Iam doing a simple high school project. Finally i understood the importance of reload the after form submission. I have tried several ways but failed. Can u guys pls help me here. This is my adduser form.
[php]
Add user| username | |
| password | |
| Select user type : | Admin Lab Assistant Store Keeper |
</form>
this is my adduser save.php file.
[php]
<?php session_start(); if(!isset($_SESSION['SESS_LOGIN']) || $_SESSION['SESS_TYPE'] !='admin')// if session variable "login" does not exist. { echo ''; //header("location:login-form.php"); // Re-direct to login-form.php } else { include("config.php"); $login = mysql_real_escape_string($_POST['login']); $password = mysql_real_escape_string($_POST['password']); $type = mysql_real_escape_string($_POST['type']); $checkformembers = mysql_query("SELECT * FROM members WHERE login='$login'"); if(mysql_num_rows($checkformembers) != 0) { echo ''; } else { $qry_add = " INSERT INTO members (login, password,type ) VALUES ('$login', '$password', '$type') "; $count = mysql_query("SELECT COUNT(login) FROM members WHERE login='$login'"); if($count==1) { echo " Duplicate Entry. Please Verify login"; } else { if($result=mysql_query($qry_add)) { // echo ''; //echo 'alert("you have successfully added one user !" );'; // echo 'window.setTimeout("window.location.replace('adduser.php');",20);'; // echo 'window.setTimeout("window.location.replace('adduser.php'),20");'; echo "[/php]
any help !
I think the best way is to handle the form from the page the form is submitted from, removing the need for unnecessary redirects. At the beginning of the form page check to see if the form was submitted and handle accordingly, then the form will be reloaded naturally.
However since this is a school project and you may be required to use redirection I suggest checking over your code and be sure that you aren’t sending anything before the header information even white space will cause it to fail.
If you’re still having problems please explain problems as thorough as possible and include any errors you’re receiving so we can weed out the problem easier
@Sabmin
first of all i must thank u for replying. There is no requirement to use redirection. But i used it becos thats sumthing I know. Any suggestions for a better code?
I didn’t test or even complete it as you can see by some comments I added, but this is how I would do it just change a few things and put the two in one file. the form will load every time and when you submit you’re just reloading the page with the new _POST array now available for processing. What’s more you could even completely remove the javascript and validate the form with php and if the user doesn’t meet the criteria you can repopulate the fields, thats up to your preference however as it just mean more writing as you’ve already created the scripts for it.
Anyway hope this helps, if you have anymore questions ask away!
[php] <?php
session_start();
if ($_POST[‘adduserForm’]) {
if(!isset($_SESSION['SESS_LOGIN']) || $_SESSION['SESS_TYPE'] !='admin')// if session variable "login" does not exist.
{
echo '<script language="javascript">';
echo 'alert("Please login as ADMINISTRATOR to add a user");';
echo ' window.location.replace("index.html");';
echo '</script>';
//header(“location:login-form.php”); // Re-direct to login-form.php
} else {
include("config.php");
$login = mysql_real_escape_string($_POST['login']);
$password = mysql_real_escape_string($_POST['password']);
$type = mysql_real_escape_string($_POST['type']);
// For security purposes you don't want to store passwords in the database in plain text.
// Whats more by adding "salt" to the beginning and end of the password you'll get a boost
// to the security, when verifying password you would simple request the string from the
// database parse out the 'salt' then call back the md5() function. Depending on how secure
// you need it you can create your own algorithm for the 'salt' to make it harder to break
// especially as a common reaccuring string found will become obvious or not use it at all
// but should always at least encrypt it.
$password = ("INSERT RANDOM ALPHANUMERIC CHARACTERS" . md5($password) . "INSERT RANDOM ALPHANUMERIC CHARACTERS");
$checkformembers = mysql_query("SELECT * FROM members WHERE login='$login'");
if(mysql_num_rows($checkformembers) != 0)
{
echo '<script language="javascript">';
echo 'alert("Username already in use. Please try again.!" );';
//echo ' window.location.replace("adduser.php");';
echo '</script>';
} else {
$qry_add = " INSERT INTO members
(login, password,type )
VALUES ('$login', '$password', '$type') ";
$count = mysql_query("SELECT COUNT(login) FROM members WHERE login='$login'");
if($count==1)
{
echo "<font color=red> Duplicate Entry. Please Verify login</font>";
} else {
if($result=mysql_query($qry_add))
{
// echo '<script language="javascript">';
//echo 'alert("you have successfully added one user !" );';
// echo 'window.setTimeout("window.location.replace('adduser.php');",20);';
// echo 'window.setTimeout("window.location.replace('adduser.php'),20");';
echo "<br><font color=green size=+1 >you have successfully added one user ! <br>[ username = $login ] </font>" ;
//echo ' window.location.reload("adduser.php");';
// echo '/script>';
} else {
echo "<br><font color=red size=+1 >Problem in Adding !</font>" ;
echo "ERROR - unable to save new username and password!<br>";
$SQLError = "SQL ERROR: ".mysql_errno().". ".mysql_error()."<BR><BR>";
echo "$SQLError";
mysql_close();
}
}
}
}
echo "<BR><BR>"; // just to create a little space between anything sent prior to the form
}
?>
| username | |
| password | |
| Select user type : | Admin Lab Assistant Store Keeper |
</form>
@submin
Thank u very much. But there is a little problem. I have changed my script as u said. But this error occured.
[size=12pt]Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at F:\xampplite\htdocs\vidi\adduser.php:1) in F:\xampplite\htdocs\vidi\adduser.php on line 2[/size]
this is line 2>>>
session_start();
did you copy and paste? if so there is whitespace before <?php on line 1. ie: " <?php" should be “<?php”
It works prerfectly now. 
;D 
Thank u very much. This is a great help Thanks again
You’re very welcome, come on back with some more problems