PDA

Click to See Complete Forum and Search --> : Form action="'.$_SERVER['PHP_SELF'].'">';

scottyrob
01-15-2007, 03:04 AM
Hi There

First question is this

If i have this line of code

print '<form name="authForm" method="POST" action="'.$_SERVER['PHP_SELF'].'">';


How on earth does the server figure out which function it needs to use to submit the form. And my second question is how can i have two of these on one page but each form goes to a different function

Scott
sameer.net.in
01-15-2007, 03:27 AM
hi,
your form action is
$_SERVER['PHP_SELF']

in PHP $_SERVER['PHP_SELF'] is the same page as
means if page url is http://codezila.com/index.php
then $_SERVER['PHP_SELF'] will have value index.php

so,you can have more than one forms targeted to same page,

but depending on the POST/GET values the processing page( action )
can determine which functions/code should be executed
NightShift58
01-15-2007, 09:08 AM
As the previous post mentions, $_SERVER['PHP_SELF'] refers to the "current" page. The "action=xxx" doesn't send the user to a function but to a page.

Within a page, you can have multiple forms. Each form can (but doesn't have to) have a different action page.

If you need to differentiate further, you can also include GET variables in the action clause:
action='index.php?func=dothis' or action='{$_SERVER['PHP_SELF']}?func=dothat'.

If you do that, however, make sure that - although coming from a POST - you test the value of "func" as $_GET['func'] and not as $_POST['func'].
scottyrob
01-15-2007, 11:06 AM
What do you mean by


If you do that, however, make sure that - although coming from a POST - you test the value of "func" as $_GET['func'] and not as $_POST['func'].

Scott
NightShift58
01-15-2007, 01:47 PM
Anything that comes after "?" in a URL is a GET variable.

I was saying that you shouldn't that if you use that in <form action=xxx.php?func=123>.
scottyrob
01-15-2007, 04:21 PM
I think im having a dumb day.. Im not quite undertanding what you mean.. Sorry...

Well i had a go and my code didnt work!

function process_form() {

print '<form name="authForm" method="POST" action="ChangePassword.php?func=Change_Password" onsubmit="return validate_passw(this)">';
print '<table><tr><td width="50">';
print 'Please Enter Your Password </td><td width="300"><input type="text" name="Password1" value="' . htmlentities($_POST['Password1']) . '"> <br />';
print '</td></tr><tr><td width="300">Please Enter Your Password </td><td width="50"><input type="password" name="Password2" value="' . htmlentities($_POST['Password2']) . '"> <br />';
print '</td></tr><tr><td width="300"></td><td width="50"><input type="submit" name="login" value="Login" /></td></tr></table>';
print '<input type="hidden" name="_submit_check" value="1"/>';
print '<input type="hidden" name="Username" value="' . htmlentities($_SESSION[Username]) . '"/>';
print '</form>';

}

function Change_Password() {

$NewPassword = $_POST['Password1'];
$Username = $_POST['Username'];

$sql = "UPDATE tblExplorerGroup SET Password='$NewPassword' WHERE Username='$Username' LIMIT 1";
$qry = mysql_query($sql) or dying_mail("Query failed ($sql) " . mysql_error() . "<br><br>This error has been reported! I'll fix it sometime soon (Very soon...) !");

$sql2 = "SELECT * FROM tblExplorerGroup WHERE Username='$Username' LIMIT 1";
$qry2 = mysql_query($sql2) or dying_mail("Query failed ($sql2) " . mysql_error() . "<br><br>This error has been reported! I'll fix it sometime soon (Very soon...) !");

$row = mysql_fetch_array( $qry2 );
echo $row['Username']." - ".$row['Password']. "<br />";

}
NightShift58
01-15-2007, 05:04 PM
Take this example:
<form action="test.php?ref=123">
<input type="text" name="testinput">
</form>When you want to check the value of "ref", you'll have to check against $_GET['ref'] and to check the value of "testinput", $_POST['testinput'].

I was only saying that, IF you also use the action URL to pass values to the action page, not to forget to treat those variable as what they are, $_GET and $_POST, respectively - even though it may seems that, since it's a form, it should all be $_POST...
scottyrob
01-16-2007, 11:24 AM
Ahh, the below code works for me!

