php - Unable to return to 'User Profile' page after login -
i have login.php page user login credentials. after user logs in when dologin.php page displayed. in other words user profile displayed. on user profile element, there edit button leads them editprofile.php page edit personal info. when clicked arrow on tab go user profile page error "confirm form resubmission" displayed. how counter such when user wished go user profile page, details displayed?
this dologin.php
session_start(); $msg = ""; //check whether session variable 'user_id' set //in other words, check whether user logged in if (isset($_session['user_id'])) { $msg = "you logged in.<br/><a href='index.php'>home</a>"; $msg = "<a href ='logout.php'>logout</a>"; } else { //user not logged in //check whether form input 'username' contains value if (isset($_post['username'])) { //retrieve form data $entered_username = $_post['username']; $entered_password = $_post['password']; //connect database include ("dbfunctions.php"); //match username , password entered database record $query = "select *from role,user user_name='$entered_username' , password = sha1('$entered_password') , user.role_id = role.role_id"; $result = mysqli_query($link, $query) or die(mysqli_error($link)); $query2 = "select * user,country user.country_id=country.country_id order `user`.`id` asc "; $result2 = mysqli_query($link, $query2) or die(mysqli_error($link)); $query3 = "select * book"; $result3 = mysqli_query($link, $query3) or die(mysqli_error($link)); if (mysqli_num_rows($result) == 1) { $update = "update `user` set last_login = now() user_name='$entered_username' "; $resultupdate = mysqli_query($link, $update); $row = mysqli_fetch_array($result); $_session['user_id'] = $row['id']; $_session['username'] = $row['user_name']; $_session['email'] = $row['email_address']; $_session['gender'] = $row['gender_id']; $_session['role_id'] = $row['role_type']; $_session['lastlog'] = $row['last_login']; $msg1 = $_session['username']; $msg2 = "<b>gender: </b> " . $_session['gender'] . "<br/>"; $msg3 = "<b>email: </b>" . $_session['email'] . "<br/>"; $msg4 = "<b>your last visit on site: </b>" . $_session['lastlog']; $msg .= "you logged in " . $_session['role_id'] . "<br/>"; $rowz = mysqli_fetch_array($result3); } else { //record not found $msg = "<p>sorry, must enter valid username , password log in.<a href='login.php'>back</a></p>"; } } and editprofile.php
// include php file contains common database connection codes include ("dbfunctions.php"); session_start(); $userid = $_post['userid']; $queryedit = "select * user id=$userid"; // execute query $resultedit = mysqli_query($link, $queryedit) or die(mysqli_error($link)); // fetch execution result array $rowedit = mysqli_fetch_array($resultedit); ?> <!doctype html> <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link href="style.css" rel="stylesheet" type="text/css"/> <link rel="stylesheet" type="text/css" href="bootstrap/css/bootstrap.min.css" /> <link rel="stylesheet" type="text/css" href="font-awesome/css/font-awesome.min.css" /> <script src="script.js"></script> <script type="text/javascript" src="js/jquery-1.10.2.min.js"></script> <script type="text/javascript" src="bootstrap/js/bootstrap.min.js"></script> <link rel="stylesheet" href="styles.css"> <title>edit profile & settings</title> </head> <body> <div class="container"> <a href="logout.php" class="btn btn-info" role="button">sign out</a> <div class="page-header"> <h1>obc <small>onlinebookclub</small></h1> <div class="row"> <div class="col-lg-6"> <form method="post" action="dosearch.php"> <div class="input-group"> <span class="input-group-btn"> <button class="btn btn-default" type="submit">go!</button> </span> <input type="text" class="form-control" placeholder="title/author/yearofpublish"> </form> </div><!-- /input-group --> </div><!-- /.col-lg-6 --> </div><!-- /.row --> </div> </div> <!-- registration form - start --> <div class="container" id="container1"> <div id='cssmenu'> <ul> <li class='active'><a href='#'>profile</a></li> <li><a href='addbook.php'>add/edit books</a></li> <li><a href='#'>add/edit authors</a></li> <li><a href='editprofile.php'>edit profile & settings</a></li> </ul> </div> <h2>edit profile</h2> <hr> <div class="row"> <!-- left column --> <div class="col-md-3"> <div class="text-center"> <img src="//placehold.it/100" class="avatar img-circle" alt="avatar"> <h6>upload different photo...</h6> <input type="file" class="form-control"> </div> </div> <!-- edit form column --> <div class="col-md-9 personal-info"> <h3>personal info</h3> <form class="form-horizontal" role="form"> <div class="form-group"> <label class="col-lg-3 control-label">username:</label> <div class="col-lg-8"> <input class="form-control" type="text" value="<?php echo $rowedit['user_name'] ?>"> </div> </div> <div class="form-group"> <label class="col-lg-3 control-label">email:</label> <div class="col-lg-8"> <input class="form-control" type="text" value="<?php echo $rowedit['email_address'] ?>"> </div> </div> <div class="form-group"> <label class="col-md-3 control-label"></label> <div class="col-md-8"> <input type="hidden" name="id" value="<?php echo $rowedit['id'] ?>" /> <input type="submit" class="btn btn-primary" value="save changes"> <span></span> <input type="reset" class="btn btn-default" value="cancel"> </div> </div> </form> </div> </div> </div> <style> #container1 { background-color: #e2dada; opacity: 0.9; border-radius: 2em; } .centered-form { margin-top: -185px; margin-bottom: 120px; } .centered-form .panel { background: rgba(255, 255, 255, 0.8); box-shadow: rgba(0, 0, 0, 0.3) 20px 20px 20px; } h2{ color: orange; } </style> </body>
first way
one way of handling such errors redirect page itself. i.e when user logs in , when show dologin page, i.e user profile page, ry use header() function
header('location:dologin.php'); second way
you can make ajax redirect using jquery or something
Comments
Post a Comment