The Web Design Group

... Making the Web accessible to all.

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> post method in form doesn't work
DrragoGangsta
post Jan 17 2016, 12:56 PM
Post #1





Group: Members
Posts: 4
Joined: 17-January 16
Member No.: 23,913



I got this Code:
CODE
<?php
$control = 0;
session_start();
if (!isset($_SESSION["username"]) && !isset($_GET["page"])) {
    $control = 0;
}
if ($_GET["page"] == "log") {
    $user = $_GET["user"];
    $password = $_GET["password"];
    if ($user == "Example" && $password == "12345") {
        $_SESSION["username"] = $user;
        $control = 1;
    } else {
        $control = 2;
    }
}
?>
<html>
<head>
    <link href="css/style.css" rel="stylesheet" type="text/css"/>
    <link href="css/index.css" rel="stylesheet" type="text/css"/>

    <title>Login</title>
    <?php
    if ($control == 1) {
    ?>
        <meta http-equiv="refresh" content="3; URL=seite2.php">
    <?php
    }
    ?>
</head>
<body>
<?php
if ($control == 0) {
?>
    <div class="login">
        <h1>Login</h1>
        <form method="post" action="index.php?page=log">
            <input type="text" name="user" placeholder="Username" required="required"/>
            <input type="password" name="password" placeholder="Password" required="required"/>
            <button type="submit" class="btn btn-primary btn-block btn-large">Login</button>
        </form>
    </div>
<?php
}
if ($control == 1) {
?>
    <p>Login successful, you will be redirected...</p>
<?php
}
if ($control == 2) {
?>
    <p>Wrong username or password, <a href="index.php">try again</a>.</p>
<?php
}
?>
</body>
</html>

but it doesn't matter what I enter as username and password, $user and $password are always null, I don't have any idea why, can you help me?
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
CharlesEF
post Jan 17 2016, 02:13 PM
Post #2


Programming Fanatic
********

Group: Members
Posts: 1,981
Joined: 27-April 13
From: Edinburg, Texas
Member No.: 19,088



This is a bad design IMHO. You are not testing to check if the submit button was clicked so your code runs when the page is loaded. And, of course everything will be blank at that time. And what's with the '$control' variable? Seems overly complicated to me. Plus you never read the values of '$_POST["user "]' and '$_POST["password "]'. Your method is POST not GET. $_GET will read the query string while $_POST will read the posted values.
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
DrragoGangsta
post Jan 17 2016, 02:30 PM
Post #3





Group: Members
Posts: 4
Joined: 17-January 16
Member No.: 23,913



QUOTE(CharlesEF @ Jan 17 2016, 02:13 PM) *

This is a bad design IMHO. You are not testing to check if the submit button was clicked so your code runs when the page is loaded. And, of course everything will be blank at that time. And what's with the '$control' variable? Seems overly complicated to me. Plus you never read the values of '$_POST["user "]' and '$_POST["password "]'. Your method is POST not GET. $_GET will read the query string while $_POST will read the posted values.

When I load the site it's blank, yes, but when I click the submit button it should reload the script and work or am I wrong?
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
CharlesEF
post Jan 17 2016, 03:02 PM
Post #4


Programming Fanatic
********

Group: Members
Posts: 1,981
Joined: 27-April 13
From: Edinburg, Texas
Member No.: 19,088



QUOTE(DrragoGangsta @ Jan 17 2016, 01:30 PM) *

QUOTE(CharlesEF @ Jan 17 2016, 02:13 PM) *

This is a bad design IMHO. You are not testing to check if the submit button was clicked so your code runs when the page is loaded. And, of course everything will be blank at that time. And what's with the '$control' variable? Seems overly complicated to me. Plus you never read the values of '$_POST["user "]' and '$_POST["password "]'. Your method is POST not GET. $_GET will read the query string while $_POST will read the posted values.

When I load the site it's blank, yes, but when I click the submit button it should reload the script and work or am I wrong?

In theory, yes it should. But as I said it is overly complicated. It can be done much easier. Example, it looks like you use the query string 'page=log' only to test if the submit button was clicked. That's not needed at all. Tell you what, post your HTML login form only, no PHP or anything extra, just the login form. Then I can show you a much better way to do things.
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
DrragoGangsta
post Jan 17 2016, 03:05 PM
Post #5





Group: Members
Posts: 4
Joined: 17-January 16
Member No.: 23,913



QUOTE(CharlesEF @ Jan 17 2016, 03:02 PM) *

QUOTE(DrragoGangsta @ Jan 17 2016, 01:30 PM) *

QUOTE(CharlesEF @ Jan 17 2016, 02:13 PM) *

This is a bad design IMHO. You are not testing to check if the submit button was clicked so your code runs when the page is loaded. And, of course everything will be blank at that time. And what's with the '$control' variable? Seems overly complicated to me. Plus you never read the values of '$_POST["user "]' and '$_POST["password "]'. Your method is POST not GET. $_GET will read the query string while $_POST will read the posted values.

When I load the site it's blank, yes, but when I click the submit button it should reload the script and work or am I wrong?