Just one problem.. When its processing ChangePassword (Or at the same time), it also shows the show_forms functions form. Can i process the ChangePassword fucntion without it showing show_form?



function process_form() {

print '<form name="authForm" method="POST" action="'.$_SERVER['PHP_SELF'].'" onsubmit="return validate_passw(this)">';
print '<table><tr><td width="50">';
print 'Please Enter Your Password </td><td width="300"><input type="password" name="Password1" value="' . htmlentities($_POST['Password1']) . '"> <br />';
print '</td></tr><tr><td width="300">Please Enter Your Password </td><td width="50"><input type="password" name="Password2" value="' . htmlentities($_POST['Password2']) . '"> <br />';
print '</td></tr><tr><td width="300"></td><td width="50"><input type="submit" name="login" value="Login" /></td></tr></table>';
print '<input type="hidden" name="_submit_check" value="1"/>';
print '<input type="hidden" name="formID" value="ChangePassword">';
print '<input type="hidden" name="Username" value="' . htmlentities($_SESSION[Username]) . '"/>';
print '</form>';

}

function show_form($errors = '') {
IF (!is_array($errors)) :
$errors = array($errors);
ENDIF;
print '<form name="authForm" method="POST" action="'.$_SERVER['PHP_SELF'].'">';
print '<table><tr><td width="50">';
print 'Username </td><td width="100"><input type="text" name="Username" value="' . htmlentities($_POST['Username']) . '"> <br />';
print '</td></tr><tr><td width="100">Password</td><td width="50"><input type="password" name="Password" value="' . htmlentities($_POST['Password']) . '"> <br />';
print '</td></tr><tr><td width="100">Email Address</td><td width="50"><input type="text" name="Email_Address" value="' . htmlentities($_POST['Email_Address']) . '"> <br />';
print '</td></tr><tr><td width="100">Date Of Birth</td><td width="50"><input type="text" name="DoB" value="' . htmlentities($_POST['DoB']) . '"></td><td>YYYY-MM-DD <br />';
print '</td></tr><tr><td width="100"></td><td width="50"><input type="submit" name="login" value="Login" /></td></tr></table>';
print '<input type="hidden" name="formID" value="CheckDetails">';
print '<input type="hidden" name="_submit_check" value="1"/>';
print '</form>';
IF (count($errors) > 0) :
print '<span style="color:red">';
FOREACH ($errors as $thisERROR) :
print '' . $thisERROR . '';
ENDFOREACH;
print '</span>';
ENDIF;
}

function validate_form() {

if ( $_POST['formID'] == 'CheckDetails') {

$UserID = $_POST['Username'];
$UserEmail = $_POST['Email_Address'];
$UserDoB = $_POST['DoB'];
$UserPass = $_POST['Password'];

$sql3 = "SELECT Username FROM tblExplorerGroup WHERE Username='$UserID' AND Email='$UserEmail' AND DoB='$UserDoB' AND Password='$UserPass' LIMIT 1";
$qry3 = mysql_query($sql3) or dying_mail("Query failed ($sql3) " . mysql_error() . "<br><br>This error has been reported! I'll fix it sometime soon (Very soon...) !");

$returnCODE = FALSE;
IF ($qry3) :
IF (mysql_num_rows($qry3) == 1) :
$returnCODE = TRUE;
ENDIF;
ENDIF;
return $returnCODE;

}

if ( $_POST['formID'] == 'ChangePassword') {

function Change_Password() {

$NewPassword = $_POST['Password1'];
$Username = $_POST['Username'];

$sql = "UPDATE tblExplorerGroup SET Password='$NewPassword' WHERE Username='$Username' LIMIT 1";
$qry = mysql_query($sql) or dying_mail("Query failed ($sql) " . mysql_error() . "<br><br>This error has been reported! I'll fix it sometime soon (Very soon...) !");

}

}

}
NightShift58
01-16-2007, 09:10 PM
This part is your problem. It got copied and pasted in there but it's definitely in the wrong place. I no longer have a copy of the page but the "Change Password" function needs to be a function in it's own right - without the IF in front of it. The IF part needs to be integrated into the main control code at the top of the script. That way, you'll be able to select which functions to run. If you want to, post the whole page.<?php
if ( $_POST['formID'] == 'ChangePassword') {

function Change_Password() {

$NewPassword = $_POST['Password1'];
$Username = $_POST['Username'];

$sql = "UPDATE tblExplorerGroup SET Password='$NewPassword' WHERE Username='$Username' LIMIT 1";
$qry = mysql_query($sql) or dying_mail("Query failed ($sql) " . mysql_error() . "<br><br>This error has been reported! I'll fix it sometime soon (Very soon...) !");

}

}
?>
scottyrob
01-17-2007, 03:53 AM
Sure thing... Thanks for the help!

