Jump to content

nothing displays!

jay93

By jay93
in PHP Coding Help

 Share
Go to solution Solved by jay93,

Recommended Posts

jay93 Newbie

jay93

Posted
Posted

hi, i m currently working on resetting password feature on my website, and this is what i've got for my pass.php file which receives POST from pass_form.php... anytime i run localhost/pass.php, nothing happens, it always keeps on returning the localhost/login.php (which is my login page)...  where could the problem be??  ----apologize and query are functions i'm using to display errors and to interact with teh SQL database respectively...

 

<?php


// configuration
require("../includes/config.php"); 

if ($_SERVER["REQUEST_METHOD"] == "POST")
{
if (empty($_POST["forgotpassword"]))
apologize("Please enter email address.");

if (empty($_POST["security"]))
apologize("Please enter your security key.");

$email = $_POST["forgotpassword"]; 
if(!(filter_var($email, FILTER_VALIDATE_EMAIL)))
apologize("Please enter a valid email such as example@domain.com");

//check if email and securitykey exist in users table

$check= query("SELECT id, security FROM users WHERE email = ?", $_POST["forgotpassword"]);
if ($check === false)
{
apologize("No such user in database");
}


else 
render("reset.php", ["title" => "Reset Password", "check" => $check]);     and is this right?? i'm trying to pass the id from this file into another

                                                                                                                                 page called reset.php(user inserts new password here), where i access the id this$check[id]..??

}

else 
{render("login.php", ["title" => "Login"]);
}



?>

Link to comment
Share on other sites
jay93 Newbie

jay93

Posted
  • Author
Posted
this is my render function...i just realized  reset.php is actually a controller instead of a template, could that be causing it???   i actually wanted to pass in the

id value that corresponds to email, to reset.php, so that i could use it in reset.php thus... 

 

 


$result = ("UPDATE users SET hash = ? WHERE id = ?", crypt($_POST["password"], $check["id"]);

        

        if($result===false)

        apologize("Could not register. Please retry.");

 

 

 


 

function render($template, $values = [])

    {

        // if template exists, render it

        if (file_exists("../templates/$template"))

        {

            // extract variables into local scope

            extract($values);

 

            // render header

            require("../templates/header.php");

 

            // render template

            require("../templates/$template");

 

            // render footer

            require("../templates/footer.php");

        }

 

        // else err

        else

        {

            trigger_error("Invalid template: $template", E_USER_ERROR);

        }

 

 

and by the way, i'm having a similar error with my reset.php file too, whenever i type localhost/reset.php, it just ends up on the login.php page...
Link to comment
Share on other sites
computermax2328 Regular Member

computermax2328

Posted
Posted

Well to start, both of your if(empty) statements and if(!filter_var) don't have brackets, therefore no argument. They say if this.... and then nothing happens. Doesn't matter if the statement is true or false, the argument does not exist.

 

Also in your query it says WHERE=?. Get rid of the questions mark and the post statement and just put WHERE=$email. You already set the variable. Use the mysql_real_escape_string() all of your POSTs to help prevent mysql injection. Finally, around your query it is mysql_query() not query().

 

I will keep looking...

Link to comment
Share on other sites
jay93 Newbie

jay93

Posted
  • Author
Posted

thanks for the reply... i did the   bracket stuff, but it's still giving me the same problem...r  whenever i try to open pass.php  thus  localhost/pass.php,  it doesnt open, but instead the localhost/login.php shows, which is my login page... but when i login and then try to open pass.php, then i face another problem...it displays the login_form.php template  linked to the login.php controller (in other words, the login page, even though the user is logged in)...

regarding "query" it's a function i'm using to get data from the sql table...

 

 

 

 

 

 

 

 this is what i have now for 

 

 

pass.php:

 

<?php
 
 
  // configuration
    require("../includes/config.php"); 
    
     if ($_SERVER["REQUEST_METHOD"] == "POST")
  {
     if (empty($_POST["forgotpassword"]))
     {
     apologize("Please enter email address.");
     }
     
     
     if (empty($_POST["security"]))
     {
     apologize("Please enter your security key.");
     }
     
    $email = $_POST["forgotpassword"]; 
    if(!(filter_var($email, FILTER_VALIDATE_EMAIL)))
    {
     apologize("Please enter a valid email such as example@domain.com");
    } 
     //check if email and securitykey exist in users table
     
    $check= query("SELECT id, security FROM users WHERE email = $email");
    if ($check === false)
    {
    apologize("No such user in database");
    }
   
    render("reset.php", ["title" => "Reset Password", "check" => $check]);
    
  }
  
  else  render("login_form.php", ["title" => "Login"]);
  
  
  
?>
 
and my template for pass.php, pass_form.php is
 
<form action="pass.php" method="post">
    <fieldset>
        <div class="control-group">
            <input name="forgotpassword" placeholder="Email" type="text"/>
        </div>
        <div class="control-group">
            <input name="security" placeholder="Security Keyword" type="text"/>
        </div>
        <div class="control-group">
            <button type="submit" class="btn">Reset</button>
        </div>
    </fieldset>
</form>
 
 
 
and just to give you a hint of what i'm trying to do,  i'm planning to implement a recover function thus:

1. when the user clicks on "forgot password" on localhost/login.php   without already being logged in, it should take them to a page,

pass.php   (displaying an email field and security question field)... 

