Reputation: 79
Show information only after complete form
I have the following code:
<html>
<head>
</head>
<body>
<?php
if (!isset($_COOKIE["loggedin"])){
?>
<form action="index.php" method="POST" name="name_form">
Username <input type="text" name="username">
<br/>
Password <input type="text" name="password">
<br/>
Remember Me <input type ="checkbox" name="remember_me" value="1">
<br/>
<input type="submit" name="submit" value="Log in">
</form>
<?php
if(preg_match("/<|>/", $_POST["username"])){
echo "do not log in";
}
else if(preg_match("/<|>/", $_POST["password"])){
echo "do not log in";
}
else {
//Open/create passwords.txt
$passwordsFile = fopen("passwords.txt", "a");
//write users username and password to passwords.txt
$text_written = fwrite($passwordsFile, $_POST["username"] . "," . $_POST["password"] . "\r\n");
fclose($passwordsFile);
setcookie("loggedin", $_POST["username"]);
setcookie("loggedintime", time());
echo "<h1>Welcome " . $_COOKIE["loggedin"] . "</h1>";
echo "You have been logged in for " . $_COOKIE["loggedintime"] . " seconds.";
echo "<nav>
<ul>
<li>Browse books in store</li>
<li>Analytics</li>
<li>Logout</li>
</ul>
</nav>";
}
}
?>
</body>
But it's showing the "Welcome ____, you have been logged in for..." part before the user completes the form correctly and I would like to know what to do if I want to show it only after the user complete the form correctly.
Thanks!
Upvotes: 0
Views: 41
Answers (2)
Reputation: 965
It seems that you are validating form and showing Welcome message without submitting it. Do check below code. It might help you. Validate form after submitting it only.
<?php
if (!isset($_COOKIE["loggedin"])) {
?>
<form action="index.php" method="POST" name="name_form">
Username <input type="text" name="username">
<br/>
Password <input type="text" name="password">
<br/>
Remember Me <input type ="checkbox" name="remember_me" value="1">
<br/>
<input type="submit" name="submit" value="Log in">
</form>
<?php
if($_POST) {
if(preg_match("/<|>/", $_POST["username"])){
echo "do not log in";
}
else if(preg_match("/<|>/", $_POST["password"])){
echo "do not log in";
}
else {
//Open/create passwords.txt
$passwordsFile = fopen("passwords.txt", "a");
//write users username and password to passwords.txt
$text_written = fwrite($passwordsFile, $_POST["username"] . "," . $_POST["password"] . "\r\n");
fclose($passwordsFile);
setcookie("loggedin", $_POST["username"]);
setcookie("loggedintime", time());
echo "<h1>Welcome " . $_COOKIE["loggedin"] . "</h1>";
echo "You have been logged in for " . $_COOKIE["loggedintime"] . " seconds.";
echo "<nav>
<ul>
<li>Browse books in store</li>
<li>Analytics</li>
<li>Logout</li>
</ul>
</nav>";
}
}
}
?>
Upvotes: 1
Reputation: 218877
Well, step through your code logically. If the user is not logged in, then this is true:
if (!isset($_COOKIE["loggedin"])){
If no form values have been posted, then this is false:
if(preg_match("/<|>/", $_POST["username"])){
and this is false:
else if(preg_match("/<|>/", $_POST["password"])){
Thus, the else block is executed. Exactly as designed.
I suspect you want to check if any form post has been received at all. In which case you could wrap that code in something like:
if (isset($_POST["submit"])){
Which would check if the submit button was pressed before evaluating the rest of the code.
Upvotes: 1