|
PHP - Register Script Problems
I'm sorry this code is a mess, this is my attempt at a online youtube tutorial http://www.youtube.com/user/phpacademy#p/c/9CC58D1B2A2D83D6/9/cBJZZlLrXGo
The script runs with no parse errors but it does not the following: - present error messages when input is incorrect - enter correct input into the database - retain the user input in the form so the user does not need to re enter the information. I would just use another script but this is the 2nd part of a tutorial that will really help me learn so I need this to work . Any help appreciated. 1. 2. <?php 3. include("design/header.php"); 4. require("connect.php"); 5. 6. //register code 7. 8. 9. if(isset($POST['submit'])) 10. { 11. //grab submitted data 12. $firstname = $_POST['firstname']; 13. $lastname = $_POST['lastname']; 14. $username = $_POST['username']; 15. $password = $_POST['password']; 16. $password_repeat = $_POST['password_repeat']; 17. 18. $dob_year = $_POST['dob_year']; 19. $dob_month = $_POST['dob_month']; 20. $dob_day = $_POST['dob_day']; 21. 22. $gender = $_POST['gender']; 23. 24. if ( 25. $firstname&& 26. $lastname&& 27. $username&& 28. $password&& 29. $password_repeat&& 30. $dob_year&& 31. $dob_month&& 32. $dob_day&& 33. $gender 34. ) 35. { 36. 37. //validation 38. if(strlen($firstname)>25 || strlen($lastname)>25 || strlen($username)>25) 39. echo "Firstname, lastname and username must be no more than 25 characters."; 40. 41. 42. else 43. { 44. if (strlen($password)>25 || strlen($password)<6) 45. echo "Password must be between 6 and 25 characters."; 46. 47. else 48. { 49. if (is_numberic($dob_year)&&is_numberic($dob_month)&&is_numberic($dob_day)) 50. { 51. 52. if (strlen($dob_year)>4||strlen($dob_year)>2||strlen($dob_year)>2) 53. echo "Date of birth must be 4 characters, month and must be 2."; 54. else 55. { 56. if ($gender=="Male"||$gender=="Female") 57. { 58. //compare pass 59. if ($password==$password_repeat) 60. { 61. //check dob limits for month and day 62. if ($dob_month>12||$dob_day>31) 63. echo "Date of birth month or day is bigger than expected!"; 64. else{ 65. //check for existing user 66. $query =mysql_query("SELECT * FROM users WHERE username='$username'"); 67. if (mysql_num_rows($query)>=1) 68. echo "That username is already taken."; 69. else { 70. //success!! 71. $dob_db = "$dob_year-$dob_month-$dob_day"; 72. $password_db = md5($password); 73. 74. switch ($gender) 75. { 76. case "Male": 77. $gender_db = "M"; 78. break; 79. case "Female": 80. $gender_db = "F"; 81. break; 82. $register = mysql_query("INSERT INTO user VALUES ('','$firstname','$lastname','$username','$password_db','$dob_db','$gender_db')"); 83. echo "success!"; 84. } 85. } 86. } 87. } 88. else 89. {echo "Passwords must match"; 90. } 91. } 92. else 93. echo "Gender must be Male or Female."; 94. } 95. } 96. else 97. echo "Date of birth must be in number form. For example 1993/05/30"; 98. } 99. } 100. }else{ 101. echo "Please enter your details and click Register!"; 102. } 103. } 104. 105. ?> 106. 107. <p> 108. <form action='register.php' method='POST'> 109. 110. <table width='60%'> 111. <tr> 112. <td width='40%' align='right'> 113. <font size='2' face='arial'>Firstname: 114. </td> 115. <td> 116. <input type='text' value='<?php echo $firstname; ?>' name='firstname' maxlength='25'> 117. </td> 118. </tr> 119. <tr> 120. <td width='40%' align='right'> 121. <font size='2' face='arial'>Lastname: 122. </td> 123. <td> 124. <input type='text' value='<?php echo $lastname; ?>' name='lastname' maxlength='25'> 125. </td> 126. </tr> 127. <tr> 128. <td width='40%' align='right'> 129. <font size='2' face='arial'>Username: 130. </td> 131. <td> 132. <input type='text' value='<?php echo $username; ?>' name='username' maxlength='25'> 133. </td> 134. </tr> 135. <tr> 136. <td width='40%' align='right'> 137. <font size='2' face='arial'>Password: 138. </td> 139. <td> 140. <input type='password' name='password' maxlength='25'> 141. </td> 142. </tr> 143. <tr> 144. <td width='40%' align='right'> 145. <font size='2' face='arial'>Repeat Password: 146. </td> 147. <td> 148. <input type='password' name='password_repeat' maxlength='25'> 149. </td> 150. </tr> 151. <tr> 152. <td width='40%' align='right'> 153. <font size='2' face='arial'>Date of birth: 154. </td> 155. <td> 156. <input type='text' name='dob_year' maxlength='4' size='3' value='<?php if ($dob_year) echo $dob_year; else echo "YYYY";?>'> /<input type='text' name='dob_month' maxlength='2' size='1' value='<?php if ($dob_month) echo $dob_month; else echo "MM";?>'> / <input type='text' name='dob_day' maxlength='2' size='1' value='<?php if ($dob_day) echo $dob_day; else echo "DD";?>'> 157. </td> 158. </tr> 159. <tr> 160. <td width='40%' align='right'> 161. <font size='2' face='arial'>Gender: 162. </td> 163. <td> 164. <select name='gender'> 165. <option>Female</option> 166. <option>Male</option> 167. </select> 168. </td> 169. </tr> 170. 171. </table> 172. <div align='right'><input type='submit' name='submit' value='Register'> 173. </form> 174. 175. 176. <?php 177. include("design/footer.php"); 178. 179. ?> 180. Similar TutorialsHi guys I am working on adding a third party php members register and login into a clients web site but every time I try the regidter page is shows me this error message. Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'username'@'localhost' (using password: YES) in /home/cpassoc2/public_html/register-exec.php on line 15 Failed to connect to server: Access denied for user 'username'@'localhost' (using password: YES) This is what i have in the config.php page. <?php define('DB_HOST', 'localhost'); define('DB_USER', 'cpassoc2-memark'); define('DB_PASSWORD', '?????????'); password replaced define('DB_DATABASE', 'cpassoc2-me'); ?> I have set up the my SQL within the control panel of the site, So do i need to do any thing else???, what am i missing???. Mark..... Hey, so this is my register script
<?php
error_reporting(E_ALL | E_NOTICE);
ini_set('display_errors', 1);
require 'connect.php';
echo "<title> Register </title>";
if(isset($_POST['register'])) {
$username = trim($_POST['username']);
$username = mysqli_real_escape_string($con, $_POST['username']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$password = hash('sha512', $_POST['password']);
if(!$_POST['username'] OR !$_POST['password']) {
die("You must enter a username and password!");
}
$stmt = $con->prepare("INSERT INTO usrs_usr (username, password) VALUES (?, ?)");
$stmt->bind_param("ss", $username, $password);
$stmt->get_result();
var_dump($stmt);
$stmt->execute();
echo "New user has been created successfully";
$stmt->close();
$conn->close();
}
?>
Now the problem is i have done a variable dump which outputs nothing, and the only error i am getting is
Fatal error: Call to a member function bind_param() on a non-object The error is on line 101. Help please. Code: [Select] <?php //begin register script $submit = $_POST['submit']; //form data $username= strip_tags ($_POST['username']); $email= strip_tags($_POST['email']); $pwd= strip_tags($_POST['pwd']); $confirmpwd= strip_tags($_POST['confirmpwd']); $date = date("Y-m-d"); if ($submit) { //check for required form data if($username&&$pwd&&$confirmpwd&&$email) { //encrypt password $pwd = md5($pwd); $confirmpwd =md5($pwd); //check if passwords match if ($pwd==$confirmpwd) { //check length of username if (strlen($username)>25||strlen($username)>25) { echo "length of username is too long"; } else { //check password length if(strlen($pwd)>25||strlen($pwd)<6) { echo"password must be between 6 and 25 characters"; } else { //register the user } else echo "your passwords do not match"; } else echo "please fill in all fields"; } ?> Hi, I have taken the step of writing my site in MySQLi instead of MYSQL as advised. However, I had a script that I got off the internet, the original file works great and registers the user to the database. However the edited version of the script, where I have added more information such as the users address etc, no longer works. I have compared the two files and can't seem to find the problem. When the script is run, it skips all the registration part and jumps to the last error in the script saying 'You Could Not Be Registered Because Of Missing Data.'. All the variables match the column names in the database.
