apatik apatik - 3 months ago 11
PHP Question

Conflict between Login form and Register form in the same page

My website has a login form present in every pages (on a top-menu) so even when a user is on the Register page the login form is still available in this top-menu.

My problem is that in this specific case, when a user fills the register form and submits it, it returns the error that all fields are required to be filled. I found out that this is because my login form uses the same input names that my register form uses (

$username
and
$password
).

So even if the register form is filled, if i leave the login form empty it will return me this error, however if i fill the login form with anything and then submit the properly filled register, there won't be any conflicts.

Here are my
login form
,
register form
, and part of my
php code that process the register data


login form :

<form method="post" action="/ftp/index.php?login=1">

<div id="header_username">
<input type="text" name="username" id="txt_username" placeholder="username" required="" value="" />
<span class="username_icon"><i class="fa fa-user"></i></span>
</div>
<div id="header_password">
<input type="password" name="password" id="txt_password" placeholder="password" required="" />
<span class="password_icon"><i class="fa fa-lock"></i></span>
</div>
<div id="forgotten_pwd">
<a href=""><span> Forgotten Password ?</span></a>
</div>
<div id="submit_button">
<input type="hidden" name="redirect" value="<?php echo "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; ?>" />
<button type="submit" name="submit" id="sub_login"><i id="submit"class="fa fa-long-arrow-right"></i></button>
</div>
<div id="button-border"></div>
<div class="feedback">login successful <br />redirecting...</div>
</form>


register form :

<form action="<?php echo $_SERVER['PHP_SELF'].'?signup=1'; ?>" method="post">
<div class="line"><label for="username"><?php echo lang::get("Username")?> *: </label><input type="text" name="username" id="username" value="<?php if (isset($_POST['username'])) echo $_POST['username']?>"/></div>
<div class="line"><label for="email"><?php echo lang::get("Email")?> *: </label><input type="text" name="email" id="email" value="<?php if (isset($_POST['email'])) echo $_POST['email']?>"/></div>
<div class="line"><label for="password"><?php echo lang::get("Password")?> *: </label><input type="password" name="password" id="password"/></div>
<div class="line"><label for="password2"><?php echo lang::get("Confirm password:")?> </label><input type="password" name="password2" id="password2"/></div>
<?php
$rand_int1 = substr(mt_rand(),0,2);
$rand_int2 = substr(mt_rand(),0,1);
$rand_int3 = substr(mt_rand(),0,1);
$captcha_answer = $rand_int1 + $rand_int2 - $rand_int3;
$_SESSION['captcha_answer'] = $captcha_answer;
?>
<div class="line"><label for="captcha"><?php echo $rand_int1.' + '.$rand_int2.' - '.$rand_int3.' = ?';?> *: </label><input type="text" name="captcha" id="captcha" autocomplete="off"/></div>
<div class="line submit" style="text-align:right"><input type="submit" class="button" value="<?php echo lang::get("Sign up")?>" /></div>
</form>

<?php endif;?>
</div>


php code that processes the data :

if (!empty($_POST)){

$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$captcha = $_POST['captcha'];


// requiered fields & validation
if ( !isset($username)
|| $username == ''
|| !ctype_alnum($username)
|| gator::getUser($username)
|| gator::getUser($email, 'email')
|| !isset($password)
|| !isset($password2)
|| !isset($_POST['captcha'])
|| $password == ''
|| $password != $password2
|| filter_var($email, FILTER_VALIDATE_EMAIL) == false
|| (int)$captcha != (int)$_SESSION['captcha_answer'])
{
if ($username && !ctype_alnum($username)) $_POST['username'] = '';
if (filter_var($email, FILTER_VALIDATE_EMAIL) == false) $_POST['email'] = '';

$errors = lang::get("All fields requiered!");
}

if ($errors == false){

$reloadaction = 'thanks';


My question is the following :

Even though i know an alternative solution would be to rename the inputs of my register form for instance, is there a "cleaner" solution for this ? Is there instead anything i can add to my
php code that process the data
to make it ignore the login form's inputs when i submit the register form ? How do big websites deal with this type of conflicts ?

Thanks a lot for trying to help me out with this !

-Apatik

edit : my full register code :

* Sign up init
*/
public function initSignup() {

// try to activate account?
if (gatorconf::get('signup_use_activation') && isset($_GET['activate'])){

$key = $_GET['activate'];
$user = gator::getUser($key, 'akey');

if ($user){
gator::updateUser($user['username'], array('akey' => '', 'permissions' => gatorconf::get('default_permissions_after_activation')));
$user['permissions'] = gatorconf::get('default_permissions_after_activation');
$this->loginUser($user);
}

header('Location: '.gatorconf::get('base_url'));
die;
}

$errors = null;

if (!empty($_POST)){

$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$captcha = $_POST['captcha'];


// requiered fields & validation
if ( !isset($username)
|| $username == ''
|| !ctype_alnum($username)
|| gator::getUser($username)
|| gator::getUser($email, 'email')
|| !isset($password)
|| !isset($password2)
|| !isset($_POST['captcha'])
|| $password == ''
|| $password != $password2
|| filter_var($email, FILTER_VALIDATE_EMAIL) == false
|| (int)$captcha != (int)$_SESSION['captcha_answer'])
{
if ($username && !ctype_alnum($username)) $_POST['username'] = '';
if (filter_var($email, FILTER_VALIDATE_EMAIL) == false) $_POST['email'] = '';

$errors = lang::get("All fields requiered!");
}

if ($errors == false){

$reloadaction = 'thanks';

$activationkey = '';

if (gatorconf::get('signup_use_activation')){

$activationkey = sha1(mt_rand(10000,99999).time());
$url = gatorconf::get('base_url').'/?signup=1&activate='.$activationkey;

$subject = gatorconf::get('account_email_subject');
$body = gatorconf::get('account_email_text'). "\n\n" .$url;
$this->sendEmail($email, $subject, $body);

$reloadaction = 'goactivate';
}

// homedir will be created based on username
$homedir = gatorconf::get('repository').'/users'.DS.$username;

// if dir does not exist - try to create one
if ($homedir != '' && !is_dir($homedir)){
if (!mkdir($homedir, 0755, true)) {
echo "ERROR: User's homedir cannot be created. Check permissions. DIR = ".$homedir; die;
}
}

// add new user
gator::addUser($username, array(
'password' => $password,
'permissions' => gatorconf::get('default_permissions_after_signup'),
'homedir' => $homedir,
'email' => $email,
'akey' => $activationkey));

// thanks on success or go activate!
header('Location: '.gatorconf::get('base_url').'/?signup=1&'.$reloadaction);
die;
}

}


if (isset($_GET['thanks'])){

// thanks on success or go activate!
header('Location: '.gatorconf::get('base_url'));
die;

}elseif (isset($_GET['goactivate'])){

gator::display("header.php");
gator::display("signup.php", array('goactivate' => 1));

}else{

gator::display("header.php");
gator::display("signup.php", array('errors' => $errors));

}

gator::display("../../../style/include/footer.php");

}


/**
*

Answer

Thanks a lot for every answers, which were helpful.

I found that what was wrong was the submit button of my register not having a name (as you can see in my post). I added name="register" to it and then changed in my code if (!empty($_POST)){ for if (!empty($_POST['register'])){

Seems all good now.

Comments