In the username availability check I created two pages: register.php and registercontrol.php controlling it. I check the database connection its on work. Everything (all statements, insertin data into db) that was previously created on a single php page. But when ajax validates other inputs its duplicates the html content and shows the error inside of it instead of showing error messages in a just single html element.
So I seperated it into two pages but now ajax not shows any error and responds. Here is my work:
registercontrol.php
<?php
require('../includes/config.php');
if(isset($_POST['username'])){
//username validation
$username = $_POST['username'];
if (! $user->isValidUsername($username)){
$infoun[] = 'Your username must be at least 6 alphanumeric characters';
} else {
$stmt = $db->prepare('SELECT username FROM members WHERE username = :username');
$stmt->execute(array(':username' => $username));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (! empty($row['username'])){
$errorun[] = 'This username already in use';
}
}
}
?>
register.php
<script type="text/javascript">
$(document).ready(function(){
$("#username").keyup(function(event){
event.preventDefault();
var username = $(this).val().trim();
if(username.length >= 3){
$.ajax({
url: 'registercontrol.php',
type: 'POST',
data: {username:username},
success: function(response){
// Show response
$("#uname_response").html(response);
}
});
}else{
$("#uname_response").html("");
}
});
});
</script>
<form id="register-form" class="user" role="form" method="post" action="registercontrol.php" autocomplete="off">
<input type="text" name="username" id="username" class="form-control form-control-user" placeholder="Username" value="<?php if(isset($error)){ echo htmlspecialchars($_POST['username'], ENT_QUOTES); } ?>" tabindex="2" required>
<div id="uname_response" ></div>
</form>
we need to print the response in registercontrol.php so that we can get response in your register.php
Change your code as below
<?php
require('../includes/config.php');
if(isset($_POST['username'])){
//username validation
$username = $_POST['username'];
if (! $user->isValidUsername($username)){
echo 'Your username must be at least 6 alphanumeric characters';
} else {
$stmt = $db->prepare('SELECT username FROM members WHERE username = :username');
$stmt->execute(array(':username' => $username));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (! empty($row['username'])){
echo 'This username already in use';
}
}
}
?>
You need to return or echo something from registercontrol.php
<?php
require('../includes/config.php');
if(isset($_POST['username'])){
//username validation
$username = $_POST['username'];
if (! $user->isValidUsername($username)){
$infoun[] = 'Your username must be at least 6 alphanumeric characters';
echo json_encode($infoun);
exit;
} else {
$stmt = $db->prepare('SELECT username FROM members WHERE username = :username');
$stmt->execute(array(':username' => $username));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (! empty($row['username'])){
$errorun[] = 'This username already in use';
echo json_encode($errorun);
exit;
}
echo $row[username];
exit;
}
}
?>
Related
I apologize for not providing the full code for context, I am VERY new to this. Here is the code for the signup.php file:
<?php
session_start();
include('connection.php');
$missingUsername='<p><strong>Please enter a username</strong></p>';
$missingEmail='<p><strong>Please enter your email address</strong></p>';
$InvalidEmail='<p><strong>Please enter a valid email address</strong></p>';
$missingPassword='<p><strong>Please enter a password</strong></p>';
$InvalidPassword='<p><strong>Your password should be at least 6 characters long and include one capital letter and one number</strong></p>';
$differentPassword='<p><strong>Passwords don\'t match</strong></p>';
$missingPassword2='<p><strong>Please confirm your password</strong></p>';
if(empty($_POST["username"])){
$errors .= $missingUsername;
}else{
$username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);
}
if(empty($_POST["email"])){
$errors .= $missingEmail;
}else{
$email = filter_var($_POST["email"], FILTER_SANITIZE_EMAIL);
if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
$errors .= $InvalidEmail;
}
}
if(empty($_POST["password"])){
$errors .= $missingPassword;
}elseif(!(strlen($_POST["password"])>6 and preg_match('/[A-Z]/',$_POST["password"]) and preg_match('/[0-9]/',$_POST["password"]))){
$errors .= $InvalidPassword;
}else{
$password = filter_var($_POST["password"], FILTER_SANITIZE_STRING);
if(empty($_POST["password2"])){
$errors .= $missingPassword2;
}else{
$password2 = filter_var($_POST["password2"], FILTER_SANITIZE_STRING);
