PHP header() and hiden form fields
Hey guys. My problem is as follows:
I have a simple registration page which presents the user with a login page. The user will use a unique password in the login page then go to the registration page. Once registation is filled out correctly they are sent to an optional survey page. It is in that survey page that I am trying to invalidate the password. The problem is that I cannot seem to pass the password variable forward ... according to some people in IRC, it is because of the use of my header redirect. So I tried to pass the password through the header but I can't seem to get it to propigate to the 3rd page. Could someone give me a way to pass the password variable forward?
To clarify:
login.php --> register.php --> survey.php (in survey.php the password used in login.php must be invalidated ... but I can't pass it)
Code for login.php: **************************
<?
include('./script/connect2
include('./script/startses
if(isset($_POST['password'
{
$query = 'select * from random where random_number = "'.$_POST['password'].'"';
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result,
if($row['used'] == "N")
{
//header("Location: /loggedin/test.php");
header('Location: /loggedin/register.php?pas
}
if($row['used'] == "Y")
{
echo "<br><br><br><br><br><br><
echo "<b><center><font color = 'red' size = '+2'>";
echo "Ticket Registration Code Already Verified"."</font></center
?>
<html>
<head>
<script language = "javascript">
function focus(){
login.password.focus();
}
</script>
<title>Rigstar Movie Invitation - Login</title>
</head>
<body onLoad = "focus()">
<center>
<img src = "./images/logo.jpg"><br>
Please insert Ticket Registration Code<br><br>
<form action = "<? echo $_SERVER['PHP_SELF']?>" method = "POST" name = "login">
<input type = "text" name = "password" size = "5"><br><br>
<input type = "hidden" name = "hpassword" value = "<?=$_POST['password']?>">
<input type = "submit" value = "Submit" name = "submit">
<input type = "reset" value = "Clear">
</form>
</center>
</body>
</html>
<?
}
if(!($row))
{
echo "<br><br><br><br><br><br><
echo "<b><center><font color = 'red' size = '+2'>";
echo "Incorrect Ticket Registration Code"."</font></center></b
?>
<html>
<head>
<script language = "javascript">
function focus(){
login.password.focus();
}
</script>
<title>Rigstar Movie Invitation - Login</title>
</head>
<body onLoad = "focus()">
<center>
<img src = "./images/logo.jpg"><br>
Please insert Ricket Registration Code<br><br>
<form action = "<? echo $_SERVER['PHP_SELF']?>" method = "POST" name = "login">
<input type = "text" name = "password" size = "5"><br><br>
<input type = "hidden" name = "hpassword" value = "<?=$_POST['password']?>">
<input type = "submit" value = "Submit" name = "submit">
<input type = "reset" value = "Clear">
</form>
</center>
</body>
</html>
<?
}
}
else
{?>
<html>
<head>
<script language = "javascript">
function focus(){
login.password.focus();
}
</script>
<title>Rigstar Movie Invitation - Login</title>
</head>
<body onLoad = "focus()">
<center>
<br><br><br><br><br><br><b
<img src = "./images/logo.jpg"><br>
Please insert Ticket Registration Code<br><br>
<form action = "<? echo $_SERVER['PHP_SELF']?>" method = "POST" name = "login">
<input type = "text" name = "password" size = "5"><br><br>
<input type = "hidden" name = "hpassword" value = "<?=$_POST['password']?>">
<input type = "submit" value = "Submit" name = "submit">
<input type = "reset" value = "Clear">
</form>
</center>
</body>
</html>
<?
}
mysql_close();
?>
Code for register.php **************************
<?
