probleem met sessie en submit
ik loop hier vast en weet ook niet zo goed meer hoe ik het moet oplossen.
ik probeer een login systeem te maken echter werkt dit niet zo goed ( ik denk dat het aan session ligt)
Op het moment dat er op submit wordt gedrukt wordt er een verbinding gemaakt met mijn database. Username en password worden vergeleken en als als er precies 1 resultaat is wordt er sessie gemaakt. Op het moment dat die sessie true is haalt mijn pagina zijn header en body tevoorschijn en kan je dus verder gaan.
Mijn probleem is dat op het moment er op submit wordt gedrukt mijn pagina niet verdergaat maar weer in het login deel kom. Ik denk dus dat de sessie niet wordt onthouden. wie kan mij hierbij helpen?
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
if(isset($_POST['submit']))
{
$host="localhost:3307"; // Host name
$username="root"; // Mysql username
$password="usbw"; // Mysql password
$db_name="boek"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
$_SESSION['login'] =true;
}else
{
echo "Wrong Username or Password";
}
}
if(isset($_SESSION['login']))
{
$this->toonHeader();
$this->toonBody();
}
}
{
$host="localhost:3307"; // Host name
$username="root"; // Mysql username
$password="usbw"; // Mysql password
$db_name="boek"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
$_SESSION['login'] =true;
}else
{
echo "Wrong Username or Password";
}
}
if(isset($_SESSION['login']))
{
$this->toonHeader();
$this->toonBody();
}
}
Gewijzigd op 04/07/2013 14:31:49 door E t
'help' geeft niets van je probleem aan. Ook zien we graag je code tussen [code] en [/code].
Alvast bedankt!
Toevoeging op 04/07/2013 14:50:22:
En ik zie nergens session_start() in je script. Dit moet je bovenaan de pagina plaatsen.
Dit is mijn volledige code:
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
<?php
session_start();
require_once ('zoekboek.php');
class Pagina
{
public $zoekboek;
public function toonPagina()
{echo "
<table width=\"300\" border=\"0\" align=\"center\" cellpadding=\"0\" cellspacing=\"1\" bgcolor=\"#CCCCCC\">
<tr>
<form name=\"form1\" method=\"POST\">
<td>
<table width=\"100%\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" bgcolor=\"#FFFFFF\">
<tr>
<td colspan=\"3\"><strong>Member Login </strong></td>
</tr>
<tr>
<td width=\"78\">Username</td>
<td width=\"6\">:</td>
<td width=\"294\"><input name=\"myusername\" type=\"text\" id=\"myusername\"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name=\"mypassword\" type=\"password\" id=\"mypassword\"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type=\"submit\" name=\"Submit\" value=\"Login\"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>";
if(isset($_POST['submit']))
{
$host="localhost:3307"; // Host name
$username="root"; // Mysql username
$password="usbw"; // Mysql password
$db_name="boek"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
$_SESSION['login'] =true;
}else
{
echo "Wrong Username or Password";
}
}
if(isset($_SESSION['login'])==true)
{
$this->toonHeader();
$this->toonBody();
}
}
public function toonHeader()
{
echo "<!DOCTYPE HTML>";
echo "<html>";
echo "<head>";
echo "<title>Boeken</title>";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">";
echo "</head>";
}
public function toonBody()
{
if(!isset($_GET['Titel']))
$Titel = "";
else
$Titel = $_GET['Titel'];
if(!isset($_GET['pagenr']))
$pagenr = 1;
else
$pagenr = $_GET['pagenr'];
echo "<body>\n";
echo "<form name='Boeken' method='GET'>";
echo "<br>Titel: <input type='text' name='Titel' value='$Titel'>";
echo "<input type='submit' name='Zoek' value='Zoek'>";
echo "</body>\n";
echo "</html>";
if(isset($_GET['logout']))
{
//mysql_free_result($sql_query);
//mysql_close($link);
session_destroy();
