|
PHP - Need Help With Registration Script
I've only modified the code below for the query, I just removed that to make it shorter, the query works fine. I've added human verification to the script and it displays the image and numbers fine, I also echo'd out the variables and they match using SHA1(). My captcha script is displaying the image properly and sets the $_SESSION['pass_phrase'] variable fine.
It isn't throwing any errors or creating the account. As of right now I have a headache and figured I could use some help here. Let me know if you spot the error. <?php error_reporting(E_ALL); require_once('cons.php'); // Get the variable sent by AJAX script if it is typed in // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if (isset($_REQUEST['username'])) { $ok = 'okay'; $den = 'denied'; // Secure the information $passname = mysqli_real_escape_string($dbc, trim($_REQUEST['username'])); // Lookup the username in the database $query = "SELECT username FROM info WHERE username = '$passname'"; $data = mysqli_query($dbc, $query); // Allow some time to get the response sleep(3); // If 1 is returned that name exsists, if 0 then we can move forward if (mysqli_num_rows($data) == 0) { // Send okay back to the ajax script so it knows to stop bothering the user echo $ok; return $ok; } else { // Send denied back to the ajax script so the user knows that name is taken echo $den; return $den; } // Close If / Else statement } // Close (isset($_REQUEST['username'])) { // Start of Main Submit Function Script session_start(); require_once('aprs.php'); if (isset($_POST['submit'])) { // Grab the profile data from the POST and secure it $avatar = mysqli_real_escape_string($dbc, trim($_POST['avatar'])); $usern = mysqli_real_escape_string($dbc, trim($_POST['username1'])); $password1 = mysqli_real_escape_string($dbc, trim($_POST['password1'])); $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2'])); $email = mysqli_real_escape_string($dbc, trim($_POST['email'])); $side = mysqli_real_escape_string($dbc, trim($_POST['side'])); $class = mysqli_real_escape_string($dbc, trim($_POST['class'])); $vercap = mysqli_real_escape_string($dbc, trim($_POST['verify'])); // convert username to all lowercase $userna = strtolower($usern); $username = stripslashes($userna); // Check the CAPTCHA pass-phrase for verification $phrase = SHA1($vercap); if ($_SESSION['pass_phrase'] == $phrase) { // Expression for validating the username is properly formatted. if (preg_match('/[^0-9A-Za-z]/',$username)) { // Expression for validating the e-mail is properly formatted. if (preg_match('/^[^@]+@[a-zA-Z0-9._-]+\.[a-zA-Z]+$/', $email)){ // Check to make sure all the form fields are filled in if (!empty($avatar) && !empty($username1) && !empty($password1) && !empty($password2) && ($password1 == $password2) && !empty($email) && !empty($side) && !empty($class)) { // If all the fields are filled in correctly then we can check the username to see if it's registered // Make sure someone isn't already registered using this username $query = "SELECT * FROM info WHERE username = '$username'"; $data = mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 0) { // The username is unique, so insert the data into the database $hash = md5( rand(0,1000) ); $query = "INSERT INTO"; mysqli_query($dbc, $query); // Confirm success with the user echo '<div id="signconf">'; echo '<p>Your new account has been successfully created. Please check your Email for the final verification.'; echo '</div>'; // Send the registration e-mail so the user can activate thier account $to = $email; // Send email to our user $subject = 'Signup | Verification'; // Give the email a subject $message = ' Thanks for signing up! Your account has been created, you can login with the following credentials after you have activated your account by clicking the url below. ------------------------ Username: '.$username.' Password: '.$password1.' ------------------------ Please click this link to activate your account: http://www.mydomain.com/verify.php?email='.$email.'&hash='.