I'm trying to create a user sign up form in WordPress theme. I searched allot and found a solution which was using a non WordPress php file to insert into database. I've created a file "user-register.PHP" to register users from static page. but some how I cannot access that file getting "Page not found error". I'm using WordPress underscores theme.
sign up form Code:
<form id="user_form" name="user_form" method="POST" action="../user-register.php">
<input type="text" placeholder="Your Name" id="user_name" name="user_name">
<input type="email" placeholder="Your Email" id="user_email" name="user_email">
<input type="password" placeholder="Your Password" id="You Password">
<button name="sign-up" id="sign-up">Sing Up</button>
</form>
user-register.php
$user_name=$_POST['user_name'];
$user_email=$_POST['user-email'];
$user_pass=$_POST['user-pass'];
$con=mysqli_connect('localhost', 'kaizen_it', '', wp_site_user);
if($con){
$query='insert into wp_site_user(name,email,password)values(,$user_name,$user_email,$user_pass)';
mysqli_query($con, $query);
mysqli_close($con);
header("Location: http://localhost/wordpress/registered.php");
}
Any help would be appreciated!
Since you're not creating a custom page template for this, your path should be the absolute path to your login file. Assuming this file is in the root of your theme:
<form id="user_form" name="user_form" method="POST" action="<?php echo get_template_directory_uri() . '/user-register.php'; ?>">
Which will render as:
<form id="user_form" name="user_form" method="POST" action="http://example.com/wp-content/themes/sometheme/user-register.php'; ?>">
This path will need to change if your login file isn't in the root of your parent theme.
Related
Here's the context. I have a Joomla Backend with tons of custom code in a very old Joomla 1.X version. Everything is still surprisingly holding up well. The site owner wants a new front facing website and his company chose WordPress. Website was built, now we want to add a log in form to the Joomla backend from a WP page.
Here's what worked:
Go to Joomla login page (domain.com/administrator)
Copy the HTML form (including hidden input with token)
Paste the HTML and adjust the action attribute of the form
Went to the WP page (domain.com/wordpressFolder/page, entered credentials and it works perfectly!
Obviously these tokens can only be used once. Added a shortcode in WP that gets the form from Joomla and "extract" the token and returns it to the page.
function st_login_form( $atts ) {
$joomla = file_get_contents('http://www.example.com/administrator/index.php');
$doc = new DOMDocument();
$doc->loadHTML($joomla);
$inputs = $doc->getElementsByTagName('input');
$token = $inputs[5]->attributes[1]->nodeValue;
$html = '<form action="https://www.example.com/administrator/index.php" method="post" name="login" id="form-login" style="clear: both;">
<p id="form-login-username">
<label for="modlgn_username">Username</label>
<input name="username" id="modlgn_username" type="text" class="inputbox" size="15">
</p>
<p id="form-login-password">
<label for="modlgn_passwd">Password</label>
<input name="passwd" id="modlgn_passwd" type="text" class="inputbox" size="15">
</p>
<input type="submit" value="Connexion" />
<input type="hidden" name="option" value="com_login">
<input type="hidden" name="task" value="login">
<input type="hidden" name="'.$token.'" value="1">
</form>';
return $html;
}
The code behaves has expected and inspecting the form on the WP page with injected token looks fine, however when logging in it gives me an invalid token error.
I don't quite understand why it works when copy pasting but not when I retrieve the token from PHP. Any clue or potential solutions?
Found my first mistake. The GET is done over HTTP while the POST is sent over HTTPS. Obviously, CSRF token are domain-signed.
Now it simply redirects me to the login page but I'm not logged in.
I am trying to update a custom table row.
Here is my form's code (page-vehicles.php)
<form action="<?php echo home_url( "update" ); ?>" method="post">
<input type="number" name="id">
<input type="number" name="number">
<input type="submit" value="submit">
</form>
When I submit the form to (page-update.php) it shows a 404 error. But if I open the page (page-update.php) directly it shows the page (without 404 error).
What am I doing wrong here? :(
You said the custom page where the update needs to happen is page-update.php but you are posting the form to form.action = "http://novits.com/5050/vedit"; Change the action to the proper link.
i create simple plugin wordpress , one validationform.php and rflinsertdb.php
when user click on submit form , i want got rflinsertdb.php the page validation and insert information to db , but wordpress give me Object not found!
