Sphiinx Sphiinx - 7 months ago 19
SQL Question

PHP Echo to a certain part of HTML

I recently finished my login system but I have a question about PHP. How can I echo text or html to a certain part of html?

For example. Lets say the code below is all inside one PHP file. How could I echo the 2 echos in the php code to the html where the comment is?

So if I were to display this page and if their login failed it would echo "The username and password you entered did not match our records. Please double-check and try again." to that comment in the html.

I hope that makes sense, Thanks!

<?php
session_start();

if (isset($_POST['username']) && isset($_POST['password'])) {
include_once("db.php");
$username = mysqli_real_escape_string($sqlcon, $_POST['username']);
$username = strtoupper($username);
$password = mysqli_real_escape_string($sqlcon, $_POST['password']);

for ($i = 0; $i < 1000; $i++) {
$password = hash(sha512, $password . $username);
}

$userQuery = "SELECT * FROM users WHERE username = '" . $username . "' LIMIT 1";
$user = mysqli_query($sqlcon, $userQuery);

if (mysqli_num_rows($user) > 0) {
$user = mysqli_fetch_assoc($user);
$id = $user['id'];
$databasepass = $user['password'];

if ($password === $databasepass) {
$_SESSION['username'] = $username;
$_SESSION['id'] = $id;
header("Location: admin.php");
} else {
echo "The username and password you entered did not match our records. Please double-check and try again.";
}
} else {
echo "The username and password you entered did not match our records. Please double-check and try again.";
}
}
?>

<!DOCTYPE html>
<html>
<head>
<title>ADMIN</title>
</head>
<body>
<div>
<!--ECHO THOSE TWO ECHOS ABOVE HERE-->
</div>
</body>
</html>

Answer

You can assign the text to a variable and use PHP down inside your HTML to echo that.

<?php
    session_start();

    if (isset($_POST['username']) && isset($_POST['password'])) {
        include_once("db.php");
        $username = mysqli_real_escape_string($sqlcon, $_POST['username']);
        $username = strtoupper($username);
        $password = mysqli_real_escape_string($sqlcon, $_POST['password']);

        for ($i = 0; $i < 1000; $i++) {
            $password = hash(sha512, $password . $username);
        }

        $userQuery = "SELECT * FROM users WHERE username = '" . $username . "' LIMIT 1";
        $user = mysqli_query($sqlcon, $userQuery);

        if (mysqli_num_rows($user) > 0) {
            $user = mysqli_fetch_assoc($user);
            $id = $user['id'];
            $databasepass = $user['password'];

            if ($password === $databasepass) {
                $_SESSION['username'] = $username;
                $_SESSION['id'] = $id;
                header("Location: admin.php");
            } else {
                $result = "The username and password you entered did not match our records. Please double-check and try again.";
            }
        } else {
            $result = "The username and password you entered did not match our records. Please double-check and try again.";
        }
    }
?>

<!DOCTYPE html>
<html>
    <head>
        <title>ADMIN</title>
    </head>
    <body>
        <div>
            <?php echo $result; ?>
        </div>
    </body>
</html>
Comments