Xtremer360 Posted January 1, 2009 Share Posted January 1, 2009 Okay everytime I try and submit a form or do something else it goes to a white screen with the "You did not fill in a required field." in the window. And this is the only page that has that in it. <?php include ('database.php'); //if the login form is submitted if(isset($_POST['submit'])) { // makes sure they filled it in if(!$_POST['username'] || !$_POST['password']) { die('You did not fill in a required field.'); } $username = mysql_real_escape_string($_POST['username']); $pass = mysql_real_escape_string($_POST['password']); $check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database.'); } while($info = mysql_fetch_array( $check )) { $pass = md5(stripslashes($_POST['password'])); $info['password'] = stripslashes($info['password']); //$_POST['pass'] = md5($_POST['pass']); THIS IS DONE IN THE ABOVE STATEMENT //gives error if the password is wrong if ($pass != $info['password']) { die('Incorrect password, please try again.'); } else // if login is ok then we add a cookie and send them to the correct page { $username = stripslashes($username); $_SESSION['username'] = $username; $_SESSION['loggedin'] = time(); // Finds out the user type $query = "SELECT `admin` FROM `users` WHERE `username` = '" . $username . "'"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result); $admin = $row['admin']; $_SESSION['admin'] = $admin; ######################################### ######## ADMIN SCRIPT CAN BE ADDED BELOW ######################################### if(isset($_SESSION['admin'])) { ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <meta http-equiv="Content-Style-Type" content="text/css"> <meta http-equiv="Content-Language" content="en-us"> <meta name="language" content="en-us"> <title>Backstage V1 Administration Console</title> <link rel="stylesheet" href="backstage.css" type="text/css" media="screen"> <link rel="stylesheet" href="backstage_print.css" type="text/css" media="print"> <script src="prototype.js" type="text/javascript"></script> <script src="scriptaculous.js" type="text/javascript"></script> <script type="text/javascript" src="ajax.js"></script> <script type="text/javascript"> var page = document.cookie.match(/page=[\w][\w\-\.]+;/); if(page != null) { ajaxpage("page", "content"); } else { ajaxpage("home", "content"); } </script> <link rel=stylesheet href=backstage.css type=css media=screen> <link rel=stylesheet href=backstage_print.css type=css media=print> </head> <body> <div id=container> <div class=header> <table cellpadding="0" cellspacing="0" border="0" width="95%"> <tr> <td width=110 align=center></td> <td></td> <td width=40 valign=bottom align=right> <a href="#" onclick="ajaxpage('home', 'content'); return false;">Home</a> | <a href="#" onclick="ajaxpage('logout', 'content'); return false;">Logout</a> | <a target="_blank" href="http://kansasoutlawwrestling.com/phpBB3">Forums</a></td> </tr> </table> </div> <div id=container2> <div id=nav> <?php if(isset($_SESSION['loggedin'])) { ?> <h1>Character</h1> <ul> <li><a href="#" onclick="ajaxpage('bio', 'content'); return false;">Bio</a></li> <li><a href="#" onclick="ajaxpage('allies', 'content'); return false;">Allies</a></li> <li><a href="#" onclick="ajaxpage('rivals', 'content'); return false;">Rivals</a></li> <li><a href="#" onclick="ajaxpage('quotes', 'content'); return false;">Quotes</a></li> </ul> <?php } ?> <?php if(isset($_SESSION['loggedin'])) { ?> <h1>Submit</h1> <ul> <li><a href="#" onclick="ajaxpage('roleplay', 'content'); return false;">Roleplay</a></li> <li><a href="#" onclick="ajaxpage('news', 'content'); return false;">News</a></li> <li><a href="#" onclick="ajaxpage('match', 'content'); return false;">Match</a></li> <li><a href="#" onclick="ajaxpage('seg', 'content'); return false;">Seg</a></li> </ul> <?php } ?> <?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> <h1>Handler</h1> <ul> <li><a href="#" onclick="ajaxpage('directory', 'content'); return false;">Directory</a></li> </ul> <?php } ?> <?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> <h1>Booking</h1> <ul> <li><a href="#" onclick="ajaxpage('champions', 'content'); return false;">Champions</a></li> <li><a href="#" onclick="ajaxpage('booker', 'content'); return false;">Booker</a></li> <li><a href="#" onclick="ajaxpage('compiler', 'content'); return false;">Compiler</a></li> <li><a href="#" onclick="ajaxpage('archives', 'content'); return false;">Archives</a></li> </ul> <?php } ?> <?