The requested URL was not found on this server. The link on the referring page seems to be wrong or outdated. Please inform the author of that page about the error.
this 2 php page in one folder that name in public ,i see to many codes in internet but not help, how can i do that ?
thx alot
i try this codes for action form
<form method="post" action="<?php bloginfo('template_url'); ?>/rflInsertdb.php">
<p id="errorMessage"></p>
<p>name: <input type="text" class="register" name="name" id="name"></p>
<p>family: <input type="text" class="registerForm" id="family" name="family"></p>
<p>numbers :<input type="number" class="registerForm" id="numbers" name="numbers" min="1" max="200" value="1"></p>
<p>tell: <input type="text" class="registerForm" id="tell" name="tell"></p>
<p><input type="submit" value="ثبت" class="registerForm" id="submit" name="submit"></p>
</form>
This happens to you, because you are using template directory for: /rflInsertdb.php
Try to use
<form method="post" action="<?php echo plugin_dir_url( __FILE__ ); ?>/rflInsertdb.php">
If your file is under the public (what is under the plugin dir), then maybe:
<form method="post" action="<?php echo plugin_dir_url( __FILE__ ); ?>/public/rflInsertdb.php">
See here: https://codex.wordpress.org/Function_Reference/plugin_dir_url
I have an issue with a form throwing a 404 error on submission but only when certain words are in the body of the post.
Here is my form.
<form role="form" action="edit-training-page.php?id=<?php echo $training_id; ?>" method="post" onSubmit="return confirm('Confirm Updating Training Page?');">
<div class="form-group fl w300 mr">
<label>Training Name</label>
<input name="training_title" type="text" class="form-control" placeholder="" required value="<?php echo $training_title ; ?>">
</div>
<div class="form-group fl w200 mr">
<label>Short URL</label>
<input name="training_url" type="text" class="form-control" placeholder="" required value="<?php echo $training_url ; ?>">
</div>
<div class="form-group fl w100 mr">
<label>Sort Order</label>
<input name="training_order" type="text" class="form-control" placeholder="" required value="<?php echo $training_order ; ?>">
</div>
<div class="form-group fl mr" style="width:100%;">
<textarea name="traininfo" rows="20" cols="80" /><?php echo $traininfo ; ?></textarea>
</div>
<div class="clear mt " >
<input type="hidden" name="training_id" value="<?php echo $training_id; ?>" />
<button type="submit" name="update" class="btn btn-success fl mr"><i class="glyphicon glyphicon-edit"></i> Update Training Page</button>
</form>
We have a sub-folder inside of WordPress for a dashboard system not related to WordPress. It is all php driven script. It is in a folder on the root of server, this form is for adding training content. I have been migrating training documentation from another location into this new system. It randomly throws a 404 on submission even though the URL is correct. For example today if the word "from" was in the textarea field it would give a wordpress 404 error screen on the submission. I have checked the reserved WordPress list in WordPress and none of the input fields are names that are reserved.
I tried excluding folder by editing the .htaccess file and changing the line to
RewriteRule ./ /index.php [L] - No change.
The php code for processing the form is on the same page.
Any help would be appreciated.
This isn't really an issue with WordPress. This is most likely due to the inclusion and configuration of mod_security within Apache. So, you'll either need to modify the configuration, or just rid yourself of that particular module if you are able.
Try this in your .htaccess to turn it off:
For mod_security:
# Turn off mod_security filtering.
<IfModule mod_security.c>
SecFilterEngine Off
</IfModule>
For mod_security2:
# Turn off mod_security filtering.
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule
However, note that Apache may have been configured in such a way as to not allow turning it off in .htaccess.
I noticed a strange bug when testing out one of our Wordpress apps.
I have a form with an input field and if I type a number such as "3" anywhere in the input text Wordpress will throw a 404:
<input name="author" type="text" />
If I change the name attribute from author to anything else, it works fine:
<input name="bob" type="text" />
I'm not a Wordpress guru or even a PHP dev so I apologize if this is trivial. I've stripped out everything possible from this PHP page. Is there some Wordpress magic going on here where "author" is some sort of reserved word? Here's the entire PHP file (the header is a simple nav-bar and the footer just calls wp_footer()....):
<?php
/**
* Template Name: MyTemplate
*/
get_header();
if(isset($_POST['submitted'])):
echo "<H4>Submitted!</H4>";
else:
?>
<form id="my-form" action="<?php the_permalink(); ?>" method="post">
<input name="author" type="text" /><br/><br/>
<input type="hidden" name="submitted" id="submitted" value="true" />
<input type="submit" value="Submit"/>
</form>
<?php
endif;
get_footer();
OK wow.. So it looks like there are reserved words in form posts:
http://codex.wordpress.org/Function_Reference/register_taxonomy#Reserved_Terms
Sorry for such a novice question.