when i press the ‘continue’ button i’m redirected to form’s php functions file ( localhost/install/hamburgher.php ),but that must check if the code is correct or it will display an error.
hamburgher.php (functions on clicking of the button):
<?php
session_start();
// connect to database
$db = mysqli_connect('localhost', 'root', '');
mysqli_select_db($db,"licensecode");
// escape string
function e($val){
global $db;
return mysqli_real_escape_string($db, trim($val));
}
$errors = array();
function display_error() {
global $errors;
if (count($errors) > 0){
echo '<div class="alert alert-danger">';
foreach ($errors as $error){
echo $error .'<br>';
}
echo '</div>';
}
}
if (isset($_POST['btn_lic']) && $_POST['btn_lic'] == 1))
{
checkkey();
}
else
{
array_push($errors, "License key is invalid.");
}
// USER
function checkkey(){
global $db, $username, $errors;
// grap form values
$key = e($_POST['key-get']);
// make sure form is filled properly
if (empty($key)) {
array_push($errors, "A license key is required.");
}
// attempt login if no errors on form
if (count($errors) == 0)
{
$password = md5($password);
$query = "SELECT * FROM licenses WHERE code='$key' LIMIT 1";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1)
{ // found
// check
$keycode = mysqli_fetch_assoc($results);
if($keycode['expired'] == 1)
{
array_push($errors, "This license has expired.");
}
else
{
header('location: step_4.php');
}
}
else
{
array_push($errors, "License key is invalid.");
}
}
else {
array_push($errors, "Some errors there.");
}
}
Form file – step_3.php:
<?php
include('hamburgher.php');
require_once("settings.inc");
if (file_exists($config_file_path)) {
header("location: ".$application_start_file);
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title><?php echo $application_name;?> Instalation Wizard - 3</title>
<link rel="icon" href="images/brand/favicon.png" type="image/x-icon" />
<link rel="stylesheet" type="text/css" href="styles/basic.css">
<link href="https://fonts.googleapis.com/css?family=Muli&display=swap" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="styles/bootstrap.min.css">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
</head>
<body>
<center>
<div class="card">
<img src="../images/brand/logo_wide.png" alt="Thos Host Complete Solutions">
<form method="post" action="hamburgher.php">
<input type="hidden" name="submit" value="step2" />
<div class="container">
<b><div style="font-family: 'Muli', sans-serif;">Step 3: Insert your license key</div></b><br>
<div class="form-group">
<label for="key-get" style="margin-right: 80%">Code:</label>
<input type="text" class="form-control" name="key-get" placeholder='38904ADSUFH8ADS7FH8ASHFASHF8ASHUFHA8SUFHU8ASHF8UHA' size="30">
</div>
</div>
<?php echo display_error(); ?>
<span class="step_active" >1</span>
<span class="step_active">2</span>
<span class="step_active">3</span>
<span class="step_inactive">4</span>
<span class="step_inactive">5</span>
<button type="submit" class="button button_black" name="btn_lic" value="1" style="margin-left : 60%; color: white; text-decoration: none; font-family: 'Muli', sans-serif;"><b>Continue</b></button>
</form><br>
</div>
</center>
<?php include_once("footer.php"); ?>
</body>
</html>
The code must display an error if: – the input code is null; – the input code is expired; – the input code is not existing;
on displaying of error,the page must be same,but with <?php echo display_error(); ?> on the page,there will be the error message.
You must be redirected on page step_4.php if the code is found in database and is not expired
I know,i know,i will modify the code to avoid SQL injections,this is a beta code.
Thanks.
Advertisement
Answer
The quickest way to solve the issue would be to move the code from hamburgher.php to step_3.php and then remove the action for the form so it goes back to the same page.