include('../script/connect
include('../script/startse
if($_POST['submitted'])
{
$query = "insert into INFORMATION
(information_id, email, fname, lname, bus_add, mail_add1, mail_add2, city, province, postal_code, bus_phone)
VALUES (',','$_POST[email]','$_PO
$result = mysql_query($query) or die(mysql_error());
header('Location: /loggedin/survey.php?passw
}
?>
<html>
<head>
<title>Rigstar Movie Invitation - Registration</title>
<script language = "javascript" src ="../script/embed.js">
</script>
</head>
<body>
<p align="center"> </p>
<div align="center">
<center>
<img src = "../images/logo.jpg" width="450" height="150">
<form action = "<? echo $_SERVER['PHP_SELF']?>" method = "POST" name = "information">
<input type = "hidden" name = "hpassword" value = "<?=$_POST['password']?>">
<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="53%" id="AutoNumber1">
<tr>
<td width="169%" align="right" colspan="3" bgcolor="#FF0000">
<p align="center"><font color="#FFFFFF" face="Times New Roman">Please Enter the Following
Information to Register</font></td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>email address: </b> </td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "email" size="33"></td>
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#FFFFFF" style="border-right-style:
<td width="53%" bgcolor="#FFFFFF" align="center" style="border-style: none; border-width: medium"> </td>
<td width="77%" align="center" bgcolor="#FFFFFF" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>first name:</b></td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "fname" size = "33"></td>
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#FFFFFF" style="border-right-style:
<td width="53%" bgcolor="#FFFFFF" align="center" style="border-style: none; border-width: medium"> </td>
<td width="77%" align="center" bgcolor="#FFFFFF" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>last name:</b></td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "lname" size = "33"></td>
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#FFFFFF" style="border-right-style:
<td width="53%" bgcolor="#FFFFFF" align="center" style="border-style: none; border-width: medium"> </td>
<td width="77%" align="center" bgcolor="#FFFFFF" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>business address:</b></td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "bus_add" size = "33"></td size="20">
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#FFFFFF" style="border-right-style:
<td width="53%" bgcolor="#FFFFFF" align="center" style="border-style: none; border-width: medium"> </td>
<td width="77%" align="center" bgcolor="#FFFFFF" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>mailing address 1:</b></td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "mail_add1" size = "33"></td>
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#C0C0C0" style="border-right-style:
<b>mailing address 2:</b></td>
<td width="53%" bgcolor="#C0C0C0" align="center" style="border-style: none; border-width: medium">
<input type = "text" name = "mail_add2" size = "33"></td>
<td width="77%" align="center" bgcolor="#C0C0C0" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" bgcolor="#C0C0C0" style="border-right-style:
<b>city:</b></td>
<td width="53%" bgcolor="#C0C0C0" align="center" style="border-style: none; border-width: medium">
<input type = "text" name = "city" size = "33"></td>
<td width="77%" align="center" bgcolor="#C0C0C0" style="border-left-style: none; border-left-width: medium">
<font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#C0C0C0" style="border-right-style:
<b>province:</b></td>
<td width="53%" bgcolor="#C0C0C0" align="center" style="border-style: none; border-width: medium">
<input type = "text" name = "province" size = "33"></td>
<td width="77%" align="center" bgcolor="#C0C0C0" style="border-left-style: none; border-left-width: medium">
<font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#C0C0C0" style="border-right-style:
<b>postal code:</b></td>
<td width="53%" bgcolor="#C0C0C0" align="center" style="border-style: none; border-width: medium">
<input type = "text" name = "postal_code" size = "33"></td>
<td width="77%" align="center" bgcolor="#C0C0C0" style="border-left-style: none; border-left-width: medium">
<font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#FFFFFF" style="border-right-style:
<td width="53%" bgcolor="#FFFFFF" align="center" style="border-style: none; border-width: medium"> </td>
<td width="77%" align="center" bgcolor="#FFFFFF" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>business phone number:</b></td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "bus_phone" size = "33"></td>
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="169%" align="right" colspan="3" bgcolor="#FF0000">
<p align="left"> </td>
</tr>
</table>
<br>
<input type = "submit" name = "submitted" value = "Submit Registration" onClick = "return checkWholeForm()"> <i
</form>
<font color = "FF0000">* Denotes a Required Field
</center>
</div>
</body>
</html>
Code for survey.php **************************
<?
include('../script/connect
include('../script/startse
$insert = 'UPDATE random SET used`=\'Y\' WHERE random_number = '.$_GET['password'].'';
$inserted = mysql_query($inserted) or die(mysql_error());
?>
The page can be viewed at http://jayce.kicks-ass.org ... password is 81012
I have a simple registration page which presents the user with a login page. The user will use a unique password in the login page then go to the registration page. Once registation is filled out correctly they are sent to an optional survey page. It is in that survey page that I am trying to invalidate the password. The problem is that I cannot seem to pass the password variable forward ... according to some people in IRC, it is because of the use of my header redirect. So I tried to pass the password through the header but I can't seem to get it to propigate to the 3rd page. Could someone give me a way to pass the password variable forward?
