Jump to content

Forms Help


waddledoo

Recommended Posts

I am attempting to create a login page, but my script is giving errors in relation to the forms.

 

Involved PHP:

$username = mysql_real_escape_string($_POST['username']);

if ($_POST['submit']=='Login')
{
$md5pass = md5($_POST['password']);
$sql = "SELECT id,username FROM members WHERE 
            username = '$username' AND 
            password = '$md5pass'";

//etc etc...

 

Involved HTML:

<form id="f6" action="" method="post" onsubmit="return weCheckForm(this)">
<fieldset id="e6" class="cc32">
<label id="e5" class="cc33" for="e4">
	Username
</label>
<input id="e4" class="cc34" type="text" name="username" title="username" size="23"><br>
<label id="e3" class="cc33" for="e2">
	Password
</label>
<input id="e2" class="cc34" type="password" name="password" title="password" size="23"><br>
<input id="e1" class="cc35" type="submit" title="submit" value="Login">
</fieldset>
</form>

 

Errors received:

Notice: Undefined index: username in C:\(etc etc...) on line 4

Notice: Undefined index: submit in C:\(etc etc...) on line 6

 

Now I know that the problem is username and submit are undefined. However, I do not know how to define them in relation to the forms.

Link to comment
Share on other sites

It's in the same file. I tried adding "<?php echo $_SERVER['PHP_SELF']?>"

        <input id="e4" class="cc34" type="text" name="username" title="username" size="23"> = "<?php echo $_SERVER['username']?>"<br>
<label id="e3" class="cc33" for="e2">
	Password
</label>
<input id="e2" class="cc34" type="password" name="password" title="password" size="23"> = "<?php echo $_SERVER['password']?>"<br>
<input id="e1" class="cc35" type="submit" title="submit" value="Login"> = "<?php echo $_SERVER['Login']?>"

 

But it just gave me more errors along the same lines (Notice: Undefined index: etc...)

 

 

Link to comment
Share on other sites

change it from title="submit" to name="submit" and have you tried putting just

$username = $_POST['username']; 

on the top line of the code you have showed us

 

EDIT You have misunderstood me. when you open the form, try putting:

<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">

 

I did not mean putting it at the end of every <input> line

Link to comment
Share on other sites

Okay I changed the lines to:

 

<form id="f6" action="<?php echo $_SERVER['PHP_SELF']?>" method="post" onsubmit="return weCheckForm(this)">

<input id="e1" class="cc35" type="submit" name="submit" value="Login">

 

And I also tried changing

//$username = mysql_real_escape_string($_POST['username']);
$username = $_POST['username'];

 

Absolutely nothing has changed. I still get all the same errors.

 

EDIT: I'm using a web creator program for the design of the site itself, and the form was added using that. Should I add it in myself through HTML?

Link to comment
Share on other sites

Well, placing it under the if statement killed the error, but hasn't really solved the problem.

I placed an echo into the if statement, and it isn't running.

 

What I need is to find out how to actually get the username, password, and submit fields from the form.

Link to comment
Share on other sites

Just did as you suggested with the failure echo, and it displayed FAIL

 

Here is the full code

 

<?php 
include 'dbc.php'; //another separate file that connects to the mySQL database

//$username = mysql_real_escape_string($_POST['username']);
//$username = $_POST['username'];
//the above was commented out as I added it to the if statement

if (isset($_POST['submit'])) //nothing in this statement is running
{
echo "SUCCESS";
$username = $_POST['username'];
$md5pass = md5($_POST['password']);
$sql = "SELECT id,username FROM members WHERE 
            username = '$username' AND 
            password = '$md5pass'"; 

$result = mysql_query($sql) or die (mysql_error()); 
$num = mysql_num_rows($result);

    if ( $num != 0 ) { 

        // A matching row was found - the user is authenticated. 
       session_start(); 
   list($user_id,$username) = mysql_fetch_row($result);
	// this sets variables in the session 
	$_SESSION['user']= $username;  


	if (isset($_GET['ret']) && !empty($_GET['ret']))
	{
	header("Location: $_GET[ret]");
	} else
	{
	header("Location: site_002.php");
	}
	//echo "Logged in...";
	exit();
    } 

header("Location: login.php?msg=Invalid Login");
//echo "Error:";
exit();		
}
else
{echo "FAIL";}
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!-- Generated by Avanquest Technology v:8.0. For information please visit: http://www.avanquestusa.com/ -->
<html lang="en">
<head>
<title> Login </title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css;">
<link rel="stylesheet" href="site_g.css" type="text/css" media="screen,projection,print">	<!--// Document Style //-->
<link rel="stylesheet" href="site_006_p.css" type="text/css" media="screen,projection,print">	<!--// Page Style //-->
<script src="site_g.js" type="text/javascript"></script>		<!--// Document Script //-->
</head>


