lewashby Posted October 10, 2013 Share Posted October 10, 2013 In the program below I would like to process the variables from the the php generated form by using this same file with code I haven't written yet. The problem is if I add this very script to the action attribute of the form, the page will start at the top again and keep asking the user to enter a password. I would like to continues processing the form variables just further down the page/file of this document, how can I, or can I accomplish this? Thanks. <?php session_start(); $hash = $_SESSION['hash']; $email = $_SESSION['email']; $passwd = $_POST['passwd']; $db = new SQLite3('./users.db', SQLITE3_OPEN_READWRITE); if(!$db) { echo "Could not open/access DB"; } else { $result = $db->query("SELECT oldpasswd, hash FROM users WHERE email='$email'"); $row = $result->fetchArray(); if($row['oldpasswd'] == $passwd) { echo "<form>"; echo "<table>"; echo "<tr><td>"; echo "New Password<input type='text' name='newpasswd1'</td></tr>"; echo "<tr><td>"; echo "Re-Enter Password<input type='text' name='newpasswd2'</td></tr>"; echo "</table>"; echo "</form>"; } else { echo "Invalid password<br />"; } } ?> Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted October 10, 2013 Share Posted October 10, 2013 You'll want to add more logic to your code. Only display the reset password form when the form has not been submitted Something like if(isset($_POST['newpass1')) { // update password // and display new form or page } else { // display form for resetting password } Quote Link to comment Share on other sites More sharing options...
lewashby Posted October 10, 2013 Author Share Posted October 10, 2013 You'll want to add more logic to your code. Only display the reset password form when the form has not been submitted Something like if(isset($_POST['newpass1')) { // update password // and display new form or page } else { // display form for resetting password } Thanks. So what if I want my current form to vanish while being replaced my the new form rather than just stacking the forms one on top of the other? Thanks again. Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted October 10, 2013 Share Posted October 10, 2013 It doesn't stack the forms, it'll display one or the other. Do you understand how the if/else control structure works? php.net/if php.net/else Example code <?php // check if form has been submitted if(isset($_POST['submit'])) { // display what was entered echo 'You entered: ' . $_POST['entry']; } else { // form hasn't been submitted display form echo '<form action="" method="post"> <input type="text" name="entry" placeholder="Type Something here" /> <input type="submit" name="submit" value="GO" /> </form>'; } ?> Quote Link to comment Share on other sites More sharing options...
lewashby Posted October 10, 2013 Author Share Posted October 10, 2013 It doesn't stack the forms, it'll display one or the other. Do you understand how the if/else control structure works? php.net/if php.net/else Example code <?php // check if form has been submitted if(isset($_POST['submit'])) { // display what was entered echo 'You entered: ' . $_POST['entry']; } else { // form hasn't been submitted display form echo '<form action="" method="post"> <input type="text" name="entry" placeholder="Type Something here" /> <input type="submit" name="submit" value="GO" /> </form>'; } ?> Yes, I understand how an if/else system works. I was referring to a form that may have already been printed to the browser. I've adjusted the code but I keep getting "Invalid password" no matter what I enter into the form just above it. Take note that the IF the creates this form is based upon outside variables, the invalid message should only run if the variables the feed the IF statement that creates the form are incorrect, invalid should not be displayed as a result of anything that's entered into the form you see here, or at least that what I intended. So my if(isset) functions never runs. <?php session_start(); $hash = $_SESSION['hash']; $email = $_SESSION['email']; $passwd = $_POST['passwd']; $db = new SQLite3('./users.db', SQLITE3_OPEN_READWRITE); if(!$db) { echo "Could not open/access DB"; } else { $result = $db->query("SELECT password, rstring FROM users WHERE email='$email'"); $row = $result->fetchArray(); if($row['password'] == $passwd) { echo "<form>"; echo "<table>"; echo "<tr><td>"; echo "New Password<input type='text' name='newpassword1'</td></tr>"; echo "<tr><td>"; echo "Re-Enter Password<input type='text' name='newpassword2'</td></tr>"; echo "<tr><td><input type='submit' value='submit'></td></tr>"; echo "</table>"; echo "</form>"; } else { echo "Invalid password<br />"; } if(isset($_POST['newpassword1']) && isset($_POST['newpassword2'])) { echo "This is from the form $_POST[newpassword1]<br />"; echo "This is from the form $_POST[newpassword2]<br />"; } } ?> Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted October 10, 2013 Share Posted October 10, 2013 Well this line if($row['password'] == $passwd) Is checking to see if the password in the database matches the password the user entered. Is the passwords in your database encrypted (eg md5, sha1 etc)? If you're storing the passwords in their encrypted form, then you'll have to encrypt the password the user entered when comparing the passwords, example if($row['password'] == md5($passwd)) Quote Link to comment Share on other sites More sharing options...
lewashby Posted October 12, 2013 Author Share Posted October 12, 2013 Well this line if($row['password'] == $passwd) Is checking to see if the password in the database matches the password the user entered. Is the passwords in your database encrypted (eg md5, sha1 etc)? If you're storing the passwords in their encrypted form, then you'll have to encrypt the password the user entered when comparing the passwords, example if($row['password'] == md5($passwd)) That's not the if I'm having trouble with, it's the fact that the next one is not being ran at all. The next IF "if(isset($_POST['newpassword1']) && isset($_POST['newpassword2']))", is an IF statement unto itself so I don't see why it isn't running by default after the above if/else statements gets through. After the user enters the new password twice in the form following the if/else should run by default, which in this case is my isset IF, but all I'm getting is "Invalid Password" from the preceding if/else. Oh, and how the passwords are not encrypted. Quote Link to comment Share on other sites More sharing options...
lewashby Posted October 12, 2013 Author Share Posted October 12, 2013 I think I got it with the following. I don't think the isset function is doing very much. if(isset($_POST['newpassword1']) && $_POST['newpassword1'] != '' && isset($_POST['newpassword2']) && $_POST['newpassword2'] != '') Quote Link to comment Share on other sites More sharing options...
Solution Ch0cu3r Posted October 12, 2013 Solution Share Posted October 12, 2013 (edited) Just noticed the form you're echo'ing out, the form doesn't have a submit method defined. echo "<form>"; By default forms submit method is GET. You need to set the forms submit method to post. echo "<form method='post'>"; Also the input tags for the password fields are not closed properly either. echo "New Password<input type='text' name='newpassword1'></td></tr>"; echo "<tr><td>"; echo "Re-Enter Password<input type='text' name='newpassword2'></td></tr>"; Edited October 12, 2013 by Ch0cu3r Quote Link to comment Share on other sites More sharing options...
lewashby Posted October 12, 2013 Author Share Posted October 12, 2013 Thanks, got it working. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.