Josh Miller
Josh Miller

Reputation: 120

HTML Form seemingly not posting to PHP

Hello and thank you for your time.

Regardless of the amount of research I do, I cannot find an already-discussed solution to this problem.

The problem is that the submit button automatically redirects, seemingly without posting the form. It worked until I converted from MySQL functions to MySQLi. Everything else is working but this part of the website.

HTML form (myaccount.inc.php):

<div id="change-password">

<form class="clearfix" action="" method="post">

        <div><span class="he1">Change Password</span></div>

        <div>
            <?php include_once 'controllers/accountController.php'; ?>
        </div>

        <div><label class="fieldlabel" for="password">Current Password:</label></div>
        <input type="password" name="password" id="password" size="23" /><br />

        <div><label class="fieldlabel" for="passwordnew1">New Password:</label></div>
        <input type="password" name="passwordnew1" id="passwordnew1" size="23" /><br />

        <div><label class="fieldlabel" for="passwordnew2">Confirm New Password:</label></div>
        <input type="password" name="passwordnew2" id="passwordnew2" size="23" /><br />

        <input type="submit" name="submit" value="Change Password" class="bt_changepass" />

</form>

</div>

This form is then, for lack of a better term, controlled by some PHP.

PHP (accountController.php):

// Checking whether the Password Change form has been submitted.
if(isset($_POST['submit'])=='Change Password')
{
echo "<br />";

// Get the data from the database.
$sql = $mysqli->query("SELECT * FROM ss_members WHERE usr = '".$_SESSION['usr']."' AND pass = '".md5($_POST['password'])."'");
$row = $sql->fetch_assoc();

// Will hold our errors
$err = array();

if($_POST['password'] == "" || $_POST['passwordnew1'] == "" || $_POST['passwordnew2'] == "")
{
    $err[] = 'All the fields must be filled in!';
}

if(!$row['pass'] == md5($_POST['password']) && $_POST['passwordnew1'] != "" && $_POST['passwordnew2'] != "")
{
    $err[] = 'Current password is not correct!';
}

if($_POST['passwordnew1'] <> $_POST['passwordnew2'])
{
    $err[] = 'New passwords do not match!';
}

if(!count($err))
{
    if($row['usr'])
    {
        // If everything is OK change password.
        $stmt = $mysqli->prepare("UPDATE ss_members SET pass = md5(?) WHERE usr = {$_SESSION['usr']}");
        $stmt->bind_param('s', $_POST['passwordnew1']);
        $stmt->execute();
        $stmt->close();

        echo "Password has been sucessfully updated!<br />";
    }
    else
    {
        $err[]='Something broke!';
    }
}

if($err)
{
    // Save the error messages in the session.
    foreach($err as $error)
    {
        echo $error . "<br />";
    }   
}

echo "<br />";
}

Upvotes: 0

Views: 231

Answers (5)

Messy Coder
Messy Coder

Reputation: 328

mysqli is a class, and the it's function query is not static so there, you must declare an instance of the mysqli class before you can use $mysqli->query.

You should put

$mysqli = new mysqli('localhost', 'my_user', 'my_password', 'my_db');

before

$sql = $mysqli->query("SELECT * FROM ss_members WHERE usr = '".$_SESSION['usr']."' AND pass = '".md5($_POST['password'])."'");

Upvotes: 1

Yogesh Suthar
Yogesh Suthar

Reputation: 30488

change your action to this,because accountController.php is present inside controllers folder.

<form class="clearfix" action="controllers/accountController.php" method="post">

Upvotes: 1

user1781710
user1781710

Reputation:

The problem is you are including the

<?php include_once 'controllers/accountController.php'; ?>

after the headers have been sent.

You can either move the

<?php include_once 'controllers/accountController.php'; ?>

to the top of the page, inside the handler part, or you can submit the form to

controllers/accountController.php

using

<form class="clearfix" action="controllers/accountController.php" method="post">

Upvotes: 1

Prasanth Bendra
Prasanth Bendra

Reputation: 32820

Try this :

Give form action to accountController.php

<form class="clearfix" action="accountController.php" method="post">

Upvotes: 1

Praveen Kumar Purushothaman
Praveen Kumar Purushothaman

Reputation: 167250

There is no action set in your <form> tag and it is sending the data to the same file. i.e., myaccount.inc.php.

Change it to:

<form class="clearfix" action="accountController.php" method="post">

Upvotes: 4

Related Questions