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> <h1>Fed Admin</h1> <ul> <li><a href="#" onclick="ajaxpage('handlers', 'content'); return false;">Handlers</a></li> <li><a href="#" onclick="ajaxpage('characters', 'content'); return false;">Characters</a></li> <li><a href="#" onclick="ajaxpage('applications', 'content'); return false;">Applications</a></li> <li><a href="#" onclick="ajaxpage('eventnames', 'content'); return false;">Event Names</a></li> <li><a href="#" onclick="ajaxpage('titlenames', 'content'); return false;">Title Names</a></li> <li><a href="#" onclick="ajaxpage('matchtypes', 'content'); return false;">Match Types</a></li> <li><a href="#" onclick="ajaxpage('divisions', 'content'); return false;">Divisions</a></li> <li><a href="#" onclick="ajaxpage('countries', 'content'); return false;">Arenas</a></li> </ul> <?php } ?> <?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> <h1>Site Admin</h1> <ul> <li><a href="#" onclick="ajaxpage('templates', 'content'); return false;">Templates</a></li> <li><a href="#" onclick="ajaxpage('content', 'content'); return false;">Content</a></li> <li><a href="#" onclick="ajaxpage('biosconfig', 'content'); return false;">Bio Configuration</a></li> <li><a href="#" onclick="ajaxpage('newscat', 'content'); return false;">News Categories</a></li> <li><a href="#" onclick="ajaxpage('menus', 'content'); return false;">Menus</a></li> </ul> <?php } ?> </div> <div id=content> </div> <div id="footer">Backstage 1 © 2009 </div> </div> </div> </body> </html> <?php ######################################### ######## ADMIN SCRIPT HAS TO END ABOVE ######################################### } } } } else { // if they have not submitted the form ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <meta http-equiv="Content-Style-Type" content="text/css"> <meta http-equiv="Content-Language" content="en-us"> <meta name="language" content="en-us"> <title>Backstage V1 Administration Console</title> <link rel="stylesheet" href="backstage.css" type="text/css" media="screen"> <link rel="stylesheet" href="backstage_print.css" type="text/css" media="print"> <script src="prototype.js" type="text/javascript"></script> <script src="scriptaculous.js" type="text/javascript"></script> <script type="text/javascript" src="ajax.js"></script> <link rel=stylesheet href=backstage.css type=css media=screen> <link rel=stylesheet href=backstage_print.css type=css media=print> </head> <body> <div id=login> <form method="POST" action="/other/backstage.php"> <h1>KOW Backstage</h1> <p><label>Username:<br><input type="text" name="username" id="log" tabindex="1"></label></p> <p><label>Password:<br><input type="password" name="password" id="pwd" tabindex="2"></label></p> <p style="text-align: center;"><input type="submit" class="button" name="submit" id="submit" value="Login »" tabindex="4"></p> </form> </div> </body> </html> <?php } ?> Quote Link to comment Share on other sites More sharing options...
cwarn23 Posted January 1, 2009 Share Posted January 1, 2009 if(!$_POST['username'] || !$_POST['password']) The above (quoted) line fails to pass the test. That is one of those two arrays do not return 'true'. I would suggest replacing the quoted line with the following: if(isset($_POST['username']) && isset($_POST['password']) && $_POST['username']!=='') Quote Link to comment Share on other sites More sharing options...
Xtremer360 Posted January 1, 2009 Author Share Posted January 1, 2009 Explain why for me please if you can so I can understand why I should do this. Also it allows me fully to login to my control panel however any other forms on it prevents me from having them submitted. Quote Link to comment Share on other sites More sharing options...
Xtremer360 Posted January 2, 2009 Author Share Posted January 2, 2009 I just figured out that its because I have submit all called the same in all my submit forms in my functions and that's in backstagefunctions.php and backstage.php (main page) includes backstagefunctions.php so my login form and my other forms are all getting mixed together. The login form assumes that if there's a "submit" button the user must be trying to log in, so it checks for the username and password. The other form also has a "submit" button but of course no username or password field. So when it gets submitted the login code catches it first, doesn't see the fields, and complains. I went ahead and changed the name of the one of my functions form submit button and changed the Post submit name in the if that handles the form so that they match and now all it does is go back to my login and doesn't run the form. So I think I'm getting somewhere so far. Quote Link to comment Share on other sites More sharing options...
Xtremer360 Posted January 2, 2009 Author Share Posted January 2, 2009 I've been at this for quite a few days now and that's the only progress I've made. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.