Here is the original working script
<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
// some error checking
/*
if($_POST['reg']){
echo "form submitted";
}else{ echo "form not submitted"; }
*/
if( isset( $_POST['user'] ) && isset( $_POST['pass'] ) && isset( $_POST['email'] ) ){
// echo $_POST['user']." - ".$_POST['pass']." - ".$_POST['email'];
if( strlen( $_POST['user'] ) < 5 )
{
include('header.inc');
echo "Username Must Be 5 or More Characters.";
include('footer.inc');
}
elseif( strlen( $_POST['pass'] ) < 5 )
{
include('header.inc');
echo "Password Must Be 5 or More Characters.";
include('footer.inc');
}
elseif( $_POST['pass'] == $_POST['user'] )
{
include('header.inc');
echo "Username And Password Can Not Be The Same.";
include('footer.inc');
}
elseif( $_POST['email'] == "" )
{
//More secure to use a regular expression to check that the user is entering a valid email
// versus just checking to see if the field is empty
include('header.inc');
echo "Email must be valid.";
include('footer.inc');
}
else
{
require( 'database.php' );
$username = mysqli_real_escape_string($con, $_POST['user']);
//Remove md5() function if not using encryption i.e. $password = $_POST['pass'];
$password = mysqli_real_escape_string($con, md5( $_POST['pass']));
$email = mysqli_real_escape_string($con, $_POST['email'] );
$sqlCheckForDuplicate = "SELECT username FROM user WHERE username = '". $username ."'";
//echo "$sqlCheckForDuplicate<br/>";
$result = mysqli_query($con, $sqlCheckForDuplicate);
if(mysqli_num_rows($result) == 0){
//echo "No Duplicates<br/>";
$sqlRegUser = "INSERT INTO user( username, password, email ) VALUES (
'". $username ."',
'". $password ."',
'". $email."'
)";
//echo "$sqlRegUser<br/>";
if( !mysqli_query($con, $sqlRegUser ) )
{
include('header.inc');
echo "You Could Not Register Because Of An Unexpected Error.";
include('footer.inc');
}
else
{
/* Note: When using the header function, you cannot send output to the browser
* before the header function is called. IF you want to echo a message to the
* user before going back to your login page then you should use the HTML
* Meta Refresh tag. */
//echo "You Are Registered And Can Now Login";
//echo " $username"; //this is for error checking
header ('location: login.php');
// if using echo then use meta refresh
/*
*?>
*<meta http-equiv="refresh" content="2;url= login.php/">
*<?
*/
}
mysqli_free_result($result);
}
else
{
include('header.inc');
echo "The Username You Have Chosen Is Already Being Used By Another User. Please Try Another One.";
//echo " $username;" //this is for error checking
include('footer.inc');
}
/* close connection */
mysqli_close($con);
}
}
else
{
include('header.inc');
echo "You Could Not Be Registered Because Of Missing Data.";
include('footer.inc');
}
?>
and here is my version
<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
if( isset( $_POST['user'] ) && isset( $_POST['pass'] ) && isset( $_POST['pass_again'] ) && isset( $_POST['firstname'] ) && isset( $_POST['lastname'] ) && isset( $_POST['email'] ) && isset( $_POST['email_again'] ) && isset( $_POST['address1'] ) && isset( $_POST['address2'] ) && isset( $_POST['town'] ) && isset( $_POST['county'] ) && isset( $_POST['postcode'] ) && isset( $_POST['business'] ) && isset( $_POST['vat_registered'] ) && isset( $_POST['vat_number'] )) {
if( strlen( $_POST['user'] ) < 5 )
{
include('includes/overall/header.php');
echo "Username Must Be 5 or More Characters.";
include('includes/overall/footer.php');
}
elseif( strlen( $_POST['pass'] ) < 5 )
{
include('includes/overall/header.php');
echo "Password Must Be 5 or More Characters.";
include('includes/overall/footer.php');
}
elseif( $_POST['pass'] == $_POST['user'] )
{
include('includes/overall/header.php');
echo "Username And Password Can Not Be The Same.";
include('includes/overall/footer.php');
}
elseif( $_POST['pass_again'] == "" )
{
include('includes/overall/header.php');
echo "Passwords must match";
include('includes/overall/footer.php');
}
// CREATE BETTER EMAIL CHECK
elseif( $_POST['email'] == "" )
{
include('includes/overall/header.php');
echo "Email must be valid.";
include('includes/overall/footer.php');
}
elseif( $_POST['email_again'] == "" )
{
include('includes/overall/header.php');
echo "Emails must match.";
include('includes/overall/footer.php');
}
elseif( $_POST['address_1'] == "" )
{
include('includes/overall/header.php');
echo "Address cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['address_2'] == "" )
{
include('includes/overall/header.php');
echo "Address cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['town'] == "" )
{
include('includes/overall/header.php');
echo "Town cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['county'] == "" )
{
include('includes/overall/header.php');
echo "County cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['postcode'] == "" )
{
include('includes/overall/header.php');
echo "Postcode cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['business'] == "" )
{
include('includes/overall/header.php');
echo "Business cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['vat_registered'] == "" )
{
include('includes/overall/header.php');
echo "VAT Registered cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['vat_number'] == "" )
{
include('includes/overall/header.php');
echo "VAT number cannot be empty, please enter N/A if not VAT registered.";
include('includes/overall/footer.php');
}
else
{
require( 'database.php' );
$username = mysqli_real_escape_string($con, $_POST['user']);
//Remove md5() function if not using encryption i.e. $password = $_POST['pass'];
$password = mysqli_real_escape_string($con, md5( $_POST['pass']));
$password_again = mysqli_real_escape_string($con, md5( $_POST['pass_again']));
$firstname = mysqli_real_escape_string($con, $_POST['firstname']);
$lastname = mysqli_real_escape_string($con, $_POST['lastname']);
$email = mysqli_real_escape_string($con, $_POST['email'] );
$email_again = mysqli_real_escape_string($con, $_POST['email_again']);
$address_1 = mysqli_real_escape_string($con, $_POST['address_1']);
$address_2 = mysqli_real_escape_string($con, $_POST['address_2']);
$town = mysqli_real_escape_string($con, $_POST['town']);
$county = mysqli_real_escape_string($con, $_POST['county']);
$postcode = mysqli_real_escape_string($con, $_POST['postcode']);
$business = mysqli_real_escape_string($con, $_POST['business']);
$vat_registered = mysqli_real_escape_string($con, $_POST['vat_registered']);
$vat_number = mysqli_real_escape_string($con, $_POST['vat_number']);
$sqlCheckForDuplicate = "SELECT username FROM user WHERE username = '". $username ."'";
//echo "$sqlCheckForDuplicate<br/>";
$result = mysqli_query($con, $sqlCheckForDuplicate);
if(mysqli_num_rows($result) == 0){