To clarify:
login.php --> register.php --> survey.php (in survey.php the password used in login.php must be invalidated ... but I can't pass it)
Code for login.php: **************************
<?
include('./script/connect2
include('./script/startses
if(isset($_POST['password'
{
$query = 'select * from random where random_number = "'.$_POST['password'].'"';
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result,
if($row['used'] == "N")
{
//header("Location: /loggedin/test.php");
header('Location: /loggedin/register.php?pas
}
if($row['used'] == "Y")
{
echo "<br><br><br><br><br><br><
echo "<b><center><font color = 'red' size = '+2'>";
echo "Ticket Registration Code Already Verified"."</font></center
?>
<html>
<head>
<script language = "javascript">
function focus(){
login.password.focus();
}
</script>
<title>Rigstar Movie Invitation - Login</title>
</head>
<body onLoad = "focus()">
<center>
<img src = "./images/logo.jpg"><br>
Please insert Ticket Registration Code<br><br>
<form action = "<? echo $_SERVER['PHP_SELF']?>" method = "POST" name = "login">
<input type = "text" name = "password" size = "5"><br><br>
<input type = "hidden" name = "hpassword" value = "<?=$_POST['password']?>">
<input type = "submit" value = "Submit" name = "submit">
<input type = "reset" value = "Clear">
</form>
</center>
</body>
</html>
<?
}
if(!($row))
{
echo "<br><br><br><br><br><br><
echo "<b><center><font color = 'red' size = '+2'>";
echo "Incorrect Ticket Registration Code"."</font></center></b
?>
<html>
<head>
<script language = "javascript">
function focus(){
login.password.focus();
}
</script>
<title>Rigstar Movie Invitation - Login</title>
</head>
<body onLoad = "focus()">
<center>
<img src = "./images/logo.jpg"><br>
Please insert Ricket Registration Code<br><br>
<form action = "<? echo $_SERVER['PHP_SELF']?>" method = "POST" name = "login">
<input type = "text" name = "password" size = "5"><br><br>
<input type = "hidden" name = "hpassword" value = "<?=$_POST['password']?>">
<input type = "submit" value = "Submit" name = "submit">
<input type = "reset" value = "Clear">
</form>
</center>
</body>
</html>
<?
}
}
else
{?>
<html>
<head>
<script language = "javascript">
function focus(){
login.password.focus();
}
</script>
<title>Rigstar Movie Invitation - Login</title>
</head>
<body onLoad = "focus()">
<center>
<br><br><br><br><br><br><b
<img src = "./images/logo.jpg"><br>
Please insert Ticket Registration Code<br><br>
<form action = "<? echo $_SERVER['PHP_SELF']?>" method = "POST" name = "login">
<input type = "text" name = "password" size = "5"><br><br>
<input type = "hidden" name = "hpassword" value = "<?=$_POST['password']?>">
<input type = "submit" value = "Submit" name = "submit">
<input type = "reset" value = "Clear">
</form>
</center>
</body>
</html>
<?
}
mysql_close();
?>
Code for register.php **************************
<?