echo "<meta http-equiv=\"refresh\" content=\"0;URL='localhost:8080/Week3%20correct/'\" /> ";
}
if (isset($_GET['Titel']))
{
$zoekboek = new zoekboek();
list($result, $totaal)=$zoekboek->Zoek($Titel, $pagenr);
echo "$result";
echo"<br>";
for($i=1; $i<=$totaal;$i++)
{
if ($pagenr == $i)
{
echo " <a href=\"". $_SERVER['PHP_SELF'] ."?Titel=$Titel&pagenr=". $i ."\"><b>". $i ."</b></a> ";
}
else
{
echo " <a href=\"". $_SERVER['PHP_SELF'] ."?Titel=$Titel&pagenr=". $i ."\">". $i ."</a> ";
}
}
}
echo"<br><input type=\"submit\" name='logout' value=\"Log out\">";
echo "</body>
</html>";
}
}
?>
session_start();
require_once ('zoekboek.php');
class Pagina
{
public $zoekboek;
public function toonPagina()
{echo "
<table width=\"300\" border=\"0\" align=\"center\" cellpadding=\"0\" cellspacing=\"1\" bgcolor=\"#CCCCCC\">
<tr>
<form name=\"form1\" method=\"POST\">
<td>
<table width=\"100%\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" bgcolor=\"#FFFFFF\">
<tr>
<td colspan=\"3\"><strong>Member Login </strong></td>
</tr>
<tr>
<td width=\"78\">Username</td>
<td width=\"6\">:</td>
<td width=\"294\"><input name=\"myusername\" type=\"text\" id=\"myusername\"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name=\"mypassword\" type=\"password\" id=\"mypassword\"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type=\"submit\" name=\"Submit\" value=\"Login\"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>";
if(isset($_POST['submit']))
{
$host="localhost:3307"; // Host name
$username="root"; // Mysql username
$password="usbw"; // Mysql password
$db_name="boek"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
$_SESSION['login'] =true;
}else
{
echo "Wrong Username or Password";
}
}
if(isset($_SESSION['login'])==true)
{
$this->toonHeader();
$this->toonBody();
}
}
public function toonHeader()
{
echo "<!DOCTYPE HTML>";
echo "<html>";
echo "<head>";
echo "<title>Boeken</title>";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">";
echo "</head>";
}
public function toonBody()
{
if(!isset($_GET['Titel']))
$Titel = "";
else
$Titel = $_GET['Titel'];
if(!isset($_GET['pagenr']))
$pagenr = 1;
else
$pagenr = $_GET['pagenr'];
echo "<body>\n";
echo "<form name='Boeken' method='GET'>";
echo "<br>Titel: <input type='text' name='Titel' value='$Titel'>";
echo "<input type='submit' name='Zoek' value='Zoek'>";
echo "</body>\n";
echo "</html>";
if(isset($_GET['logout']))
{
//mysql_free_result($sql_query);
//mysql_close($link);
session_destroy();
echo "<meta http-equiv=\"refresh\" content=\"0;URL='localhost:8080/Week3%20correct/'\" /> ";
}
if (isset($_GET['Titel']))
{
$zoekboek = new zoekboek();
list($result, $totaal)=$zoekboek->Zoek($Titel, $pagenr);
echo "$result";
echo"<br>";
for($i=1; $i<=$totaal;$i++)
{
if ($pagenr == $i)
{
echo " <a href=\"". $_SERVER['PHP_SELF'] ."?Titel=$Titel&pagenr=". $i ."\"><b>". $i ."</b></a> ";
}
else
{
echo " <a href=\"". $_SERVER['PHP_SELF'] ."?Titel=$Titel&pagenr=". $i ."\">". $i ."</a> ";
}
}
}
echo"<br><input type=\"submit\" name='logout' value=\"Log out\">";
echo "</body>
</html>";
}
}
?>
$_POST['submit']
Submit != submit als het om een key gaat in een php array. Overigens moet je ook niet controleren op de button, maar op de methode:
Wederom een minuut te laat :)
if(isset($_POST['submit']))
Dit raad ik altijd af. Een submit knop dient om te submitten. Niet om te controleren of er gepost is.
Je kan dit vervangen door
if($_SERVER['REQUEST_METHOD'] === 'POST')
Dus ... jij vraagt: "Heeft iemand op de knop gedrukt?"; ik vraag: "Heeft iemand een formulier verzonden?".
Gewijzigd op 04/07/2013 15:24:51 door Kris Peeters
Kris Peeters op 04/07/2013 15:23:29:
Offtopic:
Wederom een minuut te laat :)
Wederom een minuut te laat :)
Gewoon wat sneller leren typen :-)