adicrst Posted March 15, 2008 Share Posted March 15, 2008 I want to create a form that will insert some news in a database, but to be restricted only to the owner that his username and pass are saved in the db, i made a small autentification. I have 2 files, autentificare.php and stiri.php -the fileautentificare.php has the purpouse to verify if the dates filled in the log in form are the same with the dates in the db -if the autentification is not made, the user is sent to the stiri.php page but a warning that sais he's not allowed is apearing. If the autentification is made corectly then he is sent to the stiri.php page again but a form for the news is showing on the page What it doesn't work is that the news are not inserted in the database.. i have 2 tables: DATE: id | user | pass| cod STIRI: id | titlu | continut | data here are the files autentificare.php <?php $con = mysql_connect("localhost","root",""); if (!$con) { die ("Conectare esuata!".mysql_error()); } mysql_select_db("pink_maindb",$con); $cod_generat = rand(0,9999); mysql_query("UPDATE date SET cod='$cod_generat' WHERE id='1' "); ?> <html> <body> <form action="stiri.php" method="post"> User: <input type="text" name="user"><br> Pass: <input type="password" name="pass"><br> Cod: <input type="text" name="cod" size="5" maxlength="4"> <?php echo "<b> $cod_generat </b><< Introduceti codul afisat !"; ?><br><br> <input type="submit" value="trimite"> </form> </body> </html> and stiri.php <?php $con = mysql_connect("localhost","root",""); if (!$con) { die ("Conectare esuata!".mysql_error()); } mysql_select_db("pink_maindb",$con); $select = mysql_query("SELECT user,pass,cod FROM date where ID=1"); while ($row=mysql_fetch_array($select)) { $usere = $row['user']; //usere este userul existent in db $passe = $row['pass']; //passe este parola existenta in db $code = $row['cod']; //code este codul existent in db } if (($usere == $_POST['user']) && ($passe == $_POST['pass']) && ($code == $_POST['cod'])) { echo "<Bine ai venit <b>".$_POST['user']."</b>"; echo "Completati urmatorul formular pentru a afisa o stire noua pe site<br><br> <form action='' method='post'> Titlu: <input type='text' name='titlu'><br> Continut: <textarea rows='15' cols='40' name='continut'></textarea><br> <input type='submit' value='trimite'> </form>"; $data = date("Y-m-d"); mysql_query("INSERT INTO stiri(titlu,continut,data) VALUES('$_POST[titlu]','$_POST[continut]','$data')"); } else echo "Datele furnizate nu sunt corecte !"; ?> <a href="autentificare.php">BACK</a> this part doesn't work because there isn't anything inserted in the db,beside the DATE if (($usere == $_POST['user']) && ($passe == $_POST['pass']) && ($code == $_POST['cod'])) { echo "<Bine ai venit <b>".$_POST['user']."</b>"; echo "Completati urmatorul formular pentru a afisa o stire noua pe site<br><br> <form action='trimis.php' method='post'> Titlu: <input type='text' name='titlu'><br> Continut: <textarea rows='15' cols='40' name='continut'></textarea><br> <input type='submit' value='trimite'> </form>"; $data = date("Y-m-d"); mysql_query("INSERT INTO stiri(titlu,continut,data) VALUES('$_POST[titlu]','$_POST[continut]','$data')"); } how can i corect it ? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.