Page 1 of 1

Can't Get Any Functions' Forms to Submit

Posted: Thu Jan 01, 2009 9:04 pm
by CoolAsCarlito
Okay everytime I try and submit a form or do something else it goes to a white screen with the "You did not fill in a required field." in the window. And this is the only page that has that in it.

Also it allows me fully to login to my control panel however any other forms on it prevents me from having them submitted.

Code: Select all

<?php 
 
include ('database.php');
 
//if the login form is submitted
if(isset($_POST['submit']))
{
    // makes sure they filled it in
    if(!$_POST['username'] || !$_POST['password'])
    {
        die('You did not fill in a required field.');
    }
   $username = mysql_real_escape_string($_POST['username']); 
   $pass = mysql_real_escape_string($_POST['password']); 
 
    $check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());
 
    //Gives error if user dosen't exist
    $check2 = mysql_num_rows($check);
    if ($check2 == 0)
    {
        die('That user does not exist in our database.');
    }
    while($info = mysql_fetch_array( $check )) 
    {
        $pass = md5(stripslashes($_POST['password']));
        $info['password'] = stripslashes($info['password']);
        //$_POST['pass'] = md5($_POST['pass']); THIS IS DONE IN THE ABOVE STATEMENT
        //gives error if the password is wrong
        if ($pass != $info['password'])
        {
            die('Incorrect password, please try again.');
        }
        else 
      
      // if login is ok then we add a cookie and send them to the correct page
        { 
            $username = stripslashes($username); 
         $_SESSION['username'] = $username; 
         $_SESSION['loggedin'] = time();
            
            // Finds out the user type
            $query = "SELECT `admin` FROM `users` WHERE `username` = '" . $username . "'";
            $result = mysql_query($query) or die(mysql_error()); 
            $row = mysql_fetch_array($result); 
            $admin = $row['admin'];
         $_SESSION['admin'] = $admin;
 