if($password !== $password2){
$errors .= $differentPassword;
}
}
}
if($errors){
$resultMessage = '<div class="alert alert-danger">' . $errors .'</div>'
echo $resultMessage;
}
$username = mysqli_real_escape_string($link, $username);
$email = mysqli_real_escape_string($link, $email);
$password = mysqli_real_escape_string($link, $password);
$password = hash('sha256', $password);
$sql = "SELECT * FROM users WHERE username = '$username'";
$result = mysqli_query($link, $sql);
if(!$result){
echo '<div class="alert alert-danger">Error running the query!</div>';
exit;
}
$results = mysqli_num_rows($result);
if($results){
echo '<div class="alert alert-danger">That username is already registered. Do you want to log in?</div>';
exit;
}
$sql = "SELECT * FROM users WHERE email = '$email'";
$result = mysqli_query($link, $sql);
if(!$result){
echo '<div class="alert alert-danger">Error running the query!</div>';
exit;
}
$results = mysqli_num_rows($result);
if($results){
echo '<div class="alert alert-danger">That email is already registered. Do you want to log in?</div>';
exit;
}
$activationKey = bin2hex(openssl_random_pseudo_bytes(16));
$sql = "INSERT INTO users ('username', 'email', 'password', 'activation') VALUES ('$username', '$email', '$password', '$activationKey')";
$result = mysqli_query($link, $sql);
if(!$result){
echo '<div class="alert alert-danger">There was an error inserting the user details in the database!</div>';
exit;
}
$message = "Please click on this link to activate your account:\n\n";
$message .= "http://studenttest.host20.uk/activate.php?email=" . urlencode($email) . "&key=$activationKey";
if(mail($email, 'Confirm your Registration', $message, 'From:'.'msyed0230#gmail.com')){
echo "<div class='alert alert-success'>Thank you for registration! Confirmation email has been sent to $email. Please click on the activation link to activate your account.</div>";
}
?>
Here again is the JS code block I'm working with within a broad goal of making a proper sign-up form:
$("#signupform").submit(function(event){
event.preventDefault();
var datatopost = $(this).serializeArray();
console.log(datatopost);
$.ajax({
url: "signup.php",
type: "POST",
data: datatopost,
success: function(data){
if(data){
$("#signupmessage").html(data);
}
},
error: function(){
$("#signupmessage").html("<div class='alert alert-danger'>There was an error with the Ajax call. Please try again later.</div>");
}
});
});
For some reason, I keep getting the AJAX error instead of the typical error messages I set up for username entry, password entry, etc. It is linked to the correct files (put in the script tag in my main index.php file) and with everything else.
What could be going on?
You might have an error in your signup.php page so it would be better if you put the whole code so as to find the issue and to fix it.
I've made a little example with almost the same code as yours and it works fine :
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap#4.5.3/dist/css/bootstrap.min.css" >
<div id="signupmessage"></div>
<form id="signupform" action="" method="POST">
<input type="text" name="firstname" placeholder="Enter your first name" /><br /><br />
<input type="text" name="lastname" placeholder="Enter your last name" /><br /><br />
<input type="submit" value="submit">
</form>
<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
<script type='text/javascript'>
$("#signupform").submit(function(event){
event.preventDefault();
var datatopost = $(this).serializeArray();
console.log(datatopost);
$.ajax({
url: "signup.php",
type: "POST",
data: datatopost,
success: function(data){
$("#signupmessage").html(data);
},
error: function(data){
$("#signupmessage").html(data);
}
});
});
</script>
--------- signup.php -----------
<?php
if(isset($_POST['firstname']) && isset($_POST['lastname'])){
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
echo $firstname."<br />";
echo $lastname;
}
else{
echo "<div class='alert alert-danger'>There was an error with the Ajax call. Please try again later.</div>";
}
?>
I am writing a simple login validation. (I know people say I shouldn't deal with passwords in plaintext, because it's dangerous, however, I am doing this for a school assignment where we do not need to use any security.) The issue I am having here is that I can't get the message for login to be successful. I am getting a login failure. I inserted a couple of users and passwords into a database table. What I need to do is to get the value from the "name" column and the "pwd" (password) column from my database table and allow a successful login (in Javascript) if the user's input has a match with the user and password in the database table.