//echo "No Duplicates<br/>";
$sqlRegUser = "INSERT INTO user( username, password, password_again, firstname, lastname, email, email_again, address_1, address_2, town, county, postcode, business, vat_registered, vat_number ) VALUES (
'". $username ."',
'". $password ."',
'". $password_again ."',
'". $firstname ."',
'". $lastname ."',
'". $email ."',
'". $email_again ."',
'". $address_1 ."',
'". $address_2 ."',
'". $town ."',
'". $county ."',
'". $postcode ."',
'". $business ."',
'". $vat_registered ."',
'". $vat_number."'
)";
//echo "$sqlRegUser<br/>";
if( !mysqli_query($con, $sqlRegUser ) )
{
include('includes/overall/header.php');
echo "You Could Not Register Because Of An Unexpected Error.";
include('includes/overall/footer.php');
}
else
{
header ('location: login.php');
}
mysqli_free_result($result);
}
else
{
include('includes/overall/header.php');
echo "The Username You Have Chosen Is Already Being Used By Another User. Please Try Another One.";
//echo " $username;" //this is for error checking
include('includes/overall/footer.php');
}
/* close connection */
mysqli_close($con);
}
}
else
{
include('includes/overall/header.php');
echo "You Could Not Be Registered Because Of Missing Data.";
include('includes/overall/footer.php');
}
?>
Error reporting is switched on, I just cant see the problem. Any help is much appreciated :)
Hey I would just like to release a simple login/register script that will work just fine and has some nice systems in it. The Login. (I will post the code then below tell you what you need to do to get it to work with MYSQL DATABASE) Create a file and call it login with the suffix .php so if you have file extensions showing on your computer it will look like "login.php" then put this code inside of it. Code: [Select] <?php session_start(); ?> <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_SESSION['user_id'])){ redirect_to("staff.php"); } ?> <?php if (isset($_POST['submit'])){ $errors = array(); // Perform validations on the form $required_fields = array('username', 'password'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); if (empty($errors)){ // Checks database to see if username and password exist their $query = "SELECT id, username FROM users WHERE username='$username' AND hashed_password='$hashed_password' LIMIT 1"; $result_set = mysql_query($query, $connection); if(!$result_set){ die("Database Query Failed: " . mysql_error()); } if (mysql_num_rows($result_set) == 1) { // The Username and Password have been found in the database and the user is verified // Only 1 Match $found_user = mysql_fetch_array($result_set); $_SESSION['user_id'] = $found_user['id']; $_SESSION['username'] = $found_user['username']; redirect_to("staff.php"); }else{ // Username and Password was not found in the database. $message = "Username/Password Combination Incorrect.<br/>Please make sure your caps lock key is off and try again."; echo $message; } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ // The Form Has Not Been Submitted if(isset($_GET['logout']) && $_GET['logout'] == 1){ echo "You Are Now Logged Out"; } if(isset($_GET['nowlogged']) && $_GET['nowlogged'] == 1){ echo "You Need to Login to reach this page."; } $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="login.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /><br /> <input type="submit" name="submit" value="Login" /><br /> </form> <p>Haven't got an account? register <a href="register.php">here!</a></p> </body> </html> Now once you have a file called "login.php" with the above code inside of it you will need to goto your mysql database and create a database with a table that has 3 fields in the following format. - id - int(11) - Auto increment - username - varchar(50) - hashed_password - varchar(40) Now search for this in the login.php code Code: [Select] define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); And This: Code: [Select] $db_select = mysql_select_db("bcooperz", $connection); And change these to your settings. Once you have done all this create a new file called register with the suffix .php as well so if you have file extensions turned on it will look like "register.php" And add this code inside it: Code: [Select] <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } ?> <?php define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","maxcooper"); define("DB_NAME","bcooperz"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_POST['submit'])){ $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); $confirmpass=$_POST['confirmpass']; $query2 = "SELECT * FROM users WHERE username='$username'"; $result2 = mysql_query($query2); $counted=mysql_num_rows($result2); $errors = array(); // Perform validations on the form $required_fields = array('username', 'password', 'confirmpass'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } if($confirmpass!=$_POST['password']){ $errors[] = "passdifference"; } if($counted > 0){ $errors[] = "User Already Created"; } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } /* The Form Has Been Submitted */ if (empty($errors)){ $query = "INSERT INTO users (username,hashed_password) VALUES ('{$username}', '{$hashed_password}')"; $result = mysql_query($query, $connection); if($result){ echo "User Successfully Created"; }else{ echo "The User Could Not Be Created" . "<br />"; echo mysql_error(); } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ /* The Form Has Not Yet Been Submitted */ $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="register.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /> Confirm Password: <input type="password" name="confirmpass" maxlength="30" value="" /><br /><br /> <input type="submit" name="submit" value="Register" /><br /> </form> <p>Already have a account? login here <a href="login.php">here!