$hash.' '; // Our message above including the link $headers = 'From:me@mydomain.com' . "\r\n"; // Set from headers mail($to, $subject, $message, $headers); // Send our email mysqli_close($dbc); exit(); // If there was an issue with the username already taken, display an error } else { echo '<div id="signconf">'; echo '<p class="error">An account already exists for this username. Please use a different address.</p>'; echo '</div>'; $username = ""; } // End the if(mysqli_num_rows($data) == 0) { check // If there was an issue with the user not filling in the form correctly we post an error } else { echo '<div id="signconf">'; echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>'; echo '</div>'; } // End the if(mysqli_num_rows($data) == 0) { check // If there was an error with the e-mail address entered we need to post an error } else { echo '<div id="signconf">'; echo 'The email you have entered is invalid, please try again.'; echo '</div>'; } // End the if(mysqli_num_rows($data) == 0) { check // If there was an error with the format of the username we need to post an error } else { echo '<div id="signconf">'; echo 'The email you have entered is invalid, please try again.'; echo '</div>'; } // End the if(mysqli_num_rows($data) == 0) { check // If there was an error with the captcha not matching we post an error } else { echo '<div id="signconf">'; echo "The verification text didn't match the picture."; echo '</div>'; } // End else for Captcha check } // End the if(mysqli_num_rows($data) == 0) { check // Connection to the database is no longer needed so we can close it mysqli_close($dbc); // We no longer need php so let's close that and start the submit form ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title> Registration</title> <link type="text/css" rel="stylesheet" href="tlstyle.css" /> <script src="scripts/utils.js" type ="text/javascript"></script> <script src="scripts/validation.js" type="text/javascript"></script> </head> <body> <div id="csignup"> <div id="signform"> <p>Please enter all the information below to sign up.</p> <form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <label for="username1">Username:</label> <input type="text" id="username1" name="username1" value="<?php if (!empty($username1)) echo $username; ?>" maxlength = "7" /><br /> <label>Password:</label> <input type="password" id="password1" name="password1" value="<?php if (!empty($password1)) echo $password1; ?>" class="jcinput"/><br /> <label>Password (retype):</label> <input type="password" id="password2" name="password2" value="<?php if (!empty($password2)) echo $password2; ?>" class="jcinput"/><br /> <label>E-Mail Address:</label> <input type="text" id="email" name="email" value="<?php if (!empty($email)) echo $email; ?>" class="jcinput"/><br /> <label for="verify">Verification:</label> <img src="captcha.php" alt="Verification" /><br /> <label for="verify">Verification:</label> <input type="text" id="verify" name="verify" class="jcinput" /><br /> <label>Choose Your Avatar:</label> <input type="radio" name="avatar" value="/images/smile.png" /> <img src="/images/smile.png" alt="1" /> <input type="radio" name="avatar" value="/mages/smile.png" /> <img src="/images/smile.png" alt="1" /> <input type="radio" name="avatar" value="/mages/smile.png" /> <img src="/images/smile.png" alt="1" /> <input type="radio" name="avatar" value="/images/smile.png" /> <img src="/images/smile.png" alt="1" /><br /> <label>Choose Your Side:</label> <input type="radio" name="side" value="A" />A <input type="radio" name="side" value="B" />B <div id="signclassb"> <div id="signclass"> Choose a Class: <ul><li><input type="radio" name="class" value="A" /> A</li> <li><input type="radio" name="class" value="B" /> B</li> <li><input type="radio" name="class" value="C" /> C</li></ul> </div> </div> <input type="submit" value="Sign Up" name="register" class="signsub" /> </form> </div> </div> </body> </html> Similar TutorialsHello i have this registration script.
I need help adding mybb forum user check to here. That script checks your insterted user and pw is it correct.
Script attached.