Here is my form code:
<form method="post" action="login.php" onsubmit="validateForm()" id="loginForm" name="loginForm">
Name:<br>
<input type="text" name="personName"><br>
Password:<br>
<input type="password" name="pswd"><br>
<input type="submit" name="submit" id="submit" value="Login" />
</form>
Javascript:
<script>
function validateForm()
{
var n = document.loginForm.personName.value;
var p = document.loginForm.pswd.value;
//The var below is what I need help on.
var name = "<?php echo $row['name']; ?>";
//The var below is what I need help on.
var ps = "<?php echo $row['pwd']; ?>";
if ((n == name) && (p == ps))
{
alert ("Login successful!");
return true;
}
else
{
alert ("Login failed! Username or password is incorrect!");
return false;
}
}
</script>
PHP code (I have an empty while statement just in case I need it):
<?php
function validateLogin()
{
//I hid this information from here.
$servername = "";
$username = "";
$password = "";
$dbname = "";
// Create connection
$dbc = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($dbc->connect_error)
{
die("Connection failed: " . $dbc->connect_error);
}
$n = $_POST["personName"];
$p = $_POST["pswd"];
$query = "SELECT `name`, `pwd` FROM `chatApp`";
$result = $dbc->query($query);
$numRows = mysql_num_rows($result);
$count = 1;
if ($result->num_rows > 0)
{
while($row = $result->fetch_assoc())
{
}
}
else
{
echo "0 results";
}
$dbc->close();
}
if(array_key_exists('loginForm',$_POST))
{
validateLogin();
}
?>
I have this simple form I'm testing. It's just a test for the beginning of a form that will be improved later on; I only need it to work correctly. I still don't have the database ready, so in my code I have two users that I want to pass as 'registered'.
Here's the code for the form:
<form action="" method="POST">
<label>User: </label>
<input type="text" name="user" id="usuario" />
<label>Password: </label>
<input type="password" name="password" id="password" />
<div class="text-center">
<button type="button" class="boton-submit" name="submit" onClick="login()">Sign In</button>
</div>
</form>
These two inputs are validated with JavaScript, and the values are sent through AJAX.
This is the code (only the AJAX part, the rest are only validations and they work fine):
function login(){
if(validationLogin()){
$.ajax({
url: "http://localhost/MyApp/extras/processLogin.php",
type: "POST",
data: {"user": user,
"password": password,
},
dataType: "html",
cache: false,
beforeSend: function() {
console.log("Processing...");
},
success:
function(data){
if(data == "OK"){
window.location.href = "http://localhost/MyApp/loginSuccess.php";
}else{
window.location.href = "http://localhost/MyApp/loginFail.php";
}
}
});
}else{
//alert("Incorrect data");
}
}
And this is code in the PHP file:
<?php
session_start();
$user = "";
$password = "";
$errors = array();
if (isset($_POST['submit'])){
if(isset($_POST['user'])){
if(!empty($_POST['user'])){
$user = $_POST['user'];
}else{
$errors = 1;
}
}else{
$errors = $errors;
}
if(isset($_POST['password'])){
if(!empty($_POST['password'])){
$password = $_POST['password'];
}else{
$errors = 1;
}
}else{
$errors = $errors;
}
$_SESSION['user'] = $user;
$_SESSION['password'] = $password;
//TEST: Check if user is --> LAURA 123456 or LUIS 567899
if((($user == "LAURA") && ($password == "123456")) || (($user == "LUIS") &&
($password == "567899"))){
$data = "OK";
echo $data;
//header("location: ../loginSuccess.php");
}else{
$data = "ERROR";
echo $data;
//echo "No se encontró usuario";
//header("location: ../loginFail.php");
}
}
At the beginning, I had an action in the form that sent data to the PHP directly, and in that way it worked fine --> if user was LAURA or LUIS it would redirect to loginSuccess.php and greeted the user, if not, it would redirect to loginFail.php (that's why the headers are commented)
I just want to test that this functions, but when I modified the code to use AJAX, it always fails, even if the user is LAURA or LUIS, it redirects to the loginFail page...
I suspect there is some problem in the success function in the AJAX call.
Any help is appreciated :) Have a nice day!