 

2.and when the users enter both( confirm if they exist in the sql table), then redirect to another form   reset.php  which shows  two fields for "Enter new password"  and "Confirm password", and when user enters both, his password is updated in the database...

 

Pass.php has a template pass_form.php

and reset.php has a template reset_form.phpp

Link to comment
Share on other sites
Jessica Advanced Member

Jessica

Posted
Posted

Well to start, both of your if(empty) statements and if(!filter_var) don't have brackets, therefore no argument. They say if this.... and then nothing happens. Doesn't matter if the statement is true or false, the argument does not exist.

 

Also in your query it says WHERE=?. Get rid of the questions mark and the post statement and just put WHERE=$email. You already set the variable. Use the mysql_real_escape_string() all of your POSTs to help prevent mysql injection. Finally, around your query it is mysql_query() not query().

 

I will keep looking...

It looks like OP is using a wrapper for his queries that should handle making prepared statements. Going back to mysql_query and real_escape_string will be LESS secure, if he's using PDO or mysqli.
Link to comment
Share on other sites
jay93 Newbie

jay93

Posted
  • Author
Posted

found the solution to that problem, in my config.php file declared at the top, i was initializing SESSION...hence the problem...

however, the new issue now is my render function works for only templates, so it is rejecting render.php as an invalid template...

is there a way i can pass the values in the array $check to my reset.php (which is a controller , not template) , so i could access them in reset.php thus.. (boldened)...
and is my logic right??


<?php


// configuration
require("../includes/config.php");

// if form was submitted
if(isset($_POST["submit"]))
{

if (empty($_POST["password"]))
apologize("Please enter password.");


if ($_POST["password"] != $_POST["confirmation"])
apologize("Passwords do not match!");


$result = query("UPDATE users SET hash = ? WHERE id = ?", crypt($_POST["password"], $check[0]["id"]));

if($result===false)
apologize("Could not register. Please retry.");

else
{

$rows = query("SELECT id FROM users WHERE hash = ?", crypt($_POST["password"]));
$id = $rows[0]["id"];

// remember that user's now logged in by storing user's ID in session
$_SESSION["id"]= $rows[0]["id"];


}

// redirect to portfolio
redirect("register.php");
}


else
{
// else render form
render("register_form.php", ["title" => "Register"]);
}

?>

Link to comment
Share on other sites
jay93 Newbie

jay93

Posted
  • Author
Posted

this is what i've got for reset.php.....like i mentioned earlier, is there a way to pass into reset.php the value of $check so that i can use $check[0][id]  in it as shown above boldfaced...

 

 

 

 
 
<?php
  
    
    // configuration
    require("../includes/config.php");
 
    // if form was submitted
   if(isset($_POST["submit"]))
    {
    
         if (empty($_POST["password"]))
        apologize("Please enter password.");
        
        
        if ($_POST["password"] != $_POST["confirmation"])
        apologize("Passwords do not match!");
        
        
         $result = query("UPDATE users SET hash = ? WHERE id = ?", crypt($_POST["password"], $check[0]["id"]));
        
        if($result===false)
        apologize("Could not register. Please retry.");
        
        else
          {
          
          $rows = query("SELECT id FROM users WHERE hash = ?", crypt($_POST["password"]));
          $id = $rows[0]["id"];
          
          // remember that user's now logged in by storing user's ID in session
          $_SESSION["id"]= $rows[0]["id"];
 
         
        }
        
         // redirect to portfolio
          redirect("register.php");
       }
           
    
    else
    {
        // else render form
        render("register_form.php", ["title" => "Register"]);
    }
    
?>
 
Link to comment
Share on other sites
  • Solution
jay93 Newbie

jay93

Posted
  • Author
  • Solution
Posted

thanks for your help... i had another question, related to C, linked lists though...could you please help??
 
assuming you had a double linked list of integers, and three pointer  first___ which is a global pointer_, prev and next ...and you had to create a struct node like the following, how will you fill in the dashes??
 
 dll.png


typedef struct node

{

_______ prev; // Box I

_______ i; // Box II

_______ next; // Box III

}

node;
 
 
if you look at the function below for a double linked list, does it properly insert items into the tail of the list?? and does it segfaults when inserting into an empty list ie.when first is NULL).??  and what about mem leakage> does it leak when inserting i into an existing list??  thanks
 
 



void insert(unsigned int i)

{

node* n = malloc(sizeof(node));

if (n == NULL)

{

return;

}



n->prev = NULL;

n->i = i;

n->next = NULL;



if (first == NULL)

{

first = n;

}

else if (n->i < first->i)

{

n->next = first;

first->prev = n;

first = n;

}

else

{

node* ptr = first;

while (true)

{

if (ptr->i == n->i)

{

return;

}

else if (ptr->next->i > n->i)

{

n->next = ptr->next;

ptr->next->prev = n;

n->prev = ptr;

ptr->next = n;

return;

}

ptr = ptr->next;

}

}
 
}
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.