In theory, yes it should. But as I said it is overly complicated. It can be done much easier. Example, it looks like you use the query string 'page=log' only to test if the submit button was clicked. That's not needed at all. Tell you what, post your HTML login form only, no PHP or anything extra, just the login form. Then I can show you a much better way to do things.

You mean this?:
CODE
<form method="post" action="index.php?page=log">
            <input type="text" name="user" placeholder="Username" required="required" autocomplete="off"/>
            <input type="password" name="password" placeholder="Password" required="required"/>
            <button type="submit" class="login_btn">Login</button>
        </form>

Actually I just wanted to get a Loginform with a Button, two input-boxes and an Error- and Success-Message.

This post has been edited by DrragoGangsta: Jan 17 2016, 03:17 PM
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
CharlesEF
post Jan 17 2016, 03:59 PM
Post #6


Programming Fanatic
********

Group: Members
Posts: 1,981
Joined: 27-April 13
From: Edinburg, Texas
Member No.: 19,088



I think this does what you want. If this is for a web site then more work needs to be done. User name and password would most likely come from a database of users. If login was successful then you would redirect to another page. $_POST values would need to be validated to guard against SQL injection attacks, etc...
CODE
<?php
if(isset($_POST['submit']))
{
$user = $_POST["user"];
$password = $_POST["password"];
if ($user == "Example" && $password == "12345")
{
  $status = '<h4 class="success">You have successfully logged in.</h4>';
}
else
{
  $status = '<h4 class="error">User and Password don\'t match.</h4>';
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<title>Login Sample</title>
<style>
.error
{
  color: #FF0000;
}
.success
{
  color: #008000;
}
</style>
</head>
<body>
<?php if(isset($status)) echo($status);?>
<form method="post" action="<?php echo(htmlspecialchars($_SERVER['REQUEST_URI']));?>" accept-charset="UTF-8">
  <input type="text" name="user" placeholder="Username" required="required" autocomplete="off">
  <input type="password" name="password" placeholder="Password" required="required">
  <button type="submit" class="login_btn" name="submit">Login</button>
</form>
</body>
</html>

Study the code and ask any questions for things you don't understand.
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
DrragoGangsta
post Jan 17 2016, 04:07 PM
Post #7





Group: Members
Posts: 4
Joined: 17-January 16
Member No.: 23,913



thank you verry much, I study the code tomorrow (I live in Germany, it's time to sleep here wink.gif) If I got questions, I'm gonna ask
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
CharlesEF
post Jan 17 2016, 05:24 PM
Post #8


Programming Fanatic
********

Group: Members
Posts: 1,981
Joined: 27-April 13
From: Edinburg, Texas
Member No.: 19,088



QUOTE(DrragoGangsta @ Jan 17 2016, 03:07 PM) *

thank you verry much, I study the code tomorrow (I live in Germany, it's time to sleep here wink.gif) If I got questions, I'm gonna ask

Not a problem, ask questions when you are ready. Here is another version, it doesn't use the required attribute, in case the browser doesn't support it. Server side validation should be done anyway, even if the browser does support it.
CODE
<?php
$errors = array();

function validateForm($errors)
{
$valid = true;
if($_POST["user"] == '')
{
  $errors['user'] = "Username can't be blank.";
  $valid = false;
}
if($_POST["password"] == '')
{
  $errors['password'] = "Password can't be blank.";
  $valid = false;
}
return $valid;
}

if(isset($_POST['submit']))
{
if(validateForm(&$errors))
{
  $user = $_POST["user"];
  $password = $_POST["password"];
  if($user == "Example" && $password == "12345")
  {
   $status = '<h4 class="success">You have successfully logged in.</h4>';
  }
  else
  {
   $status = '<h4 class="error">Username and Password don\'t match.</h4>';
  }
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<title>Login Sample</title>
<style>
.error
{
  color: #FF0000;
}
.success
{
  color: #008000;
}
</style>
</head>
<body>
<?php if(isset($status)) echo($status);?>
<form method="post" action="<?php echo(htmlspecialchars($_SERVER['REQUEST_URI']));?>" accept-charset="UTF-8">
  <input type="text" name="user" placeholder="Username" autocomplete="off" value="<?php if(isset($_POST['user'])) echo($_POST['user']);?>">
  <span class="error"><?php if(isset($errors) && array_key_exists('user', $errors)) echo($errors['user']);?></span><br>
  <input type="password" name="password" placeholder="Password" value="<?php if(isset($_POST['password'])) echo($_POST['password']);?>">
  <span class="error"><?php if(isset($errors) && array_key_exists('password', $errors)) echo($errors['password']);?></span><br>
  <button type="submit" class="login_btn" name="submit">Login</button>
</form>
</body>
</html>


This post has been edited by CharlesEF: Jan 17 2016, 05:26 PM
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
CharlesEF
post Jan 18 2016, 06:15 AM
Post #9


Programming Fanatic
********

Group: Members
Posts: 1,981
Joined: 27-April 13
From: Edinburg, Texas
Member No.: 19,088



Oh yeah, you can put the required attribute back in the 2 HTML elements. They provide client side verification and you should still have server side verification also.
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



- Lo-Fi Version Time is now: 29th March 2024 - 06:07 AM