</a></p> </body> </html> Once you have done that and you have a file called "register.php" you will need to perform the final step which will be changing the database details once again on the second file ("register.php"). Thanks, Bcooperz. Please tell me if this works here is my code: Code: [Select] function registerUser() { mysql_connect('localhost', 'user', 'password', 'table'); $rsPostCode = $_POST['rsPostCode']; $rsGender = $_POST['rsGender']; $rsUser = $_POST['rsUser']; $rsPass = $_POST['rsPass']; $rsEmail = $_POST['rsEmail']; $rsMobile = $_POST['rsMobile']; $rsAge = $_POST['rsAge']; $sql = "INSERT INTO members_copy (rsPostCode, rsGender, rsUser, rsPass, rsEmail, rsMobile, rsAge) VALUES ($rsPostCode, $rsGender, $rsUser, $rsPass, $rsEmail, $rsMobile, $rsAge);"; //echo $sql; mysql_query($sql); } When I write out my SQL this is the output: INSERT INTO members_copy (rsPostCode, rsGender, rsUser, rsPass, rsEmail, rsMobile, rsAge) VALUES (BN11, Male, jarv, mypassword, john@email.com, 07998989999, 08/11/1978); here is my register page: http://www.retroandvintage.co.uk/register.php This is my registering script: <?php include('connectvars.php'); $user_email = strip_tags(trim($_POST['email'])); $firstname = strip_tags(trim($_POST['firstname'])); $lastname = strip_tags(trim($_POST['lastname'])); $nickname = strip_tags(trim($_POST['nickname'])); $password = strip_tags($_POST['password']); $repassword = strip_tags($_POST['repassword']); $dob = $_POST['dob']; $find_us_question = strip_tags(trim($_POST['find_us_question'])); if (isset($_POST['submit_signup'])) { if ((empty($user_email)) || (empty($firstname)) || (empty($lastname)) || (empty($nickname)) || (empty($password)) || (empty($dob))) { echo "Please fill out all the fields!"; } else { // check char length of input data if (($nickname > 30) || ($firstname > 30) || ($lastname > 30) || ($user_email > 50)) { echo "Your nickname, first- and/or lastname seem to be too long, please make sure you have them below the maximum allowed length of 30 characters!"; } else { // check password char length if (($password > 25) || ($password < 6)) { echo "Your password must be between 6 and 25 characters!"; } else { // encrypt password $password = sha1($password); $repassword = sha1($repassword); if ($password != $repassword) { echo "Please make sure your passwords are matching!"; } else { $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $query = sprintf("INSERT INTO user (firstname, lastname, nickname, password, email, dob, doj) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', now())", mysqli_real_escape_string($dbc, $firstname), mysqli_real_escape_string($dbc, $lastname), mysqli_real_escape_string($dbc, $nickname), mysqli_real_escape_string($dbc, $password), mysqli_real_escape_string($dbc, $user_email), $dob); mysqli_query($dbc, $query); mysqli_close($dbc); echo "You have been successfully registered!"; } } } } } ?> A bunch of nested if statements, the read-ability gets worse after a while, I'm new to programming so I don't know if there's a better more read-able solution. Anyway, every time I try to sign up it's printing out the echo message: "Your password must be between 6 and 25 characters!" Which derives from: // check password char length if (($password > 25) || ($password < 6)) { echo "Your password must be between 6 and 25 characters!"; } else { EVEN if I stay between 6 and 25 characters it's still printing out this error message, let's say I have a password of 8 characters, and I've entered everything else correctly, it's still giving me all the time this error message, and I can not figure out why. Hi can someone pls help, im tryin a tutorial but keep getting errors, this is the first one i get after registering. You Are Registered And Can Now Login Warning: Cannot modify header information - headers already sent by (output started at /home/aretheyh/public_html/nealeweb.com/regcheck.php:43) in /home/aretheyh/public_html/nealeweb.com/regcheck.php on line 46 Hi there I am having some issues with my site login. When a user logs in, it loads the page as a logged in user. But often when you click on a link inside the page, for some reason the user is logged out. After logging in again it sometimes does work, it's weird.. Also, even if you keep the page loaded in the browser yet you don't interact with it for a couple of minutes, and you click something, you're logged out again.. Here's my code, this is on the top of the page. When a user logs in, the $_POST['login'] is set. Code: [Select] <?php session_start(); setlocale(LC_ALL, 'nl_NL'); require_once('mysql_connect.inc.php'); date_default_timezone_set('Europe/Brussels'); $verbinding = mysql_connect(MYSQL_SERVER, MYSQL_GEBRUIKERSNAAM, MYSQL_WACHTWOORD) or die("Connection failed: " . mysql_error()); function CleanMyDirtyData($dirtydata){ return mysql_real_escape_string(htmlentities($dirtydata, ENT_QUOTES,'UTF-8')); } if(isset($_COOKIE['LoginCookie'])){ $hash = mysql_real_escape_string($_COOKIE['LoginCookie']); mysql_select_db('db'); $sql = "SELECT * FROM leden WHERE cookie_hash = '".$hash."'"; if($result = mysql_query($sql)){ $row = mysql_fetch_array($result); if(empty($row)){ setcookie('LoginCookie','',time()-3600); } if(mysql_num_rows($result) == 1){ $_SESSION['loggedin'] = true;//this is the parameter throughout the site that determines wether to show logged in data or not-logged in data. //extra parameters for identification $_SESSION['loggedinnick'] = $row['nick']; $_SESSION['loggedinvoornaam'] = $row['voornaam']; $_SESSION['loggedinachternaam'] = $row['achternaam']; $_SESSION['loggedinid'] = $row['id']; $_SESSION['loggedintype'] = $row['type']; } } } if(isset($_POST['login'])){ if(empty($_POST['username']) || empty($_POST['wachtwoord'])){ $_SESSION['melding'] = "You need to fill in both fields."; header('Location: index.php'); exit(); } $username = CleanMyDirtyData($_POST['username']); $wachtwoord = sha1(CleanMyDirtyData($_POST['wachtwoord'])); mysql_select_db('db'); $sqlmail = mysql_query("SELECT * FROM leden WHERE email='$username' AND wachtwoord = '$wachtwoord'"); $sqlnaam = mysql_query("SELECT * FROM leden WHERE nick='$username' AND wachtwoord = '$wachtwoord'"); if(mysql_num_rows($sqlmail) == 1 || mysql_num_rows($sqlnaam) == 1){ if(mysql_num_rows($sqlmail) == 1){ $row = mysql_fetch_array($sqlmail); }else{ $row = mysql_fetch_array($sqlnaam); } if(isset($_POST['remember'])){ $hash = sha1($whatev);//combination of 3 parameters; time, salt, and something else. setcookie('LoginCookie',$hash,time()+30000000); mysql_query("UPDATE leden SET cookie_hash='" . $hash . "' WHERE id='" . $row['id'] . "'")or die(mysql_error()); } $_SESSION['loggedin'] = true; $_SESSION['loggedinnick'] = $row['nick']; $_SESSION['loggedinvoornaam'] = $row['voornaam']; $_SESSION['loggedinachternaam'] = $row['achternaam']; $_SESSION['loggedinid'] = $row['id']; $_SESSION['loggedintype'] = $row['type']; $_SESSION['melding'] = "You have successfully logged in."; header('Location: index.php'); exit(); }else{ $_SESSION['melding'] = "Wrong combination."; header('Location: index.php'); exit(); } } ?> Code: [Select] <?php $ip = $_POST['ip']; $httpref = $_POST['httpref']; $httpagent = $_POST['httpagent']; $visitor = $_POST['visitor']; $visitormail = $_POST['visitormail']; $notes = $_POST['notes']; $attn = $_POST['attn']; #================================================================================================== #this looks for email if(!