There's no submit index your $_POST array, so this condition if (isset($_POST['submit'])){ ... will always fail. Remove this conditional check if (isset($_POST['submit'])){ ... } entirely, and refactor your backend PHP code in the following way,
<?php
session_start();
$user = "";
$password = "";
$errors = array();
if(isset($_POST['user'])){
if(!empty($_POST['user'])){
$user = $_POST['user'];
}else{
$errors = 1;
}
}else{
$errors = $errors;
}
if(isset($_POST['password'])){
if(!empty($_POST['password'])){
$password = $_POST['password'];
}else{
$errors = 1;
}
}else{
$errors = $errors;
}
$_SESSION['user'] = $user;
$_SESSION['password'] = $password;
//TEST: Check if user is --> LAURA 123456 or LUIS 567899
if((($user == "LAURA") && ($password == "123456")) || (($user == "LUIS") &&
($password == "567899"))){
$data = "OK";
echo $data;
//header("location: ../loginSuccess.php");
}else{
$data = "ERROR";
echo $data;
//echo "No se encontró usuario";
//header("location: ../loginFail.php");
}
?>
I´m always getting "Invalid request" because of the "POST variables were not sent to this page". I already chech the javascript on the console and it was fine. And i read eveithing about this problem, maybe the problem is not the code. Can somebody please help me?
This is my index.php (login page)
<?php
include_once 'db_connect.php';
include_once 'functions.php';
sec_session_start();
if (login_check($mysqli) == true) {
$logged = 'in';
} else {
$logged = 'out';
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Secure Login: Log In</title>
<link rel="stylesheet" href="styles/main.css" />
<script type="text/JavaScript" src="js/sha512.js"></script>
<script type="text/JavaScript" src="js/forms.js"></script>
</head>
<body>
<?php
if (isset($_GET['error'])) {
echo '<p class="error">Error Logging In!</p>';
}
?>
<form action="process_login.php" method="POST" name="login_form">
Email: <input type="text" name="email" />
Password: <input type="password"
name="password"
id="password"/>
<input type="button"
value="Login"
onclick="formhash(this.form,this.form.password);"
/>
</form>
<?php
if (login_check($mysqli) == true) {
echo '<p>Currently logged ' . $logged . ' as ' .
htmlentities($_SESSION['username']) . '.</p>';
echo '<p>Do you want to change user? Log out.</p>';
} else {
echo '<p>Currently logged ' . $logged . '.</p>';
echo "<p>If you don't have a login, please <a
href='register.php'>register</a></p>";
}
?>
</body>
</html>
And this is my login_process:
<?php
include_once 'db_connect.php';
include_once 'functions.php';
sec_session_start(); // Our custom secure way of starting a PHP session.
if (isset($_POST['email'], $_POST['p'])) {
$email = $_POST['email'];
$password = $_POST['p']; // The hashed password.
if (login($email, $password, $mysqli) == true) {
// Login success
header('Location: protected_page.php');
} else {
// Login failed
header('Location: ../index.php?error=1');
}
} else {
// The correct POST variables were not sent to this page.
echo 'invalid Request';
}
And the form that seems to be working:
function formhash(form, password) {
// Create a new element input, this will be our hashed password field.
var p = document.createElement("input");
// Add the new element to our form.
document.body.appendChild(p);
p.name = "p";
p.type = "hidden";
p.value = hex_sha512(password.value);
// Make sure the plaintext password doesn't get sent.
password.value = "";
// Finally submit the form.
form.submit();
}
And the functions:
function login($email, $password, $mysqli) {
// Using prepared statements means that SQL injection is not possible.
if ($stmt = $mysqli->prepare("SELECT id, username, password
FROM users
WHERE email = ?
LIMIT 1")) {
$stmt->bind_param('s', $email); // Bind "$email" to parameter.
$stmt->execute(); // Execute the prepared query.
$stmt->store_result();
// get variables from result.
$stmt->bind_result($user_id, $username, $db_password);
$stmt->fetch();
if ($stmt->num_rows == 1) {
// If the user exists we check if the account is locked
// from too many login attempts
if (checkbrute($user_id, $mysqli) == true) {
// Account is locked
// Send an email to user saying their account is locked
return false;
} else {
// Check if the password in the database matches
// the password the user submitted. We are using
// the password_verify function to avoid timing attacks.
if (password_verify($password, $db_password)) {
// Password is correct!