#########################################
######## ADMIN SCRIPT CAN BE ADDED BELOW
#########################################
if(isset($_SESSION['admin'])) { ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V1 Administration Console</title>
<link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
<link rel="stylesheet" href="backstage_print.css" type="text/css" media="print">
<script src="prototype.js" type="text/javascript"></script>
<script src="scriptaculous.js" type="text/javascript"></script>
<script type="text/javascript" src="ajax.js"></script>
<script type="text/javascript">
var page = document.cookie.match(/page=[\w][\w\-\.]+;/);
if(page != null) {
    ajaxpage("page", "content");
} else {
    ajaxpage("home", "content");
}
</script>
<link rel=stylesheet href=backstage.css type=css media=screen>
<link rel=stylesheet href=backstage_print.css type=css media=print>
</head>
<body>
<div id=container>
<div class=header>
<table cellpadding="0" cellspacing="0" border="0" width="95%">
<tr>
<td width=110 align=center></td>
<td></td>
<td width=40 valign=bottom align=right>
<a href="#" onclick="ajaxpage('home', 'content'); return false;">Home</a> | <a href="#" onclick="ajaxpage('logout', 'content'); return false;">Logout</a> | <a target="_blank" href="http://kansasoutlawwrestling.com/phpBB3">Forums</a></td>
</tr>
</table>
</div>
<div id=container2>
<div id=nav>
<?php if(isset($_SESSION['loggedin']))   { ?>
<h1>Character</h1>
<ul>
<li><a href="#" onclick="ajaxpage('bio', 'content'); return false;">Bio</a></li>
<li><a href="#" onclick="ajaxpage('allies', 'content'); return false;">Allies</a></li>
<li><a href="#" onclick="ajaxpage('rivals', 'content'); return false;">Rivals</a></li>
<li><a href="#" onclick="ajaxpage('quotes', 'content'); return false;">Quotes</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']))   { ?>
<h1>Submit</h1>
<ul>
<li><a href="#" onclick="ajaxpage('roleplay', 'content'); return false;">Roleplay</a></li>
<li><a href="#" onclick="ajaxpage('news', 'content'); return false;">News</a></li>
<li><a href="#" onclick="ajaxpage('match', 'content'); return false;">Match</a></li>
<li><a href="#" onclick="ajaxpage('seg', 'content'); return false;">Seg</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>  
<h1>Handler</h1>
<ul>
<li><a href="#" onclick="ajaxpage('directory', 'content'); return false;">Directory</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>  
<h1>Booking</h1>
<ul>
<li><a href="#" onclick="ajaxpage('champions', 'content'); return false;">Champions</a></li>
<li><a href="#" onclick="ajaxpage('booker', 'content'); return false;">Booker</a></li>
<li><a href="#" onclick="ajaxpage('compiler', 'content'); return false;">Compiler</a></li>
<li><a href="#" onclick="ajaxpage('archives', 'content'); return false;">Archives</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>  
<h1>Fed Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('handlers', 'content'); return false;">Handlers</a></li>
<li><a href="#" onclick="ajaxpage('characters', 'content'); return false;">Characters</a></li>
<li><a href="#" onclick="ajaxpage('applications', 'content'); return false;">Applications</a></li>
<li><a href="#" onclick="ajaxpage('eventnames', 'content'); return false;">Event Names</a></li>
<li><a href="#" onclick="ajaxpage('titlenames', 'content'); return false;">Title Names</a></li>
<li><a href="#" onclick="ajaxpage('matchtypes', 'content'); return false;">Match Types</a></li>
<li><a href="#" onclick="ajaxpage('divisions', 'content'); return false;">Divisions</a></li>
<li><a href="#" onclick="ajaxpage('countries', 'content'); return false;">Arenas</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>  
<h1>Site Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('templates', 'content'); return false;">Templates</a></li>
<li><a href="#" onclick="ajaxpage('content', 'content'); return false;">Content</a></li>
<li><a href="#" onclick="ajaxpage('biosconfig', 'content'); return false;">Bio Configuration</a></li>
<li><a href="#" onclick="ajaxpage('newscat', 'content'); return false;">News Categories</a></li>
<li><a href="#" onclick="ajaxpage('menus', 'content'); return false;">Menus</a></li>
</ul>
<?php } ?>
</div>
<div id=content>
</div>
<div id="footer">Backstage 1 &copy; 2009
</div>
</div>
</div>
</body>
</html>
<?php  
#########################################
######## ADMIN SCRIPT HAS TO END ABOVE
#########################################
    }
        } 
    } 
} 
else 
{
// if they have not submitted the form
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V1 Administration Console</title>
<link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
<link rel="stylesheet" href="backstage_print.css" type="text/css" media="print">
<script src="prototype.js" type="text/javascript"></script>
<script src="scriptaculous.js" type="text/javascript"></script>
<script type="text/javascript" src="ajax.js"></script>
<link rel=stylesheet href=backstage.css type=css media=screen>
<link rel=stylesheet href=backstage_print.css type=css media=print>
</head>
<body>
<div id=login>
<form method="POST" action="/other/backstage.php">
<h1>KOW Backstage</h1>
<p><label>Username:<br><input type="text" name="username" id="log" tabindex="1"></label></p>
<p><label>Password:<br><input type="password" name="password" id="pwd" tabindex="2"></label></p>
<p style="text-align: center;"><input type="submit" class="button" name="submit" id="submit" value="Login &raquo;" tabindex="4"></p>
</form>
</div>
</body>
</html>
<?php
}
?>

Re: Can't Get Any Functions' Forms to Submit

Posted: Thu Jan 01, 2009 9:33 pm
by Benjamin
Either the username or password field is not being posted. You can check this by outputting the post data on the page.

Code: Select all

 
echo '<pre>' . print_r($_POST, true) . '</pre>';
 

Re: Can't Get Any Functions' Forms to Submit

Posted: Thu Jan 01, 2009 9:43 pm
by CoolAsCarlito
Let me re-explain this because I did a poor job doing it the first time. That is my whole main page script now the functions you see that use the ajaxpage and what not is the forms that won't submit correctly.

I just figured out that its because I have submit all called the same in all my submit forms in my functions and that's in backstagefunctions.php and backstage.php (main page) includes backstagefunctions.php so my login form and my other forms are all getting mixed together.

The login form assumes that if there's a "submit" button the user must be trying to log in, so it checks for the username and password. The other form also has a "submit" button but of course no username or password field.

So when it gets submitted the login code catches it first, doesn't see the fields, and complains.

I went ahead and changed the name of the one of my functions form submit button and changed the Post submit name in the if that handles the form so that they match and now all it does is go back to my login and doesn't run the form. So I think I'm getting somewhere so far.

Code: Select all

function newhandler() {
if (isset ($_POST['submit2'])) { // Handle the form.
    
