-2

when i press the 'continue' button i'm redirected to form's php functions file ( localhost/install/hamburgher.php ),but that must check if the code is correct or it will display an error.

hamburgher.php (functions on clicking of the button):

<?php 
session_start();

// connect to database
$db = mysqli_connect('localhost', 'root', '');
mysqli_select_db($db,"licensecode");


// escape string
function e($val){
    global $db;
    return mysqli_real_escape_string($db, trim($val));
}

$errors = array(); 

function display_error() {
    global $errors;

    if (count($errors) > 0){
        echo '<div class="alert alert-danger">';
            foreach ($errors as $error){
                echo $error .'<br>';
            }
        echo '</div>';
    }
}

if (isset($_POST['btn_lic']) && $_POST['btn_lic'] == 1)) 
{
    checkkey();
}
else
{
    array_push($errors, "License key is invalid.");
}

// USER
function checkkey(){
    global $db, $username, $errors;

    // grap form values
    $key = e($_POST['key-get']);
    // make sure form is filled properly
    if (empty($key)) {
        array_push($errors, "A license key is required.");
    }

    // attempt login if no errors on form
    if (count($errors) == 0) 
    {
        $password = md5($password);

        $query = "SELECT * FROM licenses WHERE code='$key' LIMIT 1";
        $results = mysqli_query($db, $query);

        if (mysqli_num_rows($results) == 1) 
        { // found
            // check
            $keycode = mysqli_fetch_assoc($results);
            if($keycode['expired'] == 1)
            {
                array_push($errors, "This license has expired.");
            }
            else
            {
                header('location: step_4.php');
            }
        }
        else 
        {
            array_push($errors, "License key is invalid.");
        }
    }
    else {
            array_push($errors, "Some errors there.");
    }
}

Form file - step_3.php:

<?php

        include('hamburgher.php');
        require_once("settings.inc");    

        if (file_exists($config_file_path)) {        
        header("location: ".$application_start_file);
            exit;
      } 

    ?>
    <!DOCTYPE html>
    <html lang="en">
    <head>
    <title><?php echo $application_name;?> Instalation Wizard - 3</title>
    <link rel="icon" href="images/brand/favicon.png" type="image/x-icon" />
    <link rel="stylesheet" type="text/css" href="styles/basic.css">
    <link href="https://fonts.googleapis.com/css?family=Muli&display=swap" rel="stylesheet">
    <link rel="stylesheet" type="text/css" href="styles/bootstrap.min.css">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    </head>


    <body>
    <center>
    <div class="card">
      <img src="../images/brand/logo_wide.png" alt="Thos Host Complete Solutions">
      <form method="post" action="hamburgher.php">
      <input type="hidden" name="submit" value="step2" /> 
        <div class="container">
          <b><div style="font-family: 'Muli', sans-serif;">Step 3: Insert your license key</div></b><br>
          <div class="form-group">
            <label for="key-get" style="margin-right: 80%">Code:</label>
            <input type="text" class="form-control" name="key-get" placeholder='38904ADSUFH8ADS7FH8ASHFASHF8ASHUFHA8SUFHU8ASHF8UHA' size="30">
          </div>
        </div>
        <?php echo display_error(); ?>
        <span class="step_active" >1</span>
        <span class="step_active">2</span>
        <span class="step_active">3</span>
        <span class="step_inactive">4</span>
        <span class="step_inactive">5</span>
        <button type="submit" class="button button_black" name="btn_lic" value="1" style="margin-left : 60%; color: white; text-decoration: none; font-family: 'Muli', sans-serif;"><b>Continue</b></button>
      </form><br>
    </div>
    </center>

    <?php include_once("footer.php"); ?>   

    </body>



    </html>

The code must display an error if: - the input code is null; - the input code is expired; - the input code is not existing;

on displaying of error,the page must be same,but with <?php echo display_error(); ?> on the page,there will be the error message.

You must be redirected on page step_4.php if the code is found in database and is not expired

I know,i know,i will modify the code to avoid SQL injections,this is a beta code.

Thanks.

Dharman
  • 30,962
  • 25
  • 85
  • 135
Top Kenzo
  • 7
  • 4
  • Ok, so what is the question? On form submit, display_error() doesn't show anything? – Vladan Nov 12 '19 at 19:59
  • When i press the button (and the code is not input or is not correct) i'm redirected to hamburgher.php,is not creating an error in the same page with "You didn't input the code" (also when the code is correct all is working fine) [EDITED] – Top Kenzo Nov 12 '19 at 20:02
  • But your form goes to `
    `, once submitted it loads that page, you are not anymore on `step_3.php`. If you want to go back, you'd have to redirect back to step_3.php, `header("Location: step_3.php");`
     – Vladan Nov 12 '19 at 20:05
  • Although, in that case, you lost the error output, let me think a bit about it – Vladan Nov 12 '19 at 20:08
  • I added for debugging if button is pressed: ``` if (isset($_POST['btn_lic']) && $_POST['btn_lic'] == 1) { checkkey(); } else { header("Location: step_3.php"); array_push($errors, "License key is invalid."); }``` Even if i press the button i'm redirected to step_3.php ,that means hamburgher.php didn't detected if btn_lic is pressed,but i made all correct,why? – Top Kenzo Nov 12 '19 at 20:11
  • I think you should put the code from `hamburgher.php` into `step_3.php` and then remove the action for the form so it goes back to the same page. That should do the trick. – Vladan Nov 12 '19 at 20:15

1 Answers1

0

The quickest way to solve the issue would be to move the code from hamburgher.php to step_3.php and then remove the action for the form so it goes back to the same page.

Vladan
  • 1,572
  • 10
  • 23