// Get the user-agent string of the user.
$user_browser = $_SERVER['HTTP_USER_AGENT'];
// XSS protection as we might print this value
$user_id = preg_replace("/[^0-9]+/", "", $user_id);
$_SESSION['user_id'] = $user_id;
// XSS protection as we might print this value
$username = preg_replace("/[^a-zA-Z0-9_\-]+/",
"",
$username);
$_SESSION['username'] = $username;
$_SESSION['login_string'] = hash('sha512',
$db_password . $user_browser);
// Login successful.
return true;
} else {
// Password is not correct
// We record this attempt in the database
$now = time();
$mysqli->query("INSERT INTO login_attempts(user_id, time)
VALUES ('$user_id', '$now')");
return false;
}
}
} else {
// No user exists.
return false;
}
}
}
Thank you for your time.
I may be being stupid, but I am trying to process a registration form using an AJAX call to a PHP page. My PHP page is working perfectly on it's own, but when I try to post the form data to the PHP page through AJAX nothing happens.
This is my AJAX call:
$(document).ready(function ($) {
$("#register").submit(function(event) {
event.preventDefault();
$("#message").html('');
var values = $(this).serialize();
$.ajax({
url: "http://cs11ke.icsnewmedia.net/DVPrototype/external-data/register.php",
type: "post",
data: values,
success: function (data) {
$("#message").html(data);
}
});
});
});
This is the form:
<div id="registerform">
<form method='post' id='register'>
<h3>Register</h3>
<p>Fill in your chosen details below to register for an account</p>
<p>Username: <input type='text' name='username' value='' /><br />
Password: <input type='password' name='password' ><br />
Repeat Password: <input type='password' name='repeatpassword'></p>
<input name='submit' type='submit' value='Register' >
<input name='reset' type='reset' value='Reset'><br /><br />
</form>
<div id="message"></div>
</div>
And this is my PHP page:
<?php function clean_string($db_server = null, $string){
$string = trim($string);
$string = utf8_decode($string);
$string = str_replace("#", "#", $string);
$string = str_replace("%", "%", $string);
if (mysqli_real_escape_string($db_server, $string)) {
$string = mysqli_real_escape_string($db_server, $string);
}
if (get_magic_quotes_gpc()) {
$string = stripslashes($string);
}
return htmlentities($string);
}
function salt($string){
$salt1 = 'by*';
$salt2 = 'k/z';
$salted = md5("$salt1$string$salt2");
return $salted;
}
?>
<?php
//form data
$submit = trim($_POST['submit']);
$username = trim($_POST['username']);
$password = trim($_POST['password']);
$repeatpassword = trim($_POST['repeatpassword']);
// create variables
$message = '';
$s_username = '';
//connect to database
{databaseconnection}
$db_server = mysqli_connect($db_hostname, $db_username, $db_password);
$db_status = "connected";
if(!$db_server){
//error message
$message = "Error: could not connect to the database.";
}else{
$submit = clean_string($db_server, $_POST['submit']);
$username = clean_string($db_server, $_POST['username']);
$password = clean_string($db_server, $_POST['password']);
$repeatpassword = clean_string($db_server, $_POST['repeatpassword']);
//check all details are entered
if ($username&&$password&&$repeatpassword){
//check password and repeat match
if ($password==$repeatpassword){
//check username is correct length
if (strlen($username)>25) {
$message = "Username is too long, please try again.";
}else{
if (strlen($password)>25||strlen($password)<6) {
//check password is correct length
$message = "Password must be 6-25 characters long, please try again.";
}else{
mysqli_select_db($db_server, $db_database);
// check whether username exists
$query="SELECT username FROM users WHERE username='$username'";
$result= mysqli_query($db_server, $query);
if ($row = mysqli_fetch_array($result)){
$message = "Username already exists. Please try again.";
}else{
//insert password
$password = salt($password);
$query = "INSERT INTO users (username, password) VALUES ('$username', '$password')";
mysqli_query($db_server, $query) or die("Registration failed. ".
mysqli_error($db_server));
$message = "Registration successful!";
}
}
}
}else{
$message = "Both password fields must match, please try again.";
}
}else{
$message = "You must fill in all fields, please try again.";
}
}
echo $message;
mysqli_close($db_server);
?>
Apologies for all the code. I feel I may be making a stupid mistake but I don't know why the data isn't being posted or returned.
