Jump to content

[SOLVED] submit form to included file?

ag3nt42

By ag3nt42
in PHP Coding Help

 Share

Recommended Posts

ag3nt42 Regular Member

ag3nt42

Posted
Posted

hello again all,

 

I have a login form setup on my site and i'm having the damnedest time trying to get it to work..

 

the problem I have is on the submit... I can't submit directly to login.php because its included within index.php.... so how do i submit the form so that it parses the code on login.php?

 

 

here is my page structure

 

www.mysite.com

 

index.php page is served up to the user.

 

the default include is brought in and the user see's the "homepage"

 

if the user clicks on one of the other menu links

the user is directed back to the index.php where

(based on which button they clicked) the respective file is included to show that page..

 

code (index.php):

<?php
// START SESSION
session_start();

//IS THE USER LOGGED IN OR GUEST?
if(!(isset($_SESSION['Logged'])))
{
$_SESSION['Logged']='No';
}
else
{
$_SESSION['Logged']=$_SESSION['Logged'];
}

//BRING IN HEADER
require('header.php');


//BRING IN MENU
require('menu/menu.php');



//* START PAGE SWITCHES *//
if(isset($_GET['p']))
{	

//LOGIN
if($_GET['p']=='login')
{
	include('Login/login.php');
}

//Products
if($_GET['p']=='products')
{
	include('Editable/products.php');
}

//Services
if($_GET['p']=='services')
{
	include('Editable/services.php');
}

//News & Events
if($_GET['p']=='newsNevents')
{
	include('Editable/newsNevents.php');
}

//Downloads
if($_GET['p']=='downloads')
{
	if($_SESSION['Logged']=='Yes')
	{
		include('Editable/downloads.php');
	}
	else
	{
		include('Login/login.php');
	}
}

//Summit
if($_GET['p']=='summit')
{
	if($_SESSION['Logged']=='Yes')
	{
		include('Editable/summit.php');
	}
	else
	{
		include('Login/login.php');
	}
}

//Contact
if($_GET['p']=='contact')
{
	include('Editable/contact.php');
}
}
else
{
include('Editable/tempter.php');
}

require('footer.php');
?>

 

included file (login.php):

<?php

//IS THE USER LOGGED IN ALREADY?
if(!(isset($_SESSION['Logged']))){$_SESSION['Logged']='No';}else{$_SESSION['Logged']=$_SESSION['Logged'];}

//WHICH PAGE DOES THE USER WANT?
if(!(isset($_GET['p']))){$p='';}else{$p=$_GET['p'];}

//COLLECT LOGIN INFO

//USERNAME
if(!(isset($_POST['userID']))){$userID='';}else{$userID=$_POST['userID'];}

//PASSWORD
if(!(isset($_POST['userPass']))){$userPass='';}else{$userPass=$_POST['userPass'];}

//* SNATCH USER FROM DATABASE *//
$con = mssql_connect('xxx','xxx','xxx');

if (!$con)
{
die('Could not connect: ' . mssql_error());
}

mssql_select_db('xxx', $con);

//CHECK USER ID
$SQL="SELECT userID FROM compu_users WHERE userPass='".$userPass."' ";
$result=mssql_query($SQL) or die(mssql_error());

while($row = mssql_fetch_row($result))
{
$userNCheck=$row[0];
}

//CHECK USER PASS
$SQL2="SELECT userPass FROM compu_users WHERE userID='".$userID."' ";
$result2=mssql_query($SQL2)or die(mssql_error());

while($row2 = mssql_fetch_row($result2))
{
$userPCheck=$row2[0];	
}

if(isset($_POST['userID']) && isset($_POST['userPass']))
{
if($userID==$userNCheck && $userPass==$userPCheck)
{
	$_SESSION['Logged']='Yes';
}
else
{
	echo("<font color='red'>The username and password you entered are mis-matched.\nPlease try again.</font>");
}
}



if($_SESSION['Logged']=='No')
{
// DISPLAY LOGIN FORM
echo("

<div class='content'>
	<div class='Login'>
		<fieldset><legend>Login</legend>
			<form action='".basename($_SERVER['SCRIPT_NAME'])."' method='post'>
				<table>
					<tr>
						<td style='text-align:left;'>
							<label>Username:</label>
						</td>
					</tr>
					<tr>
						<td>							
							<input type='text' name='userID' />						
						</td>
					</tr>
					<tr>
						<td> </td>
					</tr>
					<tr>
						<td style='text-align:left;'>
							<label>Password:</label>							
						</td>
					</tr>
					<tr>
						<td>							
							<input type='password' name='userPass' />
						</td>
					</tr>
					<tr>
						<td> </td>
					</tr>
					<tr>
						<td style='text-align:left;'>
							<input type='submit' value='Login' name='action' />
						</td>
					</tr>
				</table>
			</form>
		</fieldset>						
	</div>
	<br /><br /><br />
</div>