$visitormail == "" && (!strstr($visitormail,"@") || !strstr($visitormail,"."))) #================================================================================================== { echo "<h2>Use Back - Enter valid e-mail</h2>\n"; $badinput = "<h2>Feedback was NOT submitted</h2>\n"; echo $badinput; die ("Go back! ! "); } #================================================================================================== #this making sure all fields have been filled if(empty($visitor) || empty($visitormail) || empty($notes )) { #================================================================================================== echo "<h2>Use Back - Please fill in all fields</h2>\n"; die ("Use back! ! "); } #================================================================================================== #This is looking for captcha ====================================================================== session_start(); if ($_POST['captcha'] == $_SESSION['captcha']) #==================================================================================================== { $todayis = date("l, F j, Y, g:i a") ; $attn = $attn ; $subject = $attn; $notes = stripcslashes($notes); $message = " $todayis [EST] \n Attention: $attn \n Message: $notes \n From: $visitor ($visitormail)\n Additional Info : IP = $ip \n Browser Info: $httpagent \n Referral : $httpref \n "; $from = "From: $visitormail\r\n"; if ($attn == "Chairperson") mail("emailhere", $subject, $message, $from); if ($attn == "Securtary") mail("email here", $subject, $message, $from); if ($attn == "Treausure") mail("email here", $subject, $message, $from); if ($attn == "Training") mail("email here", $subject, $message, $from); if ($attn == "Expeditions") mail("email here", $subject, $message, $from); if ($attn == "Webmaster") mail("email here", $subject, $message, $from); ?> ok the thing is that it sends a email to Chairperson email but it will not send to the rest shuld i be useing "elseif"? Hi guys, I've got an image uploader based on Uploadify, first let me set out what I want the script to do and what it currently does/doesn't do: Upload files of various types into folders named with the Order ID - OK Process the files by checking the file type and acting accordingly - OK Create thumbnails of the images in the /thumbs subdirectory - OK If the file is a PDF, create JPEG images of all pages and subsequent thumbnails - OK If the file is a ZIP, unzip and re-process the contents based on the above rules - FAIL As you can see I'm nearly at the end of my wishlist with this script, currently when it receives a ZIP file is unzip's it correctly placing the contents in the parent (Order-ID) directory however I'm then left with the same situation I have at the very beginning of the script, for example: File in -> "What kind of file are you?" -> Process file based on the answer. What I need to do is: File in -> "What kind of file are you? Oh! a Zip File, let's unzip and ask the same question of the contents!" -> Process contents. So basically I need to ask the same question twice, once of the zip and once of the contents of the unzipped file. This is where I'm struggling, someone told me to use a function which I tried but it kept breaking and I wasn't sure why. Therefore I have attached 2 files. 1 which currently works 99% except for "asking the question again" and one which doesn't work but I was told is the right way to do it File 1: Works 99%. Code: [Select] <?php /* TomBigFile v2.0 Based on Uploadify v2.1.4 Automatic folder creation dependant on order number with a thumbnail subdirectory. All files in are subject to a process which determines their type and acts accordingly. PDF's are automatically converted on the fly to 2 sets of JPEG's and stored accordingly to be accessed by Customer Accounts and Sales Order details area. Revised May 2011 */ // RECEIVE THE DATA FROM THE UPLOAD AND ASSIGN THE VARIABLES if (!empty($_FILES)) { $tempFile = $_FILES['Filedata']['tmp_name']; $targetPath = $_SERVER['DOCUMENT_ROOT'] . $_REQUEST['folder'] . '/'; $targetFile = str_replace('//','/',$targetPath) . $_FILES['Filedata']['name']; // $fileTypes = str_replace('*.','',$_REQUEST['fileext']); // $fileTypes = str_replace(';','|',$fileTypes); // $typesArray = split('\|',$fileTypes); // $fileParts = pathinfo($_FILES['Filedata']['name']); // if (in_array($fileParts['extension'],$typesArray)) { // CREATE THE PARENT DIRECTORY BASED ON ORDER ID AND THE THUMBS SUBDIRECTORY mkdir(str_replace('//','/',$targetPath), 0755, true); mkdir($targetPath . "thumbs", 0755, true); // create thumbs dir move_uploaded_file($tempFile,$targetFile); echo str_replace($_SERVER['DOCUMENT_ROOT'],'',$targetFile); // } else { // echo 'Invalid file type.'; // } } // BEGIN CHECKING THE IMAGE LOOKING AT THE FILE TYPE AND ACTING ACCORDINGLY $imgsize = getimagesize($targetFile); switch(strtolower(substr($targetFile, -3))){ case "pdf": $large = substr_replace($targetFile , 'jpg', strrpos($targetFile , '.') +1); $thumbnail = dirname($large).'/thumbs/'.basename(substr($large, 0, -4)."_thumb".strtolower(substr($large, -4))); $cmd = "$targetFile -write $large -thumbnail 64x64 $thumbnail "; exec("convert $cmd "); exit; break; case "jpg": $image = imagecreatefromjpeg($targetFile); break; case "png": $image = imagecreatefrompng($targetFile); break; case "gif": $image = imagecreatefromgif($targetFile); break; case "zip": $zip = new ZipArchive(); $zip->open($targetFile); $zip->extractTo($targetPath); $zip->close(); break; default: exit; break; } $width = 60; //New width of image $height = $imgsize[1]/$imgsize[0]*$width; //This maintains proportions $src_w = $imgsize[0]; $src_h = $imgsize[1]; $picture = imagecreatetruecolor($width, $height); imagealphablending($picture, false); imagesavealpha($picture, true); $bool = imagecopyresampled($picture, $image, 0, 0, 0, 0, $width, $height, $src_w, $src_h); // SAVE THE IMAGE(S) if($bool){ switch(strtolower(substr($targetFile, -3))){ case "jpg": //header("Content-Type: image/jpeg"); $bool2 = imagejpeg($picture,$targetPath."thumbs/".substr($_FILES['Filedata']['name'], 0, -4)."_thumb".strtolower(substr($targetFile, -4))); break; case "png": //header("Content-Type: image/png"); imagepng($picture,$targetPath."thumbs/".substr($_FILES['Filedata']['name'], 0, -4)."_thumb".strtolower(substr($targetFile, -4))); break; case "gif": //header("Content-Type: image/gif"); imagegif($picture,$targetPath."thumbs/".substr($_FILES['Filedata']['name'], 0, -4)."_thumb".strtolower(substr($targetFile, -4))); break; } } imagedestroy($picture); imagedestroy($image); echo '1'; // Important so upload will work on OSX ?