Scott


<?php session_start(); ?>
<?php require("Template_Top.php"); ?>

<h2> Password Change </h2>

<script type="text/javascript">
function validate_passw(thisform) {
with (thisform) {
if (Password1.value==null||Password1.value=="") {
alert("Please enter a password...");
Password1.focus();
return false;
}
if (Password2.value==null||Password2.value=="") {
alert("Please retype a password...");
Password2.focus();
return false;
}
if(Password1.value != Password2.value) {
Password1.value = "";
Password2.value = "";
alert("Please enter identical new passwords...");
Password1.focus();
return false;
}
}
}
</script>

<?php

include("/home/loddouk1/public_html/DbConnect.php");

$_SESSION['Username'] = "";
IF ($_POST['_submit_check']) :
IF (validate_form()) :
$_SESSION['Username'] = $_POST['Username'];
process_form();
ELSE :
show_form('<ul><li><b>Sorry, The data entered is incorrect!</b></li></ul>');
ENDIF;
ELSE :
show_form();
ENDIF;

function process_form() {

print '<form name="authForm" method="POST" action="'.$_SERVER['PHP_SELF'].'" onsubmit="return validate_passw(this)">';
print '<table><tr><td width="50">';
print 'Please Enter Your Password </td><td width="300"><input type="password" name="Password1" value="' . htmlentities($_POST['Password1']) . '"> <br />';
print '</td></tr><tr><td width="300">Please Enter Your Password </td><td width="50"><input type="password" name="Password2" value="' . htmlentities($_POST['Password2']) . '"> <br />';
print '</td></tr><tr><td width="300"></td><td width="50"><input type="submit" name="login" value="Login" /></td></tr></table>';
print '<input type="hidden" name="_submit_check" value="1"/>';
print '<input type="hidden" name="formID" value="ChangePassword">';
print '<input type="hidden" name="Username" value="' . htmlentities($_SESSION[Username]) . '"/>';
print '</form>';

}

function show_form($errors = '') {
IF (!is_array($errors)) :
$errors = array($errors);
ENDIF;
print '<form name="authForm" method="POST" action="'.$_SERVER['PHP_SELF'].'">';
print '<table><tr><td width="50">';
print 'Username </td><td width="100"><input type="text" name="Username" value="' . htmlentities($_POST['Username']) . '"> <br />';
print '</td></tr><tr><td width="100">Password</td><td width="50"><input type="password" name="Password" value="' . htmlentities($_POST['Password']) . '"> <br />';
print '</td></tr><tr><td width="100">Email Address</td><td width="50"><input type="text" name="Email_Address" value="' . htmlentities($_POST['Email_Address']) . '"> <br />';
print '</td></tr><tr><td width="100">Date Of Birth</td><td width="50"><input type="text" name="DoB" value="' . htmlentities($_POST['DoB']) . '"></td><td>YYYY-MM-DD <br />';
print '</td></tr><tr><td width="100"></td><td width="50"><input type="submit" name="login" value="Login" /></td></tr></table>';
print '<input type="hidden" name="formID" value="CheckDetails">';
print '<input type="hidden" name="_submit_check" value="1"/>';
print '</form>';
IF (count($errors) > 0) :
print '<span style="color:red">';
FOREACH ($errors as $thisERROR) :
print '' . $thisERROR . '';
ENDFOREACH;
print '</span>';
ENDIF;
}

function validate_form() {

if ( $_POST['formID'] == 'CheckDetails') {

$UserID = $_POST['Username'];
$UserEmail = $_POST['Email_Address'];
$UserDoB = $_POST['DoB'];
$UserPass = $_POST['Password'];

$sql3 = "SELECT Username FROM tblExplorerGroup WHERE Username='$UserID' AND Email='$UserEmail' AND DoB='$UserDoB' AND Password='$UserPass' LIMIT 1";
$qry3 = mysql_query($sql3) or dying_mail("Query failed ($sql3) " . mysql_error() . "<br><br>This error has been reported! I'll fix it sometime soon (Very soon...) !");

$returnCODE = FALSE;
IF ($qry3) :
IF (mysql_num_rows($qry3) == 1) :
$returnCODE = TRUE;
ENDIF;
ENDIF;
return $returnCODE;

}

if ( $_POST['formID'] == 'ChangePassword') {

function Change_Password() {

$NewPassword = $_POST['Password1'];
$Username = $_POST['Username'];

$sql = "UPDATE tblExplorerGroup SET Password='$NewPassword' WHERE Username='$Username' LIMIT 1";
$qry = mysql_query($sql) or dying_mail("Query failed ($sql) " . mysql_error() . "<br><br>This error has been reported! I'll fix it sometime soon (Very soon...) !");

}

}

}


?>

<?php require("Template_Bottom.php"); ?>
NightShift58
01-17-2007, 08:21 AM
You've split things up. The changes need to go in Template_Top.php...
scottyrob
01-17-2007, 02:58 PM
What exactly needs to go into template top?
NightShift58
01-17-2007, 03:14 PM
This is where you control the flow of the script. It's also where you need to "send" the user to the "change password" routine whenever a change of password takes places.