include('../script/connect
include('../script/startse
if($_POST['submitted'])
{
$query = "insert into INFORMATION
(information_id, email, fname, lname, bus_add, mail_add1, mail_add2, city, province, postal_code, bus_phone)
VALUES (',','$_POST[email]','$_PO
$result = mysql_query($query) or die(mysql_error());
header('Location: /loggedin/survey.php?passw
}
?>
<html>
<head>
<title>Rigstar Movie Invitation - Registration</title>
<script language = "javascript" src ="../script/embed.js">
</script>
</head>
<body>
<p align="center"> </p>
<div align="center">
<center>
<img src = "../images/logo.jpg" width="450" height="150">
<form action = "<? echo $_SERVER['PHP_SELF']?>" method = "POST" name = "information">
<input type = "hidden" name = "hpassword" value = "<?=$_POST['password']?>">
<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="53%" id="AutoNumber1">
<tr>
<td width="169%" align="right" colspan="3" bgcolor="#FF0000">
<p align="center"><font color="#FFFFFF" face="Times New Roman">Please Enter the Following
Information to Register</font></td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>email address: </b> </td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "email" size="33"></td>
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#FFFFFF" style="border-right-style:
<td width="53%" bgcolor="#FFFFFF" align="center" style="border-style: none; border-width: medium"> </td>
<td width="77%" align="center" bgcolor="#FFFFFF" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>first name:</b></td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "fname" size = "33"></td>
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#FFFFFF" style="border-right-style:
<td width="53%" bgcolor="#FFFFFF" align="center" style="border-style: none; border-width: medium"> </td>
<td width="77%" align="center" bgcolor="#FFFFFF" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>last name:</b></td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "lname" size = "33"></td>
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#FFFFFF" style="border-right-style:
<td width="53%" bgcolor="#FFFFFF" align="center" style="border-style: none; border-width: medium"> </td>
<td width="77%" align="center" bgcolor="#FFFFFF" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>business address:</b></td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "bus_add" size = "33"></td size="20">
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#FFFFFF" style="border-right-style:
<td width="53%" bgcolor="#FFFFFF" align="center" style="border-style: none; border-width: medium"> </td>
<td width="77%" align="center" bgcolor="#FFFFFF" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>mailing address 1:</b></td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "mail_add1" size = "33"></td>
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#C0C0C0" style="border-right-style:
<b>mailing address 2:</b></td>
<td width="53%" bgcolor="#C0C0C0" align="center" style="border-style: none; border-width: medium">
<input type = "text" name = "mail_add2" size = "33"></td>
<td width="77%" align="center" bgcolor="#C0C0C0" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" bgcolor="#C0C0C0" style="border-right-style:
<b>city:</b></td>
<td width="53%" bgcolor="#C0C0C0" align="center" style="border-style: none; border-width: medium">
<input type = "text" name = "city" size = "33"></td>
<td width="77%" align="center" bgcolor="#C0C0C0" style="border-left-style: none; border-left-width: medium">
<font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#C0C0C0" style="border-right-style:
<b>province:</b></td>
<td width="53%" bgcolor="#C0C0C0" align="center" style="border-style: none; border-width: medium">
<input type = "text" name = "province" size = "33"></td>
<td width="77%" align="center" bgcolor="#C0C0C0" style="border-left-style: none; border-left-width: medium">
<font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#C0C0C0" style="border-right-style:
<b>postal code:</b></td>
<td width="53%" bgcolor="#C0C0C0" align="center" style="border-style: none; border-width: medium">
<input type = "text" name = "postal_code" size = "33"></td>
<td width="77%" align="center" bgcolor="#C0C0C0" style="border-left-style: none; border-left-width: medium">
<font color="#FF0000">*</font></
</tr>
<tr>
<td width="39%" align="right" bgcolor="#FFFFFF" style="border-right-style:
<td width="53%" bgcolor="#FFFFFF" align="center" style="border-style: none; border-width: medium"> </td>
<td width="77%" align="center" bgcolor="#FFFFFF" style="border-left-style: none; border-left-width: medium"> </td>
</tr>
<tr>
<td width="39%" align="right" style="border-right-style:
<b>business phone number:</b></td>
<td width="53%" align="center" style="border-style: none; border-width: medium" bgcolor="#C0C0C0">
<input type = "text" name = "bus_phone" size = "33"></td>
<td width="77%" align="center" style="border-left-style: none; border-left-width: medium" bgcolor="#C0C0C0"><font color="#FF0000">*</font></
</tr>
<tr>
<td width="169%" align="right" colspan="3" bgcolor="#FF0000">
<p align="left"> </td>
</tr>
</table>
<br>
<input type = "submit" name = "submitted" value = "Submit Registration" onClick = "return checkWholeForm()"> <i
</form>
<font color = "FF0000">* Denotes a Required Field
</center>
</div>
</body>
</html>
Code for survey.php **************************
<?
include('../script/connect
include('../script/startse
$insert = 'UPDATE random SET used`=\'Y\' WHERE random_number = '.$_GET['password'].'';
$inserted = mysql_query($inserted) or die(mysql_error());
?>
The page can be viewed at http://jayce.kicks-ass.org ... password is 81012
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Glad I could help you! =)
ASKER