Jump to content

2 submit buttons in the form of an image.

CBaZ

By CBaZ
in PHP Coding Help

 Share

Recommended Posts

CBaZ Member

CBaZ

Posted
Posted

One submit button goes to my own login system.. the other goes to a billing system.

 

I am having problems getting it to work probably because there are alot of if and else if statements. 

 

Or maybe I am just missing something.

 

The problem is the line with blesta.. I take that if isset out and just start with if permission =1

then all is great but I need both of them to operate .. with one being sent to one place and the other to another one.

 

the login file and my form has both input types ready to go  within it.. I can declare the values I just need to know what I am doing wrong in the if statement.

<input type="image" name="blesta" id="BtnSubmit" 

src="images/cart.jpg" width="25" height="20"  

submit="Blesta"></td>


<td><input name="login" type="image" 

class="vote" src="images/index19.jpg" submit="login"></td>

 

 

 

<? 
session_start(); 
$username = $_SESSION["username"];
?> 
<html><body> 
<title>Login</title> 

<table width="100%" height="100%" border="0" 

cellpadding="0" cellspacing="0">
   <tr>
<td class="poptop" height="10"><img 

src="password/images/spacer.gif" width="3" 

height="3"><img src="logo.png" border="0"></td>
   </tr>
   <tr>
<td class="hrz_line"><img 

src="password/images/spacer.gif" width="1" 

height="1"></td>
   </tr>
   <tr>
<td style="background: #ffffff; padding: 

5px" valign="middle"><h1 style="margin-top: 0; 

margin-bottom: 0">Welcome<br><br> Newest User:
<font style="FONT-FAMILY: Verdana; FONT-

SIZE: 7pt"><?php 
$connect = mysql_connect("localhost", 

"username", "pw") or die("Could not 

connect to database: " . mysql_error());
mysql_select_db("db", 

$connect) or die("Could not select database");
$query = "SELECT * FROM users ORDER BY created 

DESC LIMIT 1"; 
$result = mysql_query($query, $connect) or die

("QUERY FAILED: " . mysql_error()); 
$row = mysql_fetch_array($result,MYSQL_ASSOC);?> 
<?echo $row[username]; ?></td></h1></font>

   </tr>
   <tr>
<td class="hrz_line"><img 

src="password/images/spacer.gif" width="1" 

height="1"></td>
   </tr>
   <tr>
<td valign="top" style="padding: 1em" 

class="maincontent" height="90"> 
<META HTTP-EQUIV="expires" CONTENT="0"> 
<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> 
<link rel="stylesheet" type="text/css" 

href="style.css"> 
<?php 

$connect = mysql_connect("localhost", 

"user", "pw") or die("Could not 

connect to database: " . mysql_error());
mysql_select_db("db", 

$connect) or die("Could not select database");



     
      
$login = $_POST["username"]; 
$password = $_POST["password"]; 
$field = ""; 


if (isset($_POST["username"]) and isset($_POST

["password"])) { 

if (is_numeric('$login')) { 
$field = "user_id"; 
} else { 
$field = "username"; 
} 


$query = sprintf ("SELECT * FROM users WHERE 

$field='$login' AND password='".md5

($password)."'", 
mysql_real_escape_string($login), 
mysql_real_escape_string($password)); 

$result = mysql_query($query, $connect) or die

("QUERY FAILED: " . mysql_error()); 
if (mysql_num_rows($result) == 0) { 
if(session_is_registered("LoginFailed")) { 
if($_SESSION['LoginFailed'] > 3) { 
$user_query = mysql_query("SELECT * FROM users 

WHERE username = '$login'") or die("QUERY FAILED: 

" . mysql_error()); 
$user = mysql_query($user_query); 
$hostname = gethostbyaddr($_SERVER

['REMOTE_ADDR']); 
$password_cypt = md5($password); 
$date = date("YmdHis"); 
$IP = getenv("REMOTE_ADDR"); 
$browser = getenv("HTTP_USER_AGENT"); 
$handle = fopen("ban.txt", "a+"); 
//echo "sql: ".$query.""; 
//echo "Login Failed!"; 
$access_query = "INSERT INTO hacklog (date, 

username, hostname, ip_address, browser, refer, 

password) values ('$date', '$login', '$hostname', 

'$IP', '$browser', '$refer', '$password')" or 

die("QUERY FAILED: " . mysql_error()); 
$access = mysql_query($access_query) or die 

("QUERY FAILED: " . mysql_error()); 
$browser = getenv("HTTP_USER_AGENT");
$hostname = gethostbyaddr($_SERVER

['REMOTE_ADDR']);
$date = date("YmdHis"); 
$rest = substr(getenv('SCRIPT_NAME'), 1, -4);
mail("email", "Hack Attack Alert", 

"Someone Is Attempting To Enter V.I.P\nThe 

username is: $login\nPassword is: $password\nIP 

is: $visitorip\nHostname is: $hostname\nBrowser 

Used is: $browser\nDate: $date\nFile: $rest", 

"From: email\n");
$browser = getenv("HTTP_USER_AGENT"); 
$date = date("YmdHis"); 
$hostname = gethostbyaddr($_SERVER

['REMOTE_ADDR']); 
$IP = getenv("REMOTE_ADDR"); 
$handle = fopen("ban.txt", "a+"); 
$date = date("m-d-Y H:i:s"); 
$somecontent = $IP.", ".$date. ", ".$browser.", 