> File 2: Doesn't work for me but I was told is correct method(s). Code: [Select] <?php /* TomBigFile v2.0 Based on Uploadify v2.1.4 Automatic folder creation dependant on order number with a thumbnail subdirectory. All files in are subject to a process which determines their type and acts accordingly. PDF's are automatically converted on the fly to 2 sets of JPEG's and stored accordingly to be accessed by Customer Accounts and Sales Order details area. Revised May 2011 */ if (!empty($_FILES)) { $tempFile = $_FILES['Filedata']['tmp_name']; $targetPath = $_SERVER['DOCUMENT_ROOT'] . $_REQUEST['folder'] . '/'; $targetFile = str_replace('//','/',$targetPath) . $_FILES['Filedata']['name']; // $fileTypes = str_replace('*.','',$_REQUEST['fileext']); // $fileTypes = str_replace(';','|',$fileTypes); // $typesArray = split('\|',$fileTypes); // $fileParts = pathinfo($_FILES['Filedata']['name']); // if (in_array($fileParts['extension'],$typesArray)) { // Uncomment the following line if you want to make the directory if it doesn't exist mkdir(str_replace('//','/',$targetPath), 0755, true); mkdir($targetPath . "thumbs", 0755, true); // create thumbs dir move_uploaded_file($tempFile,$targetFile); echo str_replace($_SERVER['DOCUMENT_ROOT'],'',$targetFile); // } else { // echo 'Invalid file type.'; // } } // start again here after ZIP!!!! function fileScanner($targetFile, $targetPath) { $imgsize = getimagesize($targetFile); $width = 60; //New width of image $height = $imgsize[1]/$imgsize[0]*$width; //This maintains proportions $src_w = $imgsize[0]; $src_h = $imgsize[1]; $picture = imagecreatetruecolor($width, $height); imagealphablending($picture, false); imagesavealpha($picture, true); $bool = imagecopyresampled($picture, $image, 0, 0, 0, 0, $width, $height, $src_w, $src_h); if($bool){ switch(strtolower(substr($targetFile, -3))){ case "jpg": //header("Content-Type: image/jpeg"); $bool2 = imagejpeg($picture,$targetPath."thumbs/".substr($_FILES['Filedata']['name'], 0, -4)."_thumb".strtolower(substr($targetFile, -4))); break; case "png": //header("Content-Type: image/png"); imagepng($picture,$targetPath."thumbs/".substr($_FILES['Filedata']['name'], 0, -4)."_thumb".strtolower(substr($targetFile, -4))); break; case "gif": //header("Content-Type: image/gif"); imagegif($picture,$targetPath."thumbs/".substr($_FILES['Filedata']['name'], 0, -4)."_thumb".strtolower(substr($targetFile, -4))); break; } } imagedestroy($picture); imagedestroy($image); } $imgsize = getimagesize($targetFile); switch(strtolower(substr($targetFile, -3))){ case "pdf": $large = substr_replace($targetFile , 'jpg', strrpos($targetFile , '.') +1); $thumbnail = dirname($large).'/thumbs/'.basename(substr($large, 0, -4)."_thumb".strtolower(substr($large, -4))); $cmd = "$targetFile -write $large -thumbnail 64x64 $thumbnail "; exec("convert $cmd "); exit; break; case "jpg": $image = imagecreatefromjpeg($targetFile); break; case "png": $image = imagecreatefrompng($targetFile); break; case "gif": $image = imagecreatefromgif($targetFile); break; case "zip": $zip = new ZipArchive(); $zip->open($targetFile); $zip->extractTo($targetPath); $zip->close(); fileScanner($targetFile, $targetPath); break; default: exit; break; } fileScanner($targetFile, $targetPath); // $width = 60; //New width of image // $height = $imgsize[1]/$imgsize[0]*$width; //This maintains proportions // // $src_w = $imgsize[0]; // $src_h = $imgsize[1]; // // // $picture = imagecreatetruecolor($width, $height); // imagealphablending($picture, false); // imagesavealpha($picture, true); // $bool = imagecopyresampled($picture, $image, 0, 0, 0, 0, $width, $height, $src_w, $src_h); // // if($bool){ // switch(strtolower(substr($targetFile, -3))){ // case "jpg": // //header("Content-Type: image/jpeg"); // $bool2 = imagejpeg($picture,$targetPath."thumbs/".substr($_FILES['Filedata']['name'], 0, -4)."_thumb".strtolower(substr($targetFile, -4))); // break; // case "png": // //header("Content-Type: image/png"); // imagepng($picture,$targetPath."thumbs/".substr($_FILES['Filedata']['name'], 0, -4)."_thumb".strtolower(substr($targetFile, -4))); // break; // case "gif": // //header("Content-Type: image/gif"); // imagegif($picture,$targetPath."thumbs/".substr($_FILES['Filedata']['name'], 0, -4)."_thumb".strtolower(substr($targetFile, -4))); // break; // } // } // // imagedestroy($picture); // imagedestroy($image); echo '1'; // Important so upload will work on OSX ?> If anyone could help me with this I'd greatly appreciate it, I've been reading so many guides on functions and arguments my brain is fried and I fear I've strayed from the subject of what I want to do! Many thanks. When a user logs in and clicks on the update link they get sent to update.php. On the bottom of this page there is a "Back to Index" link which leads back to the page they were just on (index.php). However all the records in the mysql table is being listed instead if just the users. Any ideas why? I'm using sessions for my members area and echoing it to make sure it's being passed between both pages correctly and it is. Ok, I submit the form, and when the next page displays, it says recieved with the persons name, but it wont post their email, and it wont ever send the message to the email address......... i've been playing with it all day long and just cannot figure it out, about to rip my hair out... any help would be appreciated. Contact.php page Code: [Select] <?php // Header Include include('includes/header.php'); ?> <!-- BEGIN SITE CONTENT INCLUDES HERE --> <!-- Index page included --> <table border="0" cellpadding="5" cellspacing="0" width="300" align="center"> <tr> <td><font face="verdana" size="2" color=#"000000"><b>Feedback Form</b></font></td> <tr> <td><form name="contact" method="post" action="contact_submit.php"> <font face="verdana" size="1" color="#1b4a1b">Your Name:<br /> <input type="text" name="name" size="25" /> <br /> Email:<br /> <input type="text" name"email" size="25" /> <br /> Comments:</font><br /> <textarea name="comments" rows="5" cols="30"></textarea> <br /><input type="submit" name="submit" value="Send" /> </form></td> </tr> </table> <br /><br /> <!-- / End Index Page --> <!-- / END SITE CONTENT INCLUDES HERE --> <!-- Footer Include --> <?php include('includes/footer.php'); ?> Form Processing Script contact_submit.php Code: [Select] <?php $to = "tonyagmatrix@gmail.com"; $re = "Feedback Form"; $msg = $comments; mail($to,$re,$msg); ?> <html><head><title>Message Recieved</title></head> <body> <h3>Thank you for your feedback <?PHP echo ($name); ?></h3> <br />We value your opinions and any questions will be replyed to your email address: <?php echo ($email); ?