Jump to content


Photo

Can anyone see a issue with my code?


  • Please log in to reply
7 replies to this topic

#1 ptex

ptex
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 30 June 2006 - 04:24 PM

What I am trying to do is password protec a page that a user adds info to which goes to a table and updates that users area of a web site. The password part works good and the form used to input date works well but it all falls apart when I put the two parts together. I can log in with a user name and password but when I submit my form it will not update the database??? Can any one see why this happens and thanks in advance. ???

<?php

// Define your username and password
$username = "";
$password = "";

if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {

?>

<h1>Login</h1>

<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    <p><label for="txtUsername">Username:</label>
    <br /><input type="text" title="Enter your Username" name="txtUsername" /></p>

    <p><label for="txtpassword">Password:</label>
    <br /><input type="password" title="Enter your password" name="txtPassword" /></p>

    <p><input type="submit" name="Submit" value="Login" /></p>

</form>

<?php

}
else {

?>

 <?php
include("includes/databaseconnect.php");//include the file that connects to the database
if(!empty($title)) {//if the title is not empty, than do this function
$title = addslashes($title);
$user = addslashes($user);
$message = addslashes($message);

$date = date("F j, Y");//set up the date format
$date2 = mktime();

$sql = "INSERT INTO mynews (id, title, user, message, date) VALUES ('NULL', '$title','$user','$message','$date')";//Insert all of your information into the mynews table in your database
$query = mysql_query($sql) or die("Cannot query the database.<br>" . mysql_error());
echo "Database Updated.";
} else {//However, if the title variable is empty, than do this function
?>
<form name="news" method="post" action="<?php echo $PHP_SELF; ?>">
<p>Please fill out all of the following fields:</p>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="117"><font size="1">Topic/Title*: </font> </td>
<td width="577">
<font size="1">
<input type="text" name="title" size="50">
</font>
</td>
</tr>
<tr>
<td width="117"><font size="1">Username*:</font></td>
<td width="577">
<font size="1">
<input type="text" name="user" size="50">
</font>
</td>
</tr>
<tr>
<td width="117"><font size="1">Message*:</font></td>
<td width="577">
<font size="1">
<textarea name="message" rows=10 cols=43></textarea>
</font>
</td>
</tr>
</table>
<p>
<font size="1">
<input type="submit" name="Submit" value="Submit"></font>
</p>
</form> <?php
}//end this function
?>

<?php

}

?> 



#2 Orio

Orio
  • Staff Alumni
  • Advanced Member
  • 2,491 posts

Posted 30 June 2006 - 04:33 PM

Cant see where you get the username, password and title. You need to use the $_POST super-global array.

Orio.
Think you're smarty?

(Gone until 20 to November)

#3 ptex

ptex
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 30 June 2006 - 06:59 PM

For the password part or the submit form part? On the form part no pass word is needed but to get to the form you need a password.

#4 Orio

Orio
  • Staff Alumni
  • Advanced Member
  • 2,491 posts

Posted 30 June 2006 - 07:05 PM

I can only see that $password's value is "" (nothing). Same goes for the user, and $title is undefined!

Orio.
Think you're smarty?

(Gone until 20 to November)

#5 ptex

ptex
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 30 June 2006 - 07:20 PM

Right line 5 I took out the password for now. Thats were I put the usernames and passwords for example I could put for user name "testuser" then for password "testpassword" and when you went to the page and was prompted if the UN and PW matched it will let you get to the form part of the code which it will. My issue is after all that when I try to submit my form nothing happens.

#6 DLR

DLR
  • Members
  • PipPipPip
  • Advanced Member
  • 66 posts
  • LocationJohannesburg, South Africa

Posted 30 June 2006 - 07:36 PM

Hi there,

At the top of your page your first if statement should display the form to fill in the password - if it has not already been done. But there is no $_POST['txtUsername'] yet because the form has not been displayed - unless it comes from a previous page.

If $_POST['txtUsername'] comes from a previous page, make sure your form method="post"  If it is not there, then the form defaults to method="get" and the global $_POST['txtUsername'] will not exist.

I also seem to remember that you need session_start() at the top of the page to ensure that variables are passed from one page to another (this may only apply to SESSION variables - i'm not an expert at all).

Hope this provokes some thoughts and helps you along the way!

#7 ptex

ptex
  • New Members
  • Pip
  • Newbie
  • 9 posts

Posted 30 June 2006 - 08:18 PM

Ok let me ask this if this code
<?php

// Define your username and password
$username = "";
$password = "";

if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {

?>

<h1>Login</h1>

<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    <p><label for="txtUsername">Username:</label>
    <br /><input type="text" title="Enter your Username" name="txtUsername" /></p>

    <p><label for="txtpassword">Password:</label>
    <br /><input type="password" title="Enter your password" name="txtPassword" /></p>

    <p><input type="submit" name="Submit" value="Login" /></p>

</form>

<?php

}
else {

?>
<p>put what you want to see after your password had been checked here</p>

<?php

}

?> 

and this code
 <?php
include("includes/databaseconnect.php");//include the file that connects to the database
if(!empty($title)) {//if the title is not empty, than do this function
$title = addslashes($title);
$user = addslashes($user);
$message = addslashes($message);

$date = date("F j, Y");//set up the date format
$date2 = mktime();

$sql = "INSERT INTO mynews (id, title, user, message, date) VALUES ('NULL', '$title','$user','$message','$date')";//Insert all of your information into the mynews table in your database
$query = mysql_query($sql) or die("Cannot query the database.<br>" . mysql_error());
echo "Database Updated.";
} else {//However, if the title variable is empty, than do this function
?>
<form name="news" method="post" action="<?php echo $PHP_SELF; ?>">
<p>Please fill out all of the following fields:</p>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="117"><font size="1">Topic/Title*: </font> </td>
<td width="577">
<font size="1">
<input type="text" name="title" size="50">
</font>
</td>
</tr>
<tr>
<td width="117"><font size="1">Username*:</font></td>
<td width="577">
<font size="1">
<input type="text" name="user" size="50">
</font>
</td>
</tr>
<tr>
<td width="117"><font size="1">Message*:</font></td>
<td width="577">
<font size="1">
<textarea name="message" rows=10 cols=43></textarea>
</font>
</td>
</tr>
</table>
<p>
<font size="1">
<input type="submit" name="Submit" value="Submit"></font>
</p>
</form> <?php
}//end this function
?>

Both work how can I make them work together?

#8 gijew

gijew
  • Members
  • PipPipPip
  • Advanced Member
  • 240 posts
  • LocationCalifornia

Posted 30 June 2006 - 08:22 PM

Look up a tutorial on the switch() function.

Quick example...

<?PHP
switch ($_GET['Action']) {
  default:
    echo 'default action to display when involking the switch() deal.';
  break;
  
  case 'Whatever';
    echo 'whatever you specifically want to run inside of here.';
  break;
  
  case 'another';
    echo 'whatever else you want to run in here.';
  break;
)

// You can call this simple by doing page.php?Action=Whatever

I'm considered good looking in some countries




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users