Essentially, "change password" is an action on the same level as "login".
scottyrob
01-17-2007, 03:45 PM
Template_Top dosent contain anything apart from the start of a few divs, style sheets, header info and my site banner... Template_Bottom closes the divs
NightShift58
01-17-2007, 04:05 PM
You're right. I looked right at it and didn't see it.<?php session_start(); ?>
<?php require("Template_Top.php"); ?>

<h2> Password Change </h2>

<script type="text/javascript">
function validate_passw(thisform) {
with (thisform) {
if (Password1.value==null||Password1.value=="") {
alert("Please enter a password...");
Password1.focus();
return false;
}
if (Password2.value==null||Password2.value=="") {
alert("Please retype a password...");
Password2.focus();
return false;
}
if(Password1.value != Password2.value) {
Password1.value = "";
Password2.value = "";
alert("Please enter identical new passwords...");
Password1.focus();
return false;
}
}
}
</script>

<?php

include("/home/loddouk1/public_html/DbConnect.php");

$_SESSION['Username'] = "";

IF ($_POST['_submit_check']) :
IF ( $_POST['formID'] == 'ChangePassword') {:
Change_Password();
ELSEIF (validate_form()) :
$_SESSION['Username'] = $_POST['Username'];
process_form();
ELSE :
show_form('<ul><li><b>Sorry, The data entered is incorrect!</b></li></ul>');
ENDIF;
ELSE :
show_form();
ENDIF;

function process_form() {

print '<form name="authForm" method="POST" action="'.$_SERVER['PHP_SELF'].'" onsubmit="return validate_passw(this)">';
print '<table><tr><td width="50">';
print 'Please Enter Your Password </td><td width="300"><input type="password" name="Password1" value="' . htmlentities($_POST['Password1']) . '"> <br />';
print '</td></tr><tr><td width="300">Please Enter Your Password </td><td width="50"><input type="password" name="Password2" value="' . htmlentities($_POST['Password2']) . '"> <br />';
print '</td></tr><tr><td width="300"></td><td width="50"><input type="submit" name="login" value="Login" /></td></tr></table>';
print '<input type="hidden" name="_submit_check" value="1"/>';
print '<input type="hidden" name="formID" value="ChangePassword">';
print '<input type="hidden" name="Username" value="' . htmlentities($_SESSION[Username]) . '"/>';
print '</form>';

}

function show_form($errors = '') {
IF (!is_array($errors)) :
$errors = array($errors);
ENDIF;
print '<form name="authForm" method="POST" action="'.$_SERVER['PHP_SELF'].'">';
print '<table><tr><td width="50">';
print 'Username </td><td width="100"><input type="text" name="Username" value="' . htmlentities($_POST['Username']) . '"> <br />';
print '</td></tr><tr><td width="100">Password</td><td width="50"><input type="password" name="Password" value="' . htmlentities($_POST['Password']) . '"> <br />';
print '</td></tr><tr><td width="100">Email Address</td><td width="50"><input type="text" name="Email_Address" value="' . htmlentities($_POST['Email_Address']) . '"> <br />';
print '</td></tr><tr><td width="100">Date Of Birth</td><td width="50"><input type="text" name="DoB" value="' . htmlentities($_POST['DoB']) . '"></td><td>YYYY-MM-DD <br />';
print '</td></tr><tr><td width="100"></td><td width="50"><input type="submit" name="login" value="Login" /></td></tr></table>';
print '<input type="hidden" name="formID" value="CheckDetails">';
print '<input type="hidden" name="_submit_check" value="1"/>';
print '</form>';
IF (count($errors) > 0) :
print '<span style="color:red">';
FOREACH ($errors as $thisERROR) :
print '' . $thisERROR . '';
ENDFOREACH;
print '</span>';
ENDIF;
}

function validate_form() {

if ( $_POST['formID'] == 'CheckDetails') {

$UserID = $_POST['Username'];
$UserEmail = $_POST['Email_Address'];
$UserDoB = $_POST['DoB'];
$UserPass = $_POST['Password'];

$sql3 = "SELECT Username FROM tblExplorerGroup WHERE Username='$UserID' AND Email='$UserEmail' AND DoB='$UserDoB' AND Password='$UserPass' LIMIT 1";
$qry3 = mysql_query($sql3) or dying_mail("Query failed ($sql3) " . mysql_error() . "<br><br>This error has been reported! I'll fix it sometime soon (Very soon...) !");

$returnCODE = FALSE;
IF ($qry3) :
IF (mysql_num_rows($qry3) == 1) :
$returnCODE = TRUE;
ENDIF;
ENDIF;
return $returnCODE;
}
}

function Change_Password() {
$NewPassword = $_POST['Password1'];
$Username = $_POST['Username'];

$sql = "UPDATE tblExplorerGroup SET Password='$NewPassword' WHERE Username='$Username' LIMIT 1";
$qry = mysql_query($sql) or dying_mail("Query failed ($sql) " . mysql_error() . "<br><br>This error has been reported! I'll fix it sometime soon (Very soon...) !");
}
?>