0

Please can someone help. When users send details through registration form or signin form, if details are valid, it works fine, but if it invalid. The errors displays on a white page.. The white page is not empty, but displays the error I set.. It redirects to my URL.. Just doesn't show any other content apart from the error.. Please is there anyway to go about it.. I checked the error log in my Apache log files. There's no error reporting there.. I'm super confused

I have also tried using 

error_reporting(E_ALL);
ini_set("display_errors", TRUE); 
ini_set("display_startup_errors",TRUE); 
ini_set("html_errors",0);

Still nothing is showing..

Tried using a hack around it by changing 

header("Location: $comeFrom");
echo "MY ERROR HERE"
die;

To

header("refresh:0; url=$comeFrom");
echo "MY ERROR HERE"
die;

which simply shows the same WSOD with my error briefly and redirects as supposed, but I want the error to show after the page loads not before. Which is impossible for me.

Please someone help me.. Really frustrated

P. S.

$comeFrom = $_SERVER['HTTP_REFERER'];

Still tried to redirect to the index page.. Same issue..

This is my search.php file 

<?php
session_start();
include_once('db.php');
if(!isset($_GET['page']) or $_GET['page']==0 or !preg_match("/^[1-9]*$/", $_GET['page'])){
header("Location: search.php?q=$_GET[q]&page=1");
}else{
$page = $_GET['page'];
}

if (isset($_GET['q']) and !empty($_GET['q'])){
$search=stripslashes(mysqli_real_escape_string($conn,$_GET["q"]));
$do="INSERT INTO search_terms".
"(terms)".
"VALUES".
"('$search')";
mysqli_query ($conn,$do);

}else{
header ("Location: index.php");
}
$pagetitle = "Search";
include_once('includes/header.php');
include_once('includes/log_reg.php');

?>

<body>

<div class="search_body">
<button id="goback" onclick="back()" type="button">Go back</button>
<button id="goforward" onclick="forward()" type="button">Go Forward</button>
<div class="tab">
<button class="tablinks" id="defaultOpen" onclick="openTab(event,'Products')">Properties</button>
<button class="tablinks" onclick="openTab(event, 'Forum')">Forum</button>
<button class="tablinks" onclick="openTab(event, 'Users')">Users</button>
</div>

<div id="Products" class="tabcontents">
<?php
include_once('db.php');
$per_page=6;
$start = (($page - 1) * $per_page);
$sql="SELECT * FROM table LIKE '%$search%'";
$pages_query=mysqli_query($conn,$sql) or die("Bad Query: $sql");
$number = mysqli_num_rows($pages_query);
$number = number_format($number);
ceil($pages = $number/$per_page); 

$sql2="SELECT * FROM table LIMIT $start,$per_page";
$result = mysqli_query ($conn,$sql2);
if ($number == 0) {
echo " ";}else{
   if($page > 1){
      echo "<a class='pagination' href=search.php?q=$_GET[q]&page=1>FIRST</a>";
      if ($page > 2){
      echo "<a class='pagination' href=search.php?q=$_GET[q]&page=". ($page - 2).">&#8810;</a>";
      }
      echo "<a class='pagination' href=search.php?q=$_GET[q]&page=".($page - 1).">&lt;</a>";
  }
 }
 $skipped = false;

 for ($i = 1; $i <= $pages + 1; $i++) {
 if ($page == $i){
     echo "<a class='actived' href=search.php?q=$_GET[q]&page=".$i.">".$i."</a>";
 }else{
     if ($i < 1 || ($pages) - $i < 1 || abs($page - $i) < 2) {
         if($skipped)
             echo '<span> ... </span>';
         $skipped = false;
echo "<a class='pagination' href=search.php?q=$_GET[q]&page=".$i.">".$i."</a>";
}else{
$skipped = true;
} 
}
}
if ($number == 0) {
echo "";
}else{
if($page < $pages){
      echo "<a class='pagination' href=search.php?q=$_GET[q]&page=".($page + 1).">&gt;</a>";
      if ($page < ($pages - 1)){
      echo "<a class='pagination' href=search.php?q=$_GET[q]&page=".($page + 2).">&#8811;</a>";
      }
      echo "<a class='pagination' href=search.php?q=$_GET[q]&page=".ceil($pages).">LAST</a>";
  }
if ($page == 1){
 if ($number < $per_page ) {
 echo "<br> Current page: $page <small>(Showing 1-$number of $number results)</small>";
 }else{
 echo "<br> Current page: $page <small>(Showing 1-$per_page of $number results)</small>";
 }}elseif ($page > 1){
if ($page == ceil($pages)) {
     if ($number % 2 == 1){
         if($page = $pages){
             $cal = $number % $per_page;
             $cal2 = ($number - $cal) + 1;
             echo "<br> Current page: ". ceil($page). " <small>(Showing result ".$cal2. "-".($number)."  of $number)</small>";
         }else{
  echo "<br> Current page: $page <small>(Showing ".($start + 1)."-".($start + ($per_page - 1)) ." of $number)</small>";
     }}elseif ($number % 2 == 0 and $page=$pages){
             $cal = $number % $start;
             $cal2 = ($number - $cal) + 1;
             echo "<br> Current page: ".ceil($page)." <small>(Showing result ".$cal2. "-".($number)."  of $number)</small>";
             }elseif ($number % 2 == 0){
    echo "<br> Current page: $page <small>(Showing ".($start + 1)."-". ($start + ($per_page)) ." of $number)</small>";   
     }
}else{
    echo "<br> Current page: $page <small>(Showing ".($start + 1)."-".($start + $per_page) ." of $number)</small>"; 
}
}
}