Thanks in advance!
Notice: This is more a comment than an answer but this is more readable since it includes code.
== EDIT ==
I Checked your code on http://cs11ke.icsnewmedia.net/DVPrototype/#registerlogin, your form doesn't have a id assigned to it
First: use your console...do you see an XMLHTTPREQUEST in your console?
What are the responses/headers etc? I can't stress this enough: use your console and report back here!!!
Next up the overly complicated ajax call...dumb it down to:
$('#register').submit(function(){
$('#message').html('');
$.post("http://cs11ke.icsnewmedia.net/DVPrototype/external-data/register.php",
$(this).serialize(),
function(response){
console.log(response);
$('#message').html(response);
}
);
return false;
});
In your PHP put this on top to check whether anything at all came through:
die(json_encode($_POST));
Please use Firebug or any other tool, to checḱ if the AJAX-script is called, what is its answer and if there are any errors in the script
My form is not submitting data to my database.
This is the PHP code:
<?php require 'core.inc.php'; ?>
<?php require 'connection.inc.php'; ?>
<?php
if(isset($_POST['username']) && isset($_POST['password']) &&
isset($_POST['password_again']) && isset($_POST['firstname']) &&
isset($_POST['surname'])){
$username = $_POST['username'];
$password = $_POST['password'];
$hashed_password = sha1($password);
$password_again = sha1('password again');
$username = $_POST['firstname'];
$password = $_POST['surname'];
//check if all fields have been filled
if(!empty($username)&& !empty($password) && !empty($password_again) &&
!empty($firstname)&& !empty($surname)){
if($password != $password_again){
echo 'Passwords do not match.';
} else {
//check if user is already registered;
$query = "SELECT username FROM user WHERE username = {$username} ";
$query_run = mysqli_query($connection, $query);
if (mysqli_num_rows ($query_run)==1){
echo 'User Name '.$username.' already exists.';
} else {
//register user
$query = "INSERT INTO `user` VALUES ('', '".$username."',
'".$password_hashed."','".$firstname."','".$surname."',)";
}
if($query_run = mysqli_query($connection, $query)){
header('Location: reg_succed.php');
} else {
echo 'Sorry we couldn\'t register you at this time. try again later';
}
}
}
} else {
echo 'All fields are required';
}
?>
<h2>Create New User</h2>
<form id="form" action="<?php echo $current_file ?>" method="POST">
<fieldset title="Login details" id="frame">
<legend>USER LOGIN DETAILS</legend>
<label>User Name:</label><br/>
<input type="text" name = "username" id = "username" value="<?php if(isset($username)){ echo $username; } ?>" maxlength="50" placeholder="Enter your Username" required/><br/>
<label>First Name:</label><br/>
<input type="text" name="firstname" id = "firstname" value="<?php if(isset($firstname)){ echo $firstname;} ?>" maxlength="50" placeholder="Enter your Firstname" required/><br/>
<label>Surname:</label><br/>
<input type="text" name="surname" id="surname" value="<?php if(isset($surname)) {echo $surname;} ?>" maxlength="50" placeholder="Enter your Surname" required/><br/>
<label>Password:</label><br/>
<input type="password" name="password" id="password" maxlength="50" placeholder="Enter your Password" required/><br/>
<label>Password Again:</label><br/>
<input type="password" name="password_again" id="password again" maxlength="50" placeholder="Enter your Password" required/><br/>
<input type="submit" name = "register" id = "register" value="Register">
</fieldset>
</form>
connection code
<?php
require_once("constants.php");
// 1. Create a database connection
$connection = mysqli_connect(DB_SERVER,DB_USER,DB_PASS, DB_NAME);
if (!$connection) {
die("Database connection failed: " . mysqli_error($connection));
}
// 2. Select a database to use
$db_select = mysqli_select_db($connection, DB_NAME);
if (!$db_select) {
die("Database selection failed: " . mysqli_error($connection));
}
?>
core.inc.php code
<?php
ob_start();
session_start();
$current_file = $_SERVER['SCRIPT_NAME'];
if(isset( $_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER'])){
$http_referer = $_SERVER['HTTP_REFERER'];
}
?>