?php
}
else
{
echo ("Please go back and fill in the required fields");
}
exit();
}

 

 

when i click continue

?>
<p>Table name's saved, press continue to create the table.<form action="<?php $_SERVER['PHP_SELF'] ?>">
<input type='submit' value='Continue' name='tablename_saved'>
</form>
</p>
<?php

 

it add this

?tablename_saved=Continue

to the URL.

And i believe this is why this code is not run

if(isset($_POST['continue']))
{
require_once '../includes/db_connect.php';

$user_name = $_POST["user_name"];		
$user_password = $_POST["user_password"];		
$user_password2 = $_POST["user_password2"];
$user_email = $_POST["user_email"];		
$user_email2 = $_POST["user_email2"];
$ip = $_SERVER['REMOTE_ADDR'];

if(isset($_POST['admin_signup'])){	
if ($user_name && $user_password && $user_password2 && $user_email && $user_email2)
{
	$user_check = mysql_num_rows(mysql_query("SELECT * FROM `$user` WHERE userlevel=1 "));	
if ($user_check >= 1)	
{
include_once 'create_admin.php';
	echo "Sorry, but the head admin account is already created. Please delete the table in your mysql database and run the install.php file.";
}
elseif ($user_password == $user_password2 && $user_email == $user_email2)
{
$salt = substr($user_password, 0, 2);
$userPswd = crypt($user_password, $salt);
mysql_query("INSERT INTO `$user` (user_id,  user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userPswd','$user_email','$ip','1')")
or die('Error ' . mysql_error());
include'main_write.php';
require_once 'redirect_install.php';
 }
else
{
include_once 'create_admin.php';
echo "Either the passwords or emails you entered do not match. Please check these details and try again";
}
} 

else 
{
include_once 'create_admin.php';
echo "Please fill in all of the required fields.";
}
}
mysql_close();
?>
<html>
<table bgcolor='#999999' align='center' width="400px">
<form action='<?php $_SERVER['PHP_SELF']; ?>' method='POST'>
<tr><td width="10px">Username: </td><td><input type='text' name='user_name' maxlength="20" width="400px" /><br /></td></tr>
<tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr>
<tr><td width="10px">E-mail Address:</td> <td><input type='text' name='user_email' /><br /></td></tr>
<tr><td width="10px">Confirm E-mail Address: </td><td><input type='text' name='user_email2' /><br /></td></tr>
<tr><td width="10px">Password:</td><td> <input type='password' name='user_password' maxlength="30" /><br /></td></tr>
<tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr>
<tr><td width="10px">Confirm Password:</td><td> <input type='password' name='user_password2'  maxlength="30"/><br /></td></tr>
<tr><td><input type='submit' value='Complete Registration' name='admin_signup' /></td><td><input type="reset" value="Reset Fields" name="reset" /></td></tr>
</form>
</table>
</html>
<?php
exit();
}
if(isset($_POST['tablename_saved']))
{
require_once '../includes/db_connect.php';
$sql_user = "CREATE TABLE $user(
user_id int(11) AUTO_INCREMENT NOT NULL PRIMARY KEY,
user_name varchar(100) NOT NULL,
user_password varchar(100) NOT NULL,
user_email varchar(100) NOT NULL,
user_ip varchar(20) NOT NULL,
user_ban varchar(3) NOT NULL,
ban_reason varchar(100) NOT NULL,
ban_length varchar(25) NOT NULL,
userlevel tinyint(1) unsigned NOT NULL,
random_key varchar(32) NOT NULL,
user_activated varchar(25) NOT NULL
)";


$sql_forumques = "CREATE TABLE $forum_quest(
id int(4) NOT NULL AUTO_INCREMENT PRIMARY KEY,
topic varchar(255) NOT NULL default '',
detail longtext NOT NULL,
name varchar(65) NOT NULL default '',
email varchar(65) NOT NULL default '',
datetime varchar(25) NOT NULL default '',
view int(4) NOT NULL default '0',
reply int(4) NOT NULL default '0'
)AUTO_INCREMENT=1";


$sql_forumansw = "CREATE TABLE $forum_answ(
question_id int(4) NOT NULL default '0',
a_id int(4) NOT NULL default '0',
a_name varchar(65) NOT NULL default '',
a_email varchar(65) NOT NULL default '',
a_answer longtext NOT NULL,
a_datetime varchar(25) NOT NULL default '',
KEY a_id (`a_id`)
)";

$make_user= mysql_query($sql_user);
$make_forum = mysql_query($sql_forumques);
$make_foru = mysql_query($sql_forumansw);
$checkifexist_user = mysql_query ("SELECT * FROM '$user' LIMIT 0,1");
$checkifexist_quest = mysql_query ("SELECT * FROM '$forum_quest' LIMIT 0,1");
$checkifexist_answ = mysql_query ("SELECT * FROM '$forum_answ' LIMIT 0,1");

if (!$make_user)
{
echo("'$user' Table already exists.'$user' table could not be created.<br>");
}
elseif($make_user)
{
echo("'$user' Table Created.<br>");
}
if (!make_forum)
{
echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>");
}
elseif ($make_forum)
{
echo("'$forum_quest' Table Created.<br>");
}
if (!make_foru)
{
echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>");
}
elseif($make_foru)
{
echo("'$forum_answ' Table Created.<br>");
}
?><form action="<?php $_SERVER['PHP_SELF'] ?>">
<input type="submit" value="Continue" name="continue"/>';
<?
mysql_close();
exit();
}

 

please correct me if i am wrong.

Because you havn't set the submit method for your form your browser is always going to send submitted form data over the url using the GET method. You should set the submit method to POST instead.

<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post">

related question

this code

if (!$make_user)
{
echo("'$user' Table already exists.'$user' table could not be created.<br>");
}
elseif($make_user)
{
echo("'$user' Table Created.<br>");
}
if (!make_forum)
{
echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>");
}
elseif ($make_forum)
{
echo("'$forum_quest' Table Created.<br>");
}
if (!make_foru)
{
echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>");
}
elseif($make_foru)
{
echo("'$forum_answ' Table Created.<br>");
}
?><form action="<?php $_SERVER['PHP_SELF'] ?>" method="post">
<input type="submit" value="Continue" name="continue_saved"/>
<?
mysql_close();
exit();
}

is ment to echo which tables are created or not, but if the first one isn't it doesn't show the rest.

Don't use elseif there, lol.  Use this...:

 

<?php
if (!$make_user)
{
echo("'$user' Table already exists.'$user' table could not be created.<br>");
}
else
{
echo("'$user' Table Created.<br>");
}
if (!make_forum)
{
echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>");
}
else
{
echo("'$forum_quest' Table Created.<br>");
}
if (!make_foru)
{
echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>");
}
else
{
echo("'$forum_answ' Table Created.<br>");
}
?><form action="<?php $_SERVER['PHP_SELF'] ?>" method="post">
<input type="submit" value="Continue" name="continue_saved"/>
<?
mysql_close();
exit();
}
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.