if ($number>0){
    echo "<p id='search'>" .$number. " results found for '$search' in </p>";
}       else{
    echo "<p id='search'>" .$number. " results found for '$search'. Try a   different search term </p>";
}
echo "<h3>tab 1</h3>";
echo "<div class='my_results'>"
?>
<?php
            while($row=mysqli_fetch_assoc($result)){
                $calc = round(3/2.7, 1);
?>

 <div class="results">
 //results here
 </div>
<?php } ?>

my header include file from above code contains this 

<?php 
$root= $_SERVER['DOCUMENT_ROOT'];
include($root."/db.php");
$prefix = 'http://'.$_SERVER['SERVER_NAME'].'/';
error_reporting(E_ALL & ~E_DEPRECATED & ~E_STRICT);
ini_set('display_errors', TRUE);
ini_set('display_startup_errors', TRUE);
ini_set('html_errors', 0);  
if (isset($_POST['login'])){
require_once($root."/Hostels/login.inc.php");
}if (isset($_POST['register'])){
    require_once($root."/Hostels/register.inc.php");
}
?>

And my log_reg include is more like a pop_up login file which was included on all pages and on submision requires the register.inc.php file below

This is my register.inc.php FILE

<?php
include('db.php');
$comeFrom = $_SERVER['HTTP_REFERER'];

//session variables to be diaplayed on the profile
if ($_SERVER["REQUEST_METHOD"]==="POST"){
$_SESSION['username']=$_POST['username'];
$_SESSION['firstname']=$_POST['firstname'];
$_SESSION['lastname']=$_POST['lastname'];
$_SESSION['email']=$_POST['email'];
$_SESSION['gender']=$_POST['gender'];
$_SESSION['state']=$_POST['state'];
$_SESSION['dob']=$_POST['dob'];
$user['user_id']=@$_SESSION['user_id'];

//escaping the strings

$username=mysqli_real_escape_string($conn,$_POST['username']);
$firstname=mysqli_real_escape_string($conn,$_POST['firstname']);
$lastname=mysqli_real_escape_string($conn,$_POST['lastname']);
$email=mysqli_real_escape_string($conn,$_POST['email']);
$gender=mysqli_real_escape_string($conn,$_POST['gender']);
$state=mysqli_real_escape_string($conn,$_POST['state']);
$dob=mysqli_real_escape_string($conn,$_POST['dob']);
$password=mysqli_real_escape_string($conn,password_hash($_POST['password'],PASSWORD_BCRYPT));
$hash=mysqli_real_escape_string($conn,md5(uniqid(rand())));
$result=mysqli_query($conn,"SELECT * FROM users WHERE email='$email' OR   username='$username'");
if (strlen($username)<3) { 
header ("Locaton: $comeFrom", true); 
?>
<div id='error1' class= "alert alert-danger"  style="position:absolute;z-index:1000;top:30px;left:50%;"><?php echo    "Username should be atleast 3 characters";?><span class="closeerror"   onclick="document.getElementById('error1').style.display='none'">&times;  </span></div>
<?php
die;
}elseif (strlen($firstname)<3) {
header ("Locaton: $comeFrom", true); 
?>
<div id='error2' class= "alert alert-danger" style="position:absolute;z-index:1000;top:30px;left:50%;"><?php echo "Firstname should be atleast 3 characters";?><span class="closeerror" onclick="document.getElementById('error2').style.display='none'">&times;</span></div>
<?php
die;
}elseif (strlen($lastname)<3) { 
header ("Locaton: $comeFrom", true); ; 
?>
<div id='error3' class= "alert alert-danger" style="position:absolute;z-index:1000;top:30px;left:50%;"><?php echo "Lastname should be atleast 3 characters";?><span class="closeerror" onclick="document.getElementById('error3').style.display='none'">&times;</span></div>
<?php
die;
}elseif(strlen($_POST["password"])<8) { 
header ("Locaton: $comeFrom", true);  
?>
<div id='error4' class= "alert alert-danger" style="position:absolute;z-index:1000;top:30px;left:50%;"><?php echo "Password must be atleast eight characters long";?><span class="closeerror" onclick="document.getElementById('error4').style.display='none'">&times;</span></div>
<?php
die;
}elseif($_POST["password"] != $_POST["confirm_password"]) { 
header ("Locaton: $comeFrom", true);  
?>
<div id='error5' class= "alert alert-danger" style="position:absolute;z-index:1000;top:30px;left:50%;"><?php echo "Password in both fields do not match, please try again.";?><span class="closeerror" onclick="document.getElementById('error5').style.display='none'">&times;</span></div>
<?php
die;
}
if(mysqli_num_rows($result)>0){ 
header ("Locaton: $comeFrom", true); 
?>
<div id='error6' class= "alert alert-danger" style="position:absolute;z-index:1000;top:3%;left:50%;"><?php echo "Email or username is already in use, please enter another";?><span class="closeerror" onclick="document.getElementById('error6').style.display='none'">&times;</span></div>
<?php
die;
}else{//does not exist so we proceed and add user to database
$sql="INSERT INTO users".
"(username,firstname,lastname,email,gender,state,dob,password,hash)".
"VALUES".
"('$username','$firstname','$lastname','$email','$gender','$state','$dob','$p assword','$hash');";
mysqli_query($conn,$sql);