Attached Files
rega.php 9.52KB
2 downloads Hi all, I'm starting with php and I've made a Registration Script here's the code Code: [Select] <?php include("skrypty PHP/baza.php"); include("skrypty PHP/funkcjewalidacji.php"); if(isset($_POST['Rejestruj'])) { $username = $_POST['username']; $email = $_POST['email']; $password = $_POST['password']; $password_confirm = $_POST['password_confirm']; $firstname = $_POST['firstname']; $lastname = $_POST['lastname']; $data = $_POST['data']; $telefon = $_POST['telefon']; $ulica = $_POST['ulica']; $miasto = $_POST['miasto']; $wojewodztwo = $_POST['wojewodztwo']; $Nr_domu = $_POST['Nr_domu']; $Nr_mieszkania = $_POST['Nr_mieszkania']; $Kod_pocztowy = $_POST['Kod_pocztowy']; $regulamin1 = $_POST['regulamin1']; $regulamin2 = $_POST['regulamin2']; if ((compare($password,$password_confirm)) && (!(walidacja_email($email))) && (!(czywypelnione($firstname))) && (!(czywypelnione($lastname))) && (!(czywypelnione($telefon))) && (!(czywypelnione($ulica))) && (!(czywypelnione($miasto))) && (!(czywypelnione($wojewodztwo))) && (!(czywypelnione($Nr_domu))) && (!(czywypelnione($Kod_pocztowy))) && (sprawdzCheckbox($regulamin1)) && (sprawdzCheckbox($regulamin2)) && wal($username)) { ///// filtrujemy dane $username = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($username)))); $email = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($email)))); $password = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($password)))); $password_confirm = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($password_confirm)))); $firstname = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($firstname)))); $lastname = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($lastname)))); $data = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($data)))); $telefon = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($telefon)))); $ulica = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($ulica)))); $miasto = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($miasto)))); $wojewodztwo = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($wojewodztwo)))); $Nr_domu = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($Nr_domu)))); $Nr_mieszkania = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($Nr_mieszkania)))); $Kod_pocztowy = trim(strip_tags( mysql_real_escape_string(HTMLSpecialChars($Kod_pocztowy)))); $password = md5($pass); $query = "INSERT INTO `rejestr` (`username`, `email`, `password`, `firstname`, `lastname`, `data`, `telefon`, `ulica`, `miasto`, `wojewodztwo`, `Nr_domu`, `Nr_mieszkania`, `Kod_pocztowy`) VALUES ('$username', '$email', '$password', '$firstname', '$lastname', '$data', '$telefon', `$ulica`, '$miasto', '$wojewodztwo', '$Nr_domu', '$Nr_mieszkania', '$Kod_pocztowy')"; if(mysql_query($query)) { $mesage = 'Rejestraca Zakoñczona Powodzeniem'; } } } else { mysql_error(); } if (!compare($password,$password_confirm) && (!($_POST['$password'] == $_POST['$password_confirm'])) && (isset($_POST['Rejestruj'])) ){ $mesage='Wprowadzone has³a nie s± identyczne'; } elseif (!sprawdzCheckbox($regulamin1) && (isset($_POST['$regulamin1'])) ) { $mesage='Wymagana akceptacja regulaminu';} elseif (!sprawdzCheckbox($regulamin2) && (isset($_POST['$regulamin2'])) ) { $mesage='Wymagana akceptacja na przetwarzanie';} elseif (czywypelnione($username) && (isset($_POST['Rejestruj']))) { $mesage='Wype³nij Wszystkie dane';} elseif (czywypelnione($email) && (isset($_POST['Rejestruj']))) { $mesage='Wype³nij Wszystkie dane';} elseif (czywypelnione($firstname) && (isset($_POST['Rejestruj']))) { $mesage='Wype³nij Wszystkie dane';} elseif (czywypelnione($lastname) && (isset($_POST['Rejestruj']))) { $mesage='Wype³nij Wszystkie dane';} elseif (czywypelnione($data) && (isset($_POST['Rejestruj']))) { $mesage='Wype³nij Wszystkie dane';} elseif (czywypelnione($telefon) && (isset($_POST['Rejestruj']))) { $mesage='Wype³nij Wszystkie dane';} elseif (czywypelnione($ulica) && (isset($_POST['Rejestruj']))) { $mesage='Wype³nij Wszystkie dane elseif (czywypelnione($miasto) && (isset($_POST['Rejestruj']))) { $mesage='Wype³nij Wszystkie dane';} elseif (czywypelnione($wojewodztwo) && (isset($_POST['Rejestruj']))) { $mesage='Wype³nij Wszystkie dane';} elseif (czywypