$_POST can't go to the second part of login (after registration segment)

[xcislav]

Notice: Undefined index: user in /var/www/localhost/htdocs/index.php on line 43

echo $_POST['user'] Doesn't do the showing of variable. Code parts aren't linked. $_SESSION works but $_POST doesn't - and it's all in the same file. I need good, free operations with $_POST

I'm novice, though very forgetful, I don't ask advice on how to separate files again, I just do it or do not. When "do not" I suffer, from misunderstanding of the $_POST mechanics. So when separate I don't understand login at all. $_SESSION['l'] I need to operate in game loc position. When all login is together i could be more free to look at code parts.

<!DOCTYPE html>

<html>

<h1>Register</h1>

<form method="POST">

  <input type="text" name="user"><br /><br />

  <input type="pass" name="pass"><br /><br />

  <input type="submit"><br />

</form>

<?php

session_start();

  if(isset($_POST['user'], $_POST['pass'])){

  require 'connect.php';

  $zr++;

  $query = d()->prepare("INSERT INTO u (user, pass, loc) VALUES (:user, :pass, :loc)");

  $query->bindParam(':user', $_POST['user']);

  $query->bindParam(':pass', $_POST['pass']);

  $query->bindParam(':loc', $zr);

  if($query->execute()){

  $_SESSION['user'] = $row['user'];

  $_SESSION['pass'] = $row['pass'];

  header("Location: ".$_SERVER['PHP_SELF']);

  } else{

  echo 'ERROR';

  }

  }

?>

<h1>Login</h1>

<form method="POST">

  <input type="text" name="user"><br /><br />

  <input type="pass" name="pass"><br /><br />

  <input type="submit"><br />

</form>

<?php

echo $_POST['user'];

  if(isset($_POST['user'], $_POST['pass'])){

  require 'connect.php';

  $query = d()->prepare("SELECT user, pass FROM u WHERE user=:user AND pass=:pass");

  $query->bindParam(':user', $_POST['user']);

  $query->bindParam(':pass', $_POST['pass']);

  $query->execute();

  if($row = $query->fetch()){

  $_SESSION['user'] = $row['user'];

  $_SESSION['pass'] = $row['pass'];

  header("Location: ".$_SERVER['PHP_SELF']);

  }

  }

$us=$_SESSION['user'];

echo 'user ',$us;

?>

<?php

if(isset($_SESSION['user'])){

$us=$_SESSION['user'];

echo '<br /> user ',$us, ' ', '<a href="logout.php">Logout</a>';

echo '<br />', '<a href="zrs.php">zero session</a>';

}

?>

</html>

 

Edited November 27, 2014 by xcislav

[NotionCommotion]

Your first part of PHP checks if it was a POST request, and if so inserts some data in your DB.  I recommend changing the following:

1. Define $zr.
2. Do some validation to confirm your POST data is correct.
3. Put exit() after your header.

You then have your second PHP section which again checks if the POST data is set.  You will never see this as the previous header is redirecting (however, the script will continue since you did not exit).  If you really want both in one query, add different names to your submit buttons and check which one is set.

 

Also, when setting $us equal to $_SESSION['user'], you should first check if it is set.

 

Thanks, you also taught me two things: 1) that I could put multiple arguments in isset(), and 2) that if the submit button doesn't have a value, it defaults to "Submit Query"