<body style="background-attachment: fixed;">
<div id="page">
<div id="e15" class="cc27">
	Site Name
</div>
<div id="e14" class="cc28">
	Login
</div>
<span id="e13" class="cc29"></span>
<span id="e12" class="cc30"></span>
<div id="e11" class="cc28">
	<a href="index.php">
	Home</a>
</div>
<div id="e10" class="cc28">
	<a href="site_002.htm">
	My Account</a>
</div>
<div id="e9" class="cc28">
	<a href="site_003.htm">
	Registration</a>
</div>
<div id="e8" class="cc28">
	<a href="site_004.htm">
	Page 4</a>
</div>
<div id="e7" class="cc31">
	Login to see your account information. If you do not yet have an account, find out how to register on our <a href="site_003.htm">Registration</a> page.
</div>
<form id="f6" action="<?php echo $_SERVER['PHP_SELF']?>" method="post" onsubmit="return weCheckForm(this)">
<fieldset id="e6" class="cc32">
<label id="e5" class="cc33" for="e4">
	Username
</label>
<input id="e4" class="cc34" type="text" name="username" title="username" size="23"><br>
<label id="e3" class="cc33" for="e2">
	Password
</label>
<input id="e2" class="cc34" type="password" name="password" title="password" size="23"><br>
<input id="e1" class="cc35" type="submit" name="submit" value="submit">
</fieldset>
</form>
</div>
</body>
</html>

Link to comment
Share on other sites

print_r( $_POST ); at the top of your script.

 

From what I understand, if you hit {enter} to submit a form, some browsers don't actually send the submit button along with the other post values. You could, instead, check if $_SERVER['REQUEST_METHOD'] == 'POST' or use a hidden field if there could be multiple forms submitting to the same page.

 

Otherwise, I'm not sure. I've tested your code on my machine, removing the includes and mysql-specific conditionals, and it works fine.

 

<?php 

if (isset($_POST['submit'])) //nothing in this statement is running
{
echo "SUCCESS";
$username = $_POST['username'];
$md5pass = md5($_POST['password']);
$sql = "SELECT id,username FROM members WHERE 
            username = '$username' AND 
            password = '$md5pass'"; 

echo $sql;

}
else
{echo "FAIL";}
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!-- Generated by Avanquest Technology v:8.0. For information please visit: http://www.avanquestusa.com/ -->
<html lang="en">
<head>
<title> Login </title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css;">
<link rel="stylesheet" href="site_g.css" type="text/css" media="screen,projection,print">	<!--// Document Style //-->
<link rel="stylesheet" href="site_006_p.css" type="text/css" media="screen,projection,print">	<!--// Page Style //-->
<script src="site_g.js" type="text/javascript"></script>		<!--// Document Script //-->
</head>


<body style="background-attachment: fixed;">
<div id="page">
<div id="e15" class="cc27">
	Site Name
</div>
<div id="e14" class="cc28">
	Login
</div>
<span id="e13" class="cc29"></span>
<span id="e12" class="cc30"></span>
<div id="e11" class="cc28">
	<a href="index.php">
	Home</a>
</div>
<div id="e10" class="cc28">
	<a href="site_002.htm">
	My Account</a>
</div>
<div id="e9" class="cc28">
	<a href="site_003.htm">
	Registration</a>
</div>
<div id="e8" class="cc28">
	<a href="site_004.htm">
	Page 4</a>
</div>
<div id="e7" class="cc31">
	Login to see your account information. If you do not yet have an account, find out how to register on our <a href="site_003.htm">Registration</a> page.
</div>
<form id="f6" action="<?php echo $_SERVER['PHP_SELF']?>" method="post" onsubmit="return weCheckForm(this)">
<fieldset id="e6" class="cc32">
<label id="e5" class="cc33" for="e4">
	Username
</label>
<input id="e4" class="cc34" type="text" name="username" title="username" size="23"><br>
<label id="e3" class="cc33" for="e2">
	Password
</label>
<input id="e2" class="cc34" type="password" name="password" title="password" size="23"><br>
<input id="e1" class="cc35" type="submit" name="submit" value="submit">
</fieldset>
</form>
</div>
</body>
</html>

Link to comment
Share on other sites

I've changed the code I was using, and now use a separate php file to execute it. I also removed the onSubmit, as it didn't seem to do anything, and I don't know what it was for in the first place.

 

<form id="f6" action="login.php" method="post" onsubmit="return weCheckForm(this)">

 

My new code works just fine.

Thanks for the help, as I understand forms alot better now :)

Link to comment
Share on other sites

You shouldn't really use

if (isset($_POST['submit']))

as a few browsers do not send the submit button name as part of the request.

 

The following would be better, but you would need to do some validation on the incoming form data also, such as checking if they are empty and sanitizing the malicious characters.

if ($_SERVER['REQUEST_METHOD'] == 'POST')

 

Regards, PaulRyan.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.