1,105,578 Community Members

getting the value from input type hidden

Member Avatar
masterjiraya
Posting Whiz
327 posts since Jul 2008
Reputation Points: -3 [?]
Q&As Helped to Solve: 32 [?]
Skill Endorsements: 4 [?]
 
0
 

File name:index.php

<html>
<head>
<script type="text/javascript">
function showUser(str, query)
{
if(document.getElementById("Author").checked==true)
{
    query="author";
}else if(document.getElementById("bookname").checked==true)
{
    query="bookname";
}else{
    document.getElementById("textHint")="please select";
}

if (str=="")
  {
  document.getElementById("txtHint").innerHTML="";
  return;
  }
if (window.XMLHttpRequest)
  {// code for IE7+, Firefox, Chrome, Opera, Safari
  xmlhttp=new XMLHttpRequest();
  }
else
  {// code for IE6, IE5
  xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
  }
xmlhttp.onreadystatechange=function()
  {
  if (xmlhttp.readyState==4 && xmlhttp.status==200)
    {
    document.getElementById("txtHint").innerHTML=xmlhttp.responseText;
    }
  }
xmlhttp.open("GET","postback.php?q="+str+"&query_type="+query,true);
xmlhttp.send();
}
</script><title>
    Search Books
</title>
</head>
<body>
<form method ="get" >
    <div style="background-color:Orange">
<h3>Welcome<?php echo $_GET['username'].", ";
?> Want to search a book?</h3>
Search:<input type="text" name="users" onKeyUp="showUser(this.value)"/><br/>
Search By<br/>
Author<input type="radio" name="query_type" id="Author" onClick="showUser()" checked="checked" style="color: Black"/>or by<input type="radio" name="query_type" id="bookname" onClick="showUser()"/>book name
    </div>
    </form>
<br />
<div id="txtHint"><b>Person info will be listed here.</b></div>

</body>
</html>

file name: validation.php

<!DOCTYPE html>
<html lang="en">
    
    <?php 
    $username=$_POST['uname'];
    $password=$_POST['pass'];
     $conn=mysql_connect('localhost','root','naruto')or die('Error: cannot connect to the MySQL due to this error.<br/>'.mysql_error()); 
     $select_db=mysql_select_db('clc_customer_info')or die('Error: cannot connect to the MySQL due to this error.<br/>'.mysql_error());
     $search="select * from `clc_customer_profile` where `Password` = '$password' and `User_Name`='$username'";
     $querySQL=mysql_query($search)or die('Error: cannot connect to the MySQL due to this error.<br/>'.mysql_error());
     if (mysql_fetch_array($querySQL)>0)
     //validate the log-in
      {?>
    
       <head>
        <meta http-equiv="Refresh" content="5;url=http://localhost:6824/index.php" />
       
    </head>
    <body><form action="index.php" method="get"><input type="hidden" name="username" value="<?php $_POST['uname'] ?>"/>
        </form>
    <div>
    <?php   echo"proceed to next page in 5 secs<br/>";
      }
     else
      {
       echo"input invalid<br/> signing up again in 5 seconds";
      ?>
     <head>
        <meta http-equiv="Refresh" content="5;url=http://localhost:6824/log-in.html" />
    </head>
    <body>
    <div>
    <?php  }
    ?>   
    </div>  
    </body>
</html>

file name:log-in.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
</head>

<body><form id="form1" name="form1" method="post" action="validation.php"><center>
  <table width="200" border="1" cellspacing="2" cellpadding="2" bordercolor="#000000" >
  <caption>
    <table border="0" cellpadding="0"><tr><td bgcolor="#33FF00">register here</td></tr></table>
  </caption>
  <tr>
    <th scope="col"  bgcolor="#FFFF00">Username</th>
    <th scope="col"><span id="sprytextfield1">
    <label>
    <input type="text" name="uname" id="uname" />
    </label>
    <span class="textfieldRequiredMsg">A username is required.</span><span class="textfieldInvalidFormatMsg">Invalid format.</span></span></th>
  </tr>
  <tr>
    <th scope="row" bgcolor="#0099FF">Password</th>
    <td><span id="sprytextfield2">
      <label>
      <input type="password" name="pass" id="pass" />
      </label>
      <span class="textfieldRequiredMsg">A password is required.</span></span></td>
  </tr>
  <tr>
    <th colspan="3" scope="row"><label>
      <input type="submit" name="submitt" id="submitt" value="Submit" />
      <input type="reset" name="clear" id="clear" value="Clear" />
    </label></th>
    </tr>
</table></center>
</form>
<script type="text/javascript">
<!--
var sprytextfield1 = new Spry.Widget.ValidationTextField("sprytextefield1", "custom");
var sprytextfield2 = new Spry.Widget.ValidationTextField("sprytextfield2");
//-->
</script>
</body>
</html>