> </body></html> Does anyone have any idea wtf is wrong? Hi, I'm looking to change my 'Dead' page on my Mafia game to enable users to register a new account as soon as they log in to their dead one. I would like them to be able to just enter a new Username and then the email, password etc stay the same. Is this possible? Just ask for any parts of the register code you guys need. Thanks in advance,. I have a simple register script and some weird things are happening. If i leave blank password or repeat_password then code is still executed. Why? I can't seem to find any mistakes in the code. (only when username is empty then i get "You need to fill everything"). Code: [Select] <?php $submit = $_POST['submit']; $username = strip_tags($_POST['username']); $password = md5(strip_tags($_POST['password'])); $repeat_password = md5(strip_tags($_POST['repeat_password'])); require("connect.php"); if ($submit) { if (!empty($username) && !empty($password) && !empty($repeat_password)) { mysql_query("INSERT INTO users2 VALUES ('', '$username', '$password', '1000', '0', '0','', '', '')"); echo "You are registered <br />Your username is "."<b>$username</b>"."<br /> You may now <a href='index.php'> login </a>"; } else { echo "You have not filled everything."; } } ?> Hello everyone, I want to make a re-register script that enables a user to re-register once killed.... BUT keep the same email, same profile pic, same profile quote, same friends and a few other things.... BUT register new username etc. Any help would be great. Hi there, There's something wrong with this register form, it's submitting without validation. Code: [Select] <?php require_once('./includes/connectvars.php'); // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if (isset($_POST['submit'])) { // Grab the profile data from the POST $username = mysqli_real_escape_string($dbc, trim($_POST['username'])); $password1 = mysqli_real_escape_string($dbc, trim($_POST['password1'])); $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2'])); $firstname = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); $lastname = mysqli_real_escape_string($dbc, trim($_POST['last_name'])); if (!empty($username) && !empty($password1) && !empty($password2) && ($password1 == $password2) && !empty($firstname) && !empty($lastname)) { // Make sure someone isn't already registered using this username $query = "SELECT * FROM users WHERE username = '$username'"; $data = mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 0) { // The username is unique, so insert the data into the database $query = "INSERT INTO users (username, password, join_date, first_name, last_name) VALUES ('$username', SHA('$password1'), NOW(), '$firstname', '$lastname')"; mysqli_query($dbc, $query); // Confirm success with the user echo '<p>Your new account has been successfully created. You\'re now ready to <a href="login.php">log in</a>.</p>'; mysqli_close($dbc); exit(); } else { // An account already exists for this username, so display an error message echo '<p class="error">An account already exists for this username. Please use a different address.</p>'; $username = ""; } } else { echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>'; } } mysqli_close($dbc); ?> <p>Please enter your username and desired password to sign up to Mismatch.</p> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <legend>Registration Info</legend> <label for="username">Username:</label> <input type="text" id="username" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br /> <label for="password1">Password:</label> <input type="password" id="password1" name="password1" /><br /> <label for="password2">Password (retype):</label> <input type="password" id="password2" name="password2" /><br /> <label for="first_name">first name:</label> <input type="text" id="first_name" name="first_name" /><br /> <label for="last_name">last name:</label> <input type="text" id="last_name" name="last_name" /><br /> <input type="submit" value="Sign Up" name="submit" /> </form> </body> </html> I've had this problem for a while now and can't figure it out, any suggestions are appreciated. Thank you. Okay, I downloaded a PHP Script called RadiPanel which is a User System type thing and uploaded and installed it to my website. Now The problem with RadiPanel is, I have to add users/members to it as there is no registration process. So within the Admin page on RadiPanel I have taken the script out, now when I try view it as a "non logged in" user it just shows a white blank page, I was wondering if anyone here could determine just from the code below what I have to take out/delete in order for the public to view the page fully? Thanks guys Code: [Select] <?php if( !preg_match( "/index.php/i", $_SERVER['PHP_SELF'] ) ) { die(); } if( $_GET['id'] ) { $id = $core->clean( $_GET['id'] ); $query = $db->query( "SELECT * FROM users WHERE id = '{$id}'" ); $data = $db->assoc( $query ); $data['ugroups'] = explode( ",", $data['usergroups'] ); $editid = $data['id']; } ?> <form action="" method="post" id="addUser"> </div> <?php if( $_POST['submit'] ) { try { $username = $core->clean( $_POST['username'] ); $password = $core->clean( $_POST['password'] ); $email = $core->clean( $_POST['email'] ); $habbo = $core->clean( $_POST['habbo'] ); $dgroup = $core->clean( $_POST['dgroup'] ); $query = $db->query( "SELECT * FROM usergroups" ); while( $array = $db->assoc( $query ) ) { if( $_POST['ugroup-' . $array['id']] ) { $ugroups .= $array['id'] . ","; } } $password_enc = $core->encrypt( $password ); if( !$username or ( !$password and !$editid ) or !$dgroup or !$ugroups ) { throw new Exception( "All fields are required." ); } else { if( $editid ) { if( $password ) { $password = ", password = '{$password_enc}'"; } else { unset( $password ); } $db->query( "UPDATE users SET username = '{$username}'{$password}, email = '{$email}', habbo = '{$habbo}', displaygroup = '{$dgroup}', usergroups = '{$ugroups}' WHERE id = '{$editid}'" ); } else { $db->query( "INSERT INTO users VALUES (NULL, '{$username}', '{$password_enc}', '{$email}', '{$habbo}', '{$dgroup}', '{$ugroups}');" ); } echo "<div class=\"square good\">"; echo "<strong>Success</strong>"; echo "<br />"; echo "User added!"; echo "</div>"; } } catch( Exception $e ) { echo "<div class=\"square bad\">"; echo "<strong>Error</strong>"; echo "<br />"; echo $e->getMessage(); echo "</div>"; } } ?> <table width="100%" cellpadding="3" cellspacing="0"> <?php $query = $db->query( "SELECT * FROM usergroups" ); while( $array = $db->assoc( $query ) ) { if( in_array( $array['id'], $data['ugroups'] ) ) { $groups[$array['id'] . '_active'] = $array['name']; } else { $groups[$array['id']] = $array['name']; } if( $array['id'] == $data['displaygroup'] ) { $dgroups[$array['id'] . '_active'] = $array['name']; } else { $dgroups[$array['id']] = $array['name']; } } echo $core->buildField( "text", "required", "username", "Username", "The new username.", $data['username'] ); echo $core->buildField( "password", "<?php if( !$editid ) { ?>required<?php } ?