".$hostname.""; 
fwrite($handle, $somecontent . "
"); 
fclose($handle); 
echo "$IP Is Now Banned.  Follow Instructions On 

Next Screen."; 
print "<META HTTP-EQUIV=\"Refresh\" target=

\"info\" Content=\"1; URL=ban.php\">"; 
exit(); 
} else { 
$_SESSION['LoginFailed'] = $_SESSION

['LoginFailed'] + 1; 
print "<p><strong>Now " . $_SESSION

['LoginFailed'] . " out of 4 Attempts 

Used</strong></p>\n";
print "<META HTTP-EQUIV=\"Refresh\" Content=\"1; 

URL=error.php?msg=pass\">"; 
exit(); 
} 
} else { 
$_SESSION['LoginFailed'] = 1; 
print "<p><strong>You have used " . $_SESSION

['LoginFailed'] . " out of 4 trys</strong></p>

\n";
print "<META HTTP-EQUIV=\"Refresh\" Content=\"1; 

URL=error.php?msg=pass\">"; 
exit(); 
} 
print "<META HTTP-EQUIV=\"Refresh\" Content=\"1; 

URL=error.php?msg=pass\">"; 
exit(); 
} else { 
$date = date("YmdHis"); 
$session = md5($date); 
$password_cypt = md5($password); 
$row = mysql_fetch_array($result,MYSQL_ASSOC); 
$hostname = gethostbyaddr($_SERVER

['REMOTE_ADDR']); 
$IP = getenv("REMOTE_ADDR"); 
$browser = getenv("HTTP_USER_AGENT"); 
$_SESSION["logged"] = "1"; 
$_SESSION["id"] = $row["user_id"]; 
$_SESSION["username"] = $row["username"];  
$_SESSION["firstname"] = $row["firstname"]; 
$_SESSION["lastname"] = $row["lastname"]; 
$_SESSION["email"] = $row["email"]; 
$_SESSION["created"] = $row["created"]; 
$_SESSION["last_access"] = $row["last_access"]; 
$_SESSION["pw"] = $row["pw"]; 
$_SESSION["permission"] = $row["permission"]; 
$_SESSION["count"] = $row["count"]; 
$_SESSION["photo"] = $row["photo"];
$_SESSION["session_id"] = $row["session_id"];

//echo "sql: ".$query."<br>"; 
//echo "Login success: username: ".$_SESSION

["username"];
//Find Last Access
      $dd = substr($_SESSION[last_access],6,2);
      $mm = substr($_SESSION[last_access],4,2);
      $yyy = substr($_SESSION[last_access],0,4);
      $HH = substr($_SESSION[last_access],8,2);
      $MM = substr($_SESSION[last_access],10,2);
      $SS = substr($_SESSION[last_access],12,2);

      $access2 = "$mm-$dd-$yyy $HH:$MM:$SS"; 
$username = $_SESSION["username"];
$access = "$access2";
$login_message = "<p><br> Login 

Successful.<br><br> [$username] , Last Visited 

MalenTek On: [$access]<br>Loading Please 

Wait..<img src=password/images/ajax-loader.gif 

border=0></p>\n";

if (isset($_POST['blesta'])

{
    print "You are being redirected to your 

Billing Account";
    print "<META HTTP-EQUIV=\"Refresh\" Content=

\"10; URL=/cart/u-main.php">";





}
else if ($_SESSION[permission] == "1") { 
$connect = mysql_connect("localhost", 

"user", "pw") or die("Could not 

connect to database: " . mysql_error());
mysql_select_db("db", 

$connect) or die("Could not select database");

mysql_query("UPDATE users SET last_access = $date 

WHERE username = '$username'")or die("QUERY 

FAILED: " . mysql_error());
include ("file.php");
print "$login_message"; 

print "<META HTTP-EQUIV=\"Refresh\" Content=\"10; 

URL=password/admin.php\">"; 
} 

else if ($_SESSION[permission] == "0") {
$connect = mysql_connect("localhost", 

"user", "pw") or die("Could not 

connect to database: " . mysql_error());
mysql_select_db("db", 

$connect) or die("Could not select database");


mysql_query("UPDATE users SET last_access = $date 

WHERE username = '$username'")or die("QUERY 

FAILED: " . mysql_error());
include ("file.php");
print "$login_message"; 
print "<META HTTP-EQUIV=\"Refresh\" Content=\"10; 

URL=members.php/">"; 
} 
else if ($_SESSION[permission] == "2") { 
mysql_query("UPDATE users SET last_access = $date 

WHERE username = '$username'")or die("QUERY 

FAILED: " . mysql_error());

include ("ban.php");
print "$login_message"; 
print "<META HTTP-EQUIV=\"Refresh\" Content=\"10; 

URL=index.php\">"; 
} 
//} 
} 
}
?> 
</td>
   </tr>
   <tr>
<td class="hrz_line"><img 

src="images/spacer.gif" width="1" 

height="1"></td>
   </tr>
   <tr>
<td height="20" class="popbot"><a 

href="mailto:email

Errors">Report Errors</a></td>
   </tr>
</table> 

</body> 
</html>

 

 

CBaZ Member

CBaZ

Posted
  • Author
Posted

this is the problem its stopping the script from operating normally because I am not sure how to make it work with my current script.

 

 if (isset($_POST['blesta'])

{
    print "You are being redirected to your 

Billing Account";
    print "<META HTTP-EQUIV=\"Refresh\" Content=

\"10; URL=/cart/u-main.php">";

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.