the problem agenda:
from log-in.html the user will log his/her username and password from there the username textbox will be copied to the <input type="hidden" name="username" value="<?php $_POST ?>". Now I want to GET the value of hidden tag and reveal it in index.php

but the problem is I cannot have connections betwween post and get method... because index.php will search items from the database of books. So this will be get method. on the contrary you cannot get the value of the log-in page because we all know that if we use get for log-in, then we will be prone to hacking. Now what should I do to get the hidden tag's value.

Member Avatar
sDJh
Posting Whiz in Training
268 posts since Aug 2005
Reputation Points: 39 [?]
Q&As Helped to Solve: 32 [?]
Skill Endorsements: 0 [?]
 
0
 

Hi masterjiraya,

never ever send user-credentials via hidden textboxes. Use cookies or even better the inbuilt Session-Management from PHP. Have a look here: http://www.php.net/manual/en/book.session.php. Don't be afraid of the massive text, it's actually very simple (Basic Examples).

Hope that helps, Simon

Member Avatar
ddymacek
Posting Whiz
324 posts since Jun 2010
Reputation Points: 15 [?]
Q&As Helped to Solve: 68 [?]
Skill Endorsements: 0 [?]
 
0
 

If you really really just want to do it from the 'validate' form to index. you can change the action in your form tag.
I believe that your hidden input needs to be the very first thing under your form tag as well

<form action="index.php?username=" method="get">
<input type="hidden" name="username" value="<?php echo $username ?>"/>
/* you are already setting $username at the top of the script, so why not use this variable instead of the $_POST[uname] var you are using in the hidden tag.
The value of your hidden tag will be the first thing that comes across in your post to index.php
*/
Member Avatar
masterjiraya
Posting Whiz
327 posts since Jul 2008
Reputation Points: -3 [?]
Q&As Helped to Solve: 32 [?]
Skill Endorsements: 4 [?]
 
0
 

some how, what I wan to do with my logic on hiiden tag is acting like shwing the user's profile like on facebook or like here in daniweb.com where in wherever or what ever link or page you clicked... the name "Logged in as: XxxXXX" here in daniweb.com shows on the top... again what ever page in daniweb is... the name of the user is still there.

Member Avatar
ddymacek
Posting Whiz
324 posts since Jun 2010
Reputation Points: 15 [?]
Q&As Helped to Solve: 68 [?]
Skill Endorsements: 0 [?]
 
0
 

looking over your code at a quick glance... you are only thinking about how to handle an object like a user at that very moment. your code is elegant, don't get me wrong, but there is a bigger picture, use objects/classes to handle all the data and queries and use minimal php calls on your page. the page is for display of data, it can still call that data but move your code to a class and make calls from your page which will expect data in a specific order or arrangement usually an array of the object. anyway, it seems as though you are having a user 'login' but you don't know how to handle them switching pages. look into $_SESSION and or cookies to pass data between pages while your user is logged in.

Member Avatar
karthik_ppts
Posting Pro
574 posts since Feb 2011
Reputation Points: 81 [?]
Q&As Helped to Solve: 101 [?]
Skill Endorsements: 1 [?]
 
0
 

Session concept is the best way for your need.

----
----
if (mysql_fetch_array($querySQL)>0)
//validate the log-in
{
     session_start();
     $_SESSION["user"]=$username;
?>
 
<head>
<meta http-equiv="Refresh" content="5;url=http://localhost:6824/index.php" />
-----
-----

Now you can use $_SESSION["user"] as user name in all pages by starting the session using session_start().

You
This article has been dead for over three months: Start a new discussion instead
Post:
Start New Discussion
View similar articles that have also been tagged: