adicrst Posted March 15, 2008 Share Posted March 15, 2008 I want to create a form that will insert some news in a database, but to be restricted only to the owner that his username and pass are saved in the db, i made a small autentification. I have 2 files, autentificare.php and stiri.php-the fileautentificare.php has the purpouse to verify if the dates filled in the log in form are the same with the dates in the db-if the autentification is not made, the user is sent to the stiri.php page but a warning that sais he's not allowed is apearing. If the autentification is made corectly then he is sent to the stiri.php page again but a form for the news is showing on the pageWhat it doesn't work is that the news are not inserted in the database..i have 2 tables:DATE: id | user | pass| codSTIRI: id | titlu | continut | data here are the filesautentificare.php <?php $con = mysql_connect("localhost","root","");if (!$con) { die ("Conectare esuata!".mysql_error()); }mysql_select_db("pink_maindb",$con);$cod_generat = rand(0,9999); mysql_query("UPDATE date SET cod='$cod_generat' WHERE id='1' ");?><html><body> <form action="stiri.php" method="post"> User: <input type="text" name="user"><br> Pass: <input type="password" name="pass"><br> Cod: <input type="text" name="cod" size="5" maxlength="4"> <?php echo "<b> $cod_generat </b><< Introduceti codul afisat !"; ?><br><br> <input type="submit" value="trimite"> </form></body></html> and stiri.php <?php $con = mysql_connect("localhost","root","");if (!$con) { die ("Conectare esuata!".mysql_error()); }mysql_select_db("pink_maindb",$con);$select = mysql_query("SELECT user,pass,cod FROM date where ID=1"); while ($row=mysql_fetch_array($select)) { $usere = $row['user']; //usere este userul existent in db $passe = $row['pass']; //passe este parola existenta in db $code = $row['cod']; //code este codul existent in db }if (($usere == $_POST['user']) && ($passe == $_POST['pass']) && ($code == $_POST['cod'])) { echo "<Bine ai venit <b>".$_POST['user']."</b>"; echo "Completati urmatorul formular pentru a afisa o stire noua pe site<br><br> <form action='' method='post'> Titlu: <input type='text' name='titlu'><br> Continut: <textarea rows='15' cols='40' name='continut'></textarea><br> <input type='submit' value='trimite'> </form>"; $data = date("Y-m-d"); mysql_query("INSERT INTO stiri(titlu,continut,data) VALUES('$_POST[titlu]','$_POST[continut]','$data')"); }else echo "Datele furnizate nu sunt corecte !"; ?><a href="autentificare.php">BACK</a> this part doesn't work because there isn't anything inserted in the db,beside the DATE if (($usere == $_POST['user']) && ($passe == $_POST['pass']) && ($code == $_POST['cod'])) { echo "<Bine ai venit <b>".$_POST['user']."</b>"; echo "Completati urmatorul formular pentru a afisa o stire noua pe site<br><br> <form action='trimis.php' method='post'> Titlu: <input type='text' name='titlu'><br> Continut: <textarea rows='15' cols='40' name='continut'></textarea><br> <input type='submit' value='trimite'> </form>"; $data = date("Y-m-d"); mysql_query("INSERT INTO stiri(titlu,continut,data) VALUES('$_POST[titlu]','$_POST[continut]','$data')"); } how can i corect it ? Link to comment Share on other sites More sharing options...
justsomeguy Posted March 15, 2008 Share Posted March 15, 2008 Where do you insert into the date table? Wouldn't it be easier to use the session to store the random code?http://www.php.net/manual/en/ref.session.php Link to comment Share on other sites More sharing options...
adicrst Posted March 15, 2008 Author Share Posted March 15, 2008 i don't insert into the date table, because the data will be inserted manually. It's only the owner of the site that has a username and a password. Link to comment Share on other sites More sharing options...
justsomeguy Posted March 15, 2008 Share Posted March 15, 2008 I'm confused what the problem is, which part are you having problems with? Link to comment Share on other sites More sharing options...
adicrst Posted March 16, 2008 Author Share Posted March 16, 2008 it's ok , i managed to figure it out. The problem was in the IF statement, bc i wanted something to b inserted allready in the database right after the form would show up. So i made another IF statement for the database inserting Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.