[SOLVED] Not posting properly

[mr_mind]

Alright, I am creating a voting script. After using PHP for a while and doing my

community i have tried to do everything dynamically. The problem is that for some

reason when i try to post anything it just refreshes.

 

First ill show you the functions file

 

<?php
// Start of site info
function show_site($options=array('uri','show')) {
	$site_uri = 'http://www.mysite.net/';
	$site_host = '/var/www/localhost/htdocs/';
	$site_root = 'mchs/';
	$site_show = 'ec/';
	$site_inc = 'pages/';
	$return = NULL;
	if(is_array($options)) {
		foreach($options as $option) {
			switch($option) {
				case 'uri':
					$return .= $site_uri;
				break;
				case 'host':
					$return .= $site_host;
				break;
				case 'root':
					$return .= $site_root;
				break;
				case 'show':
					$return .= $site_show;
				break;
				case 'inc':
					$return .= $site_inc;
				break;
			}
		}
	}
	else {
		switch($options) {
			case 'host':
				$return .= $site_host;
			break;
			case 'root':
				$return .= $site_root;
			break;
			case 'show':
				$return .= $site_show;
			break;
			case 'inc':
				$return .= $site_inc;
			break;
		}
	}
	return $return;
}	
// End of site info
// Start of database info
$db_user = 'mchs'; 
$db_pass = 'elcentro';
$db_name = 'mchs';
$db_host = 'localhost';
// End of database info
mysql_connect($db_host,$db_user,$db_pass) or die(mysql_error());
mysql_select_db($db_name) or die(mysql_error());
function say_colorful($str) {
	$colors = range('50','150');
	$chars = str_split($str,'1');
	print '<div style="text-align: center; font-family: verdana, arial, sans-serif; font-weight: bold;">';
	for($i=0;$i<count($chars);$i++) {
		$red = array_rand($colors);
		$blue = array_rand($colors);
		$green = array_rand($colors);
		print '<span style="color: rgb(' . $red . ',' . $blue . ',' . $green . ')">' . $chars[$i] . '</span>';
	}
	print '</div>';
}
function show_page($page, $option='body') {
	if(is_numeric($page)) {
		$page_uri_query = mysql_query("SELECT * FROM mchs_page WHERE page_id='" . $page . "'");
	}
	else {
		$page_uri_query = mysql_query("SELECT * FROM mchs_page WHERE page_name='" . $page . "'");
	}
	if(mysql_num_rows($page_uri_query)>0) {
		$page_uri_array = mysql_fetch_array($page_uri_query);
		$page_uri = $page_uri_array['page_location'];
		$page_title = $page_uri_array['page_title'];
	}
	else {
		$page_uri = 'notfound.php';
		$page_title = 'Page Not Found';
	}
	if($option == 'body') {
		$page_file = show_site(array('host','root','inc')) . $page_uri;
		$page_coming = show_site(array('host','root','inc')) . 'coming.php';
		if(filesize($page_file)>0) {
			require($page_file);
		}
		else {
			require($page_coming);
		}
	}
	elseif($option == 'title') {
		print $page_title;
	}
}
function whoami() {
	$slash_strpos = strpos(getenv('SERVER_PROTOCOL'), '/');
	$slash_substr = substr(getenv('SERVER_PROTOCOL'), 0, $slash_strpos);
	$whoami = strtolower($slash_substr) . '://';
	$whoami .= getenv('SERVER_NAME');
	$whoami .= getenv('SCRIPT_NAME');
	if(!empty($_GET)) {
		$whoami .= '?' . getenv('QUERY_STRING');
	}
	return $whoami;
}
function chk_login() {
	if(is_numeric($_SESSION['student_id'])) {
		$chk_query = mysql_query("SELECT * FROM mchs_student WHERE student_id='" . $_SESSION['student_id'] . "'");
		if(mysql_num_rows($chk_query)>0) {
			$chk_array = mysql_fetch_array($chk_query);
			if(hash('sha512', $chk_array['student_pass']) != $_SESSION['student_id']) {
				$_SESSION['goback'] = whoami();
				header('location:' . show_site() . 'login');
			}
		}
		else {
			$_SESSION['goback'] = whoami();
			header('location:' . show_site() . 'login');
		}
	}
	else {
		$_SESSION['goback'] = whoami();
		header('location:' . show_site() . 'login');
	}
}
?>

 

Then ill show you the index

 

<?php
session_start();
require_once 'inc/functions.php';
ob_start();
?>
<html>
<head>
	<title>MCHS Voting - <?php show_page($_GET['p'], 'title'); ?> - By Quinn Ferguson</title>
	<link rel='stylesheet' href='<?php show_site(array('host','root')); ?>master.css' />
</head>
<body>
	<?php
		if(isset($_GET['p'])) {
			show_page($_GET['p'], 'body');
		}
	?>
</body>
</html>
<?php
ob_end_flush();
?>

