0

I have a page calledemp.php in which i have the following code

 <form action="emp-action" method="post" enctype="multipart/form-data">
          include("conn.php");                 

 $sud=$_SESSION['login_user'];

            $sqlc=mysql_query("SELECT * FROM emp where un='".$sud."' ");

            $countc=mysql_num_rows($sqlc);
            if($countc<99)
            {

         include("inc-profile.php");
            }
            else
            {
            echo "SORRY !!!!you have posted more than 100 jobs"; 

            } 

</form>

now this is working properly and navigates to inc-profile page according to condition

in inc-profile.php page I have 

<form action="include-action" method="post" enctype="multipart/form-data">

//some codes

 </form>

But form action is not nvigating toinclude-action.php page but navigating emp-action.phppage ..What might be the error PLZ NOT I HAVE REMOVED .PHP WITH HELP OF .HTACCES

codelover
  • 317
  • 1
  • 11
  • Well, might be obvious, but you are missing `session_start()` before `$_SESSION`. – dkasipovic Mar 25 '14 at 10:38
  • 2
    **Danger**: You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You may also be **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Mar 25 '14 at 10:38
  • It seems you are nesting forms. Avoid that, this is against HTML standard specification – Mostafa Talebi Mar 25 '14 at 10:40

3 Answers3

3

You have one form inside another form.

This is forbidden by the HTML specification and causes undesirable results.

Don't nest forms.

Quentin
  • 914,110
  • 126
  • 1,211
  • 1,335
0

as per your code you have 2 forms like this 

<form action="emp-action" method="post" enctype="multipart/form-data">
      <form action="include-action" method="post" enctype="multipart/form-data">
      </form>
</form>

so when you submit the the first Form action will be initiated. please do like below

<form action="emp-action" method="post" enctype="multipart/form-data">


</form>
  include("conn.php");                 

 $sud=$_SESSION['login_user'];

            $sqlc=mysql_query("SELECT * FROM emp where un='".$sud."' ");

            $countc=mysql_num_rows($sqlc);
            if($countc<99)
            {

         include("inc-profile.php");
            }
            else
            {
            echo "SORRY !!!!you have posted more than 100 jobs"; 

            }
Karthick Kumar
  • 2,349
  • 1
  • 17
  • 30
0

There are more than one problems in your code. As D.Kasipovic said you have to use session_start().

But you have also to differentiate html from php for example with php tag <?php ?>

like this

 <form action="emp-action" method="post" enctype="multipart/form-data">
<?php
       include("conn.php");                 

        $sud=$_SESSION['login_user'];

        $sqlc=mysql_query("SELECT * FROM emp where un='".$sud."' ");

        $countc=mysql_num_rows($sqlc);
        if($countc<99)
        {

     include("inc-profile.php");
        }
        else
        {
        echo "SORRY !!!!you have posted more than 100 jobs"; 

        } ?>
</form>
ZanoOnStack
  • 389
  • 2
  • 11