search

thedigicraft / Atom.CMS

Atom.CMS
56 stars 52 forks source link

video 58 Checking for Passwords Submission #79

Open paulrusan opened 9 years ago

paulrusan commented 9 years ago

Hello Allan, Up till this video everything was going smooth, but now I got stuck to this issue. I would appreciate it if you can take a quick look at it. here is the image capture1

and here is my code


<?php

switch ($page) {
    case 'dashboard':

        break;

    case'pages':

            if (isset($_POST['submitted']) == 1) {

        $title = mysqli_real_escape_string($dbc, $_POST['title']);
        $label = mysqli_real_escape_string($dbc, $_POST['label']);
        $header = mysqli_real_escape_string($dbc, $_POST['header']);
        $body = mysqli_real_escape_string($dbc, $_POST['body']);

        if (isset($_POST['id']) AND $_POST['id'] != '') {
            $action = 'updated';
            $q = "UPDATE pages SET user = $_POST[user], slug = '$_POST[slug]', title ='$title', label ='$label', header ='$header', body ='$body' WHERE id = $_GET[id]";

        } else {
            $action = 'added';
            $q = "INSERT INTO pages (user, slug, title, label, header, body) VALUES ($_POST[user],'$_POST[slug]', '$title', '$label', '$header', '$body')";
        }

        $r = mysqli_query($dbc, $q);

        if ($r) {
            $message = '<p>Page was ' . $action . !'</p>';

        } else {

            $message = '<p>Page could not be ' . $action . !' because: ' . mysqli_error($dbc);
            $message = '<p>' . $q . '</p>';

        }
    }
            if (isset($_GET['id'])) { $opened = data_page($dbc, $_GET['id']); }
        break;

    case 'users':

        if (isset($_POST['submitted']) == 1) {

        $first = mysqli_real_escape_string($dbc, $_POST['first']);
        $last = mysqli_real_escape_string($dbc, $_POST['last']);

        if ($_POST['password'] != '') {

            if ($_POST['password']==$_POST['passwordv']){

            $password = "password = SHA1('$_POST[password]'),";

            }
        }

        if (isset($_POST['id']) AND $_POST['id'] != '') {
            $action = 'updated';
            $q = "UPDATE users SET first ='$first', last ='$last', $password status =$_POST[status], WHERE id = $_GET[id]";

        } else {
            $action = 'added';
            $q = "INSERT INTO users (first, last, password, status) VALUES ('$first', '$last', SHA1($_POST[password]'), '$_POST[status])";
        }

        $r = mysqli_query($dbc, $q);

        if ($r) {
            $message = '<p>User was ' . $action . !'</p>';

        } else {

            $message = '<p>User could not be ' . $action . !' because: ' . mysqli_error($dbc);
            $message = '<p>' . $q . '</p>';

        }
    }
        if (isset($_GET['id'])) { $opened = data_user($dbc, $_GET['id']); } 
        break;

    case 'settings':

        break;      

    default:

        break;
}

?>
creptor commented 9 years ago

maybe you haven't defined the password and passwordv input names, and you could have repeated $password varyable, that happened to me, maybe if you change it to $formpass it can be fixed.

If that is not the issue please be more specific.

creptor commented 9 years ago

maybe the variable of the name in the form is repited, try to use another, or look through the form, because that 1 can't come from another place.