$sql2="SELECT * FROM users WHERE username='$username' AND   firstname='$firstname'";
$result=mysqli_query($conn,$sql2);
if(mysqli_num_rows($result)>0){
while($user=mysqli_fetch_assoc($result)){
$user_id=$user["user_id"];
$sqlimg="INSERT INTO profile_img".
"(user_id)".
"VALUES".
"('$user_id');";
mysqli_query($conn,$sqlimg);
}
}else{
$_SESSION["error"]="Error signing up, please try again or contact us to rectify";
}

$_SESSION["active"]=0;
$user['user_id']=@$_SESSION['user_id'];
//know when the user is logged in
$_SESSION["logged_in"]=false; 
if($_SESSION["logged_in"]=false){
$sqli="SELECT * FROM user WHERE email='$email' and username='$username'";
$result=mysqli_query($conn,$sqli);
while($user=mysqli_fetch_assoc($result)){
    $user['user_id']=$_SESSION["user_id"];
}
}
$_SESSION["message"]=

    "Confirmation message has been sent to your email, please click on the link for full account activation";

    $to=$email;
    $subject="Account Verification";
    $message_body='
    <html>
<head>
<title>Mail Confirmation</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no">
<style>

</style>
</head>
<body>
<span class="name">Hello <span class="user">'.$username.',</span> <br></span><br>
    <div class="message">
    Thank you for signing up with us, we will do our best to provide you with an awesome experience.<br>

    However, your account needs to be fully active, click on the button below to activate your account:<br><br>

    <a class="btn-new" href="http://localhost/login-system /verify.php?email='.$email. '&hash='.$hash. '">Verify Me</a>
</div>
</body></html>';
$headers[] = 'MIME-Version: 1.0';
$headers[] = 'Content-type: text/html; charset=UTF-8';

// Additional headers
$headers[] = 'From:';
$headers[] = 'Cc: Makzino@example.com';
$headers[] = 'Bcc: Makz@example.com';

// Mail it
mail($to, $subject, $message_body, implode("\r\n", $headers));
$_SESSION['success']="Hello $username!!! Registration was successful,   please proceed to login. Thank you";

}}else{
$_SESSION["error"]="Registration failed";
}

mysqli_close($conn);
?>

So on successful completion it sends me an email using my smtp4dev. But if an error occurs. Goes to the white page and displays just the error with no other html content.

I apologize if the codes are messy, new to stack overflow. Thanks in advance

Makzino
  • 43
  • 9
  • What error is shown? – Geshode Jan 10 '18 at 08:16
  • The error I set.. Like "email already existing, or password entered was incorrect" – Makzino Jan 10 '18 at 08:18
  • Then I don't really understand your question. But why don't you just make an extra error page and send the user to that, if details are invalid? – Geshode Jan 10 '18 at 08:27
  • The redirect is not the issue... It redirects to the page I want it to.. On the URL, it shows the URL which it came from, but only the error like "EMAIL IS ALREADY IN USE" is sitting on the redirect page.. So even if I should redirect to a created error page.. It will go to that error page, but display a white page with just the error on it.. No CsS, no content, nothing.. – Makzino Jan 10 '18 at 08:32
  • Then you have to edit your post to show the complete error message and the code, which you used. Otherwise it is not possible to help with this little context. – Geshode Jan 10 '18 at 08:34
  • okay.. will do just that.. – Makzino Jan 10 '18 at 08:36

1 Answers1

0

Thanks, I have sorted it out,, it was not reporting any error because there was actually no error to report.. I just placed the log_reg file before my code, which was killing other outputs that follows because of the Die() call.. I only took the include("log_reg") file to the bottom of the page and it was sorted.. Just incase anyone runs into something similar..

Makzino
  • 43
  • 9