>", "password", "Password", "The new password." ); echo $core->buildField( "text", "", "email", "Email", "The new email (optional).", $data['email'] ); echo $core->buildField( "text", "", "habbo", "Habbo name", "The new Habbo name (optional).", $data['habbo'] ); echo $core->buildField( "select", "required", "dgroup", "Display group", "The user's display group.", $dgroups ); echo $core->buildField( "checkbox", "required", "ugroup", "Active usergroups", "The user's active groups.", $groups ); ?> </table> </div> <div class="box" align="right"> <input class="button" type="submit" name="submit" value="Submit" /> </div> </form> <?php echo $core->buildFormJS('addUser'); ?> Hi, I created a previous thread but the problems were too confusing so I've started this thread again. I have a register form and it's supposed to validate if fields are empty. If fields are not empty, it should enter data on submit, into the table. The problem: The form is able to submit without validation and the data does not enter the table. The code: Code: [Select] <?php require_once('./includes/connectvars.php'); // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if (isset($_POST['submit'])) { // Grab the profile data from the POST $username = mysqli_real_escape_string($dbc, trim($_POST['username'])); $password1 = mysqli_real_escape_string($dbc, trim($_POST['password1'])); $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2'])); $firstname = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); $lastname = mysqli_real_escape_string($dbc, trim($_POST['last_name'])); if (!empty($username) && !empty($password1) && !empty($password2) && ($password1 == $password2) && !empty($firstname) && !empty($lastname)) { // Make sure someone isn't already registered using this username $query = "SELECT * FROM cuser WHERE username = '$username'"; $data = mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 0) { // The username is unique, so insert the data into the database $query = "INSERT INTO cuser (username, password, join_date, first_name, last_name) VALUES ('$username', SHA('$password1'), NOW(), '$firstname', '$lastname')"; mysqli_query($dbc, $query); // Confirm success with the user echo '<p>Your new account has been successfully created. You\'re now ready to <a href="login.php">log in</a>.</p>'; mysqli_close($dbc); exit(); } else { // An account already exists for this username, so display an error message echo '<p class="error">An account already exists for this username. Please use a different address.</p>'; $username = ""; } } else { echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>'; } } mysqli_close($dbc); ?> <p>Please enter your username and desired password to sign up to Mismatch.</p> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <legend>Registration Info</legend> <label for="username">Username:</label> <input type="text" id="username" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br /> <label for="password1">Password:</label> <input type="password" id="password1" name="password1" /><br /> <label for="password2">Password (retype):</label> <input type="password" id="password2" name="password2" /><br /> <label for="first_name">first name:</label> <input type="text" id="first_name" name="first_name" /><br /> <label for="last_name">last name:</label> <input type="text" id="last_name" name="last_name" /><br /> <input type="submit" value="Sign Up" name="submit" /> </form> </body> </html> Any ideas on what the problem is? I've sent my sessions in another file. ok so I have this code. I need to know how to modify it so that if the user has already registered for the event, they cannot do so again.........how can I do this? does this make sense? members that have already registered are held in a table called events..........userid, eventid, name, subevent....... Code: [Select] <?php $sql = mysql_query("SELECT * FROM Registration WHERE eventid=".$_GET['eventid']." LIMIT 1"); while($row = mysql_fetch_array($sql)){ $eventid = $row["eventid"]; $event = $row["event"]; $startdate = $row["startdate"]; $enddate = $row["enddate"]; $description = $row["description"]; $location = $row["location"]; $title1 = $row['title1']; $title2 = $row['title2']; $title3 = $row['title3']; $title4 = $row['title4']; $title5 = $row['title5']; $title6 = $row['title6']; $title7 = $row['title7']; $title8 = $row['title8']; $price1 = $row['price1']; $price2 = $row['price2']; $price3 = $row['price3']; $price4 = $row['price4']; $price5 = $row['price5']; $price6 = $row['price6']; $price7 = $row['price7']; $price8 = $row['price8']; $date1 = $row['date1']; $date2 = $row['date2']; $date3 = $row['date3']; $date4 = $row['date4']; $date5 = $row['date5']; $date6 = $row['date6']; $date7 = $row['date7']; $date8 = $row['date8']; //this will echo the contents of each db row as they are iterated in the loop ############################# echo "<form action ='eventreg.php' method='post'>"; echo "<center><table border='1' width='600'>"; if (!empty($title1)) { echo "<tr><td width='100'> <input type='checkbox' name='subevent1' value='$title1'/></td><td width='500'><strong>$title1 </strong><br /> $date1 <br />$ $price1 </tr></td> "; } if (!empty($title2)) { echo "<br/><tr><td> <input type='checkbox' name='subevent2' value='$title2' /></td><td><strong>$title2 </strong><br /> $date2 <br />$ $price2 </tr></td>" ; } if (!empty($title3)) { echo "<br/><tr><td><input type='checkbox' name='subevent3' value='$title3' /></td><td><strong>$title3</strong> <br /> $date3 <br />$ $price3</tr></td>"; } if (!empty($title4)) { echo "<br/><tr><td><input type='checkbox' name='subevent4' value='$title4' /></td><td><strong>$title4</strong> <br /> $date4 <br />$ $price4</tr></td>"; } if (!empty($title5)) { echo "<br/><tr><td><input type='checkbox' name='subevent5' value='$title5' /></td><td><strong>$title5</strong> <br /> $date5 <br />$ $price5</tr>"; } if (!empty($title6)) { echo "<br/><tr><td> <input type='checkbox' name='subevent6' value='$title6' /></td><td><strong>$title6 </strong><br /> $date6 <br />$ $price6</tr></td>"; } if (!empty($title7)) { echo "<br/><tr><td> <input type='checkbox' name='subevent7' value='$title7' /></td><td><strong>$title7</strong> <br /> $date7 <br />$ $price7</tr></td>"; } if (!empty($title8)) { echo "<br/><tr><td> <input type='checkbox' name='subevent8' value='$title8' /></td><td><strong>$title8</strong> <br /> $date8 <br />$ $price8</tr></td>"; } echo "</table>"; echo "<input name='userid' type=\"hidden\" value=\"$userid\" />"; echo "<input name='eventid' type=\"hidden\" value=\"$eventid\" />"; echo "<input name='event' type=\"hidden\" value=\"$event\" />"; echo "<input name='name' type=\"hidden\" value=\"$name\" />"; echo "<input name=\"save\" type=\"submit\" value=\"Register Now!\" />"; echo "</center></form>"; } //etc etc ?> |
|||||||