");
}
elseif($_SESSION['Logged']=='Yes')
{
//WELOME LOGGED USER
echo("

<div class='content'>
	<div class='Login'>
		<table>
			<tr>
				<td>
					Welcome back <font color='blue'>".$userID."</font>!<br />
					<br /><br />
					You will now be redirected to ".$p.".
				</td>
			</tr>
		</table>
	</div>
	<br /><br /><br />
</div>

");

//REDIRECT THE USER
if($p=='downloads')
{
	//REDIRECT DOWNLOADS
	echo("<meta http-equiv='refresh' content='2;url=?p=downloads' />");
}

if($p=='summit')
{
	//REDIRECT SUMMIT
	echo("<meta http-equiv='refresh' content='2;url=?p=summit' />");
}
}
?>

 

Link to comment
https://forums.phpfreaks.com/topic/114262-solved-submit-form-to-included-file/
Share on other sites
craygo Member

craygo

Posted
Posted

just add the login variable to the form action

 

<form action='".basename($_SERVER['SCRIPT_NAME'])."?p=login' method='post'>

 

Also since login is included in the index file there is no need to check the $_SESSION['Logged'] value twice. You should actually check that and if it is not set then go to the login page.

 

can also simplify some code

$_SESSION['Logged'] = !isset($_SESSION['Logged']) ? 'No' : $_SESSION['Logged'];

$p = !isset($_GET['p']) ? "" : $_GET['p'];

$userID = !isset($_POST['userID']) ? '' : $_POST['userID'];  

//PASSWORD
$userPass = !isset($_POST['userPass']) ? '' : $_POST['userPass'];

 

 

Ray

Guest Xanza

Guest Xanza

Posted
Posted

This really doesen't solve your problem, but it could be hand if you wish to use it... The switches you have work fine and all, but frankly are very messy, and take quite a while to parse - here is what I use:

 

<?php

$get_p = $_GET['p'];
$pages = array('page1' => 'pages/page1.php','page2' => 'pages/page2.php','page3' => 'pages/page3.php','page4' => 'pages/page4.php'); 

if(isset($pages[$get_p])){
include($pages[$get_p]);
}

?>

 

the usage is exactly the same.. So if this script above was nava.php to call page 2 you would use /nava.php?p=page2!

 

And it's just that simple, and it's really nice, because to add pages, you simple add onto the array.

mbeals Member

mbeals

Posted
Posted

but you aren't submitting back to login.php.  You are submitting to index.php that has login.php included.

 

don't think about includes as loading different pages.   An include essentially copy/pastes code from the included file to the location in the parent script where the include is located.  So you need to put your checks for the login credentials somewhere on index.php that they will be parsed.

 

without dissecting your code, this is how I handle user managment:

 

I have an 'accesscontrol' page similar to your login.php  It is included at the top of every content page.  This page does the following:

 

<?php

session_start();

##################### Logout ###########################
if($_GET['logout']){

	$logout = 1;

	$_SESSION = array(); 
	session_destroy();


}

########  Check to see if previous session exists #########################
#### if it's a login event, $uid and $pwd take the passed values
#### otherwise they take the session value.  If both are empty, the variables are left empty

$uid = isset($_POST['uid']) ? $_POST['uid'] : $_SESSION['uid'];
$pwd = isset($_POST['pwd']) ? md5($_POST['pwd']) : $_SESSION['pwd'];


############## If previous session does not exist, prompt for login ################
if(!isset($uid)) {
           //display log in prompt

           exit;              //prevent rest of page from loading

}

################# If uid is set, then refresh session variables ###############################
#### Since I made it past the $uid check without the script dieing, it has to be set


$_SESSION['uid'] = $uid;
$_SESSION['pwd'] = $pwd;

$query = "Select `group` from users where `name` like '$uid' AND `pass` like '$pwd'";
$result = mysql_query($query);

######################## IF uid or password not found in the database, deny access ##################

if (mysql_num_rows($result) == 0) {
unset($_SESSION['uid']);
unset($_SESSION['pwd']);

 display "Access denied page"

 exit;
}

################ If all checks are passed, continue in to page #####################################
?>

 

Since this is loaded before everything else, it verifies users before loading anything else and catches login events.  In the login section, the form just reloads whatever page it was trying to load the first time, but passes on the $_POST login variables which are caught and used to verify and create the session.

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.