    // Define the query.
    $salt = "rweweroiu23i4u89wu89fu9sadhfiuhaw89eriuahdfuiwher";
    $password = md5(md5(md5(encrypt(md5(md5($password.$salt))))));
    $login = $_POST['login'];
    $p = $_POST['password'];
    $surname = $_POST['surname'];
    $firstname = $_POST['firstname'];
    $email = $_POST['email'];
    $aim = $_POST['aim'];
    $msn = $_POST['msn'];
    $forumid = $_POST['forumid'];
    $account = $_POST['account'];
    $admin = $_POST['admin'];
    $query = "INSERT INTO users (username, password, surname, firstname, email, aim, msn, forumid, status, admin) VALUES ('$login', '$p','$surname','$firstname', '$email', '$aim', '$msn', '$forumid', '$account', '$admin')";
 
    // Execute the query.
    if (@mysql_query ($query)) {
        print '<p>The handler has been added.</p>';
    } else {
        print '<p>Could not add the entry because: <b>" . mysql_error() . "</b>. The query was $query.</p>';
    }
    
    mysql_close(); 
 
} 
print'<h1 class="backstage">Handler Management</h1><br />';
print'<h2 class="backstage">Add New Handler Account</h2><br />';
print'<form name="newhandler" method="post" >';
print'<table width="100%" class="table2">';
print'<tr>';
print'<td width="120" class="rowheading">Username:</td><td class="row3"><input type="text" name="login" class="fieldtext490"></td>';
print'</tr>';
print'<tr>';
print'<td class="rowheading">Password:</td><td class="row3"><input type="password" name="password" class="fieldtext490"></td>';
print'</tr>';
print'<tr>';
print'<td class="rowheading">Surname:</td><td class="row3">';
print'<input type="text" name="surname" class="fieldtext490"></td>';
print'</tr>';
print'<tr>';
print'<td class="rowheading">Firstname:</td>';
print'<td class="row3"><input type="text" name="firstname" class="fieldtext490"></td>';
print'</tr>';
print'<tr>';
print'<td class="rowheading">Email:</td>';
print'<td class="row3"><input type="text" name="email" class="fieldtext490"></td>';
print'</tr>';
print'<tr>';
print'<td class="rowheading">AIM:</td>';
print'<td class="row3"><input type="text" name="aim" class="fieldtext490"></td>';
print'</tr>';
print'<tr>';
print'<td class="rowheading">MSN:</td>';
print'<td class="row3"><input type="text" name="msn" class="fieldtext490"></td>';
print'</tr>';
print'<tr>';
print'<td class="rowheading">Forum ID:</td>';
print'<td class="row3"><input type="text" name="forumid" class="fieldtext490"></td>';
print'</tr>';
print'<tr>';
print'<td class="rowheading">Account:</td>';
print'<td class="row3"><select name="account" class="selection">';
print'<option value="Enabled">Enabled</option><option value="Disabled">Disabled</option>';
print'</select></td>';
print'</tr>';
print'<tr>';
print'<td class="rowheading">Administrator:</td>';
print'<td class="row3"><select name="admin" class="selection">';
print'<option value="2">No</option><option value="1">Yes</option>';
print'</select></td>';
print'</tr>';
print'</table><br />';
print'<input type="submit" value="Save Handler" class="button" name="submit2"></form><br />';
print'<input type="hidden" name="action" value="handlers"><input type="submit" value="Return to Handler List" class="button200"><br />';
print'<script type="text/javascript" src="ajax.js"></script>';
print'<h2 class="backstage">Characters<br /><br />';
print'<form method=post name="addwrestler" onsubmit="return WrestlerList(this);"><select name="characterid" class="dropdown">';
print'<option value="">- Select -</option>';
$query = 'SELECT charactername FROM characters';
            $result = mysql_query($query);
            while ($row = mysql_fetch_assoc($result))
            {
            print "<option value=\"{$row['charactername']}\">{$row['charactername']}</option>\r";
            }             
print'</select>&nbsp;&nbsp;<input name="submit" type="submit" value="Add" class="button"></form></h2><br />';
print'<ul id="characterlist"></ul>';
print'This handler does not have any characters assigned.<br /><br />';
print'<h2 class="backstage"><form method="post"><input type="submit" value="Return to Main Menu" class="button200"></form></h2>';
}