 

Now the page which is posting

 

<?php
session_start();
function show_form() {
	print '<form action=' . show_site() . 'login method=post>';
	print '<table border=0>';
	print '<tr><td colspan=100% style="text-align: center; font-weight: bold;" value="' . $_POST['student_id'] . '">Login</td></tr>';
	print '<tr><td width=50%> ID #:</td><td width=50%><input type=text name=student_id style="width: 100%;" value="' . $_POST['student_id'] . '" />';
	print '<tr><td width=50%> Password:</td><td width=50%><input type=password name=student_pass style="width: 100%;" value="' . $_POST['student_pass'] . '" />';
	print '<tr><td colspan=100% style="text-align: center;"><input type=submit name=submit value="Login" /></td></tr>';
	print '</table>';
	print '</form>';
}
if(isset($_POST['submit'])) {
	if($_POST['student_id'] != '') {
		if(is_numeric($_POST['student_id'])) {
			if($_POST['student_pass'] != '') {
				$login_query = mysql_query("SELECT * FROM mchs_student WHERE student_id='" . $_POST['student_id'] . "'");
				if(mysql_num_rows($login_query)>0) {
					$login_array = mysql_fetch_array($login_query);
					if($_POST['student_pass'] == $login_array['student_pass']) {
						$_SESSION['student_id'] = $_POST['student_id'];
						$_SESSION['student_pass'] = hash('sha512', $_POST['student_pass']);
						if(isset($_SESSION['goback'])) {
							$goback = $_SESSION['goback'];
							unset($_SESSION['goback']);
							header('location:' . $_SESSION['goback']);
						}
						else {
							$noerror = 'You have successfully logged in.<br /><br />';
							$noerror .= '<a href=' . show_site() . 'home>Click here</a> to go to the homepage.<br />';
							$noerror .= '<a href=' . show_site() . 'active>Click here</a> to see all active polls.';
						}
					}
					else {
						$error = 'Incorrect Password';
					}
				}
				else {
					$error = 'Incorrect ID #';
				}
			}
			else {
				$error = 'Please submit your password';
			}
		}
		else {
			$error = 'An invalid ID # has been entered';
		}
	}
	else {
		$error = 'Please submit your ID #';
	}
}
else {
	show_form();
}
if(isset($error)) {
	print '<div class=error>' . $error . '</div>';
	show_form();
}
elseif(isset($noerror)) {
	print '<div class=noerror>' . $noerror . '</div>';
}
?>

[Fyorl]

Where's the form you're using to submit the data? I can't see a show_form function in your functions file...

[mr_mind]

if you look, its at the top of the posting file

[Fyorl]

Oh yeah sorry, obviously didn't look hard enough. Firstly you need to use double quotes around your HTML attributes. Secondly, your form action is calling show_site but not passing any parameters in so show_site will return nothing and so your form won't submit the data anywhere.

[mr_mind]

1). you do not need doublequotes, i have been doing HTML for over 8 years now

2). if you look at the show_site function in the functions file you will see that the default is set to uri and show

2). even if you dont have it post anywhere it will post to itself

[Fyorl]

OK, sorry. You need to use double quotes if you want to produce <em>valid</em> HTML. As it stands, that code will not pass any validation test. Yes, you're right, the form will post to itself. So, following the logic of your function a bit more carefully, you should have 'http://www.mysite.net/ec/login' as your form's action attribute. The first thing I would do is check that that is actually the case.

[mr_mind]

yes i have checked that it is the case, it is not a problem with the location it is posting to, the problem is that its not posting correctly. i tried ecching all of the post values but there arent any

[Fyorl]

Well when you click the submit button does the current page refresh or are you taken to the new location? Also, try using print_r($_REQUEST); and see what output you get.

[chronister]

Do a view source on the code and look at the action that is in the source. Is the function putting the uri together correctly??

 

 

[mr_mind]

to the last two posters, yes i have done that and said that i have done that. i am not getting any post data AT ALL to the page and i know that the uri is being put together correctly. The page is posting to itself if you couldnt already tell and there is no post data whatsoever

[Fyorl]

Do you have a live version I could look at?

[mr_mind]

http://www2.iqlogin.net/ec/login

[Fyorl]

Try putting a var_dump($_REQUEST) just above your if statement. Also try putting the full path to the php file in the form's action. If that doesn't work then try using $SERVER['PHP_SELF'] as the form action instead.

[mr_mind]

Because of the i have set up my code dynamically $_SERVER['PHP_SELF'] will point to the index and not the login page, and yes i have tried to use the actual php file and it doesnt work properly

 

[mr_mind]

never mind, i fixed it. i just removed the action to make it post to itself and now it works

[Fyorl]

Well I changed the method to 'get' and it submitted the get data to the right page fine. That was when it pointed directly to the PHP file. So I'd assume pointing directly to the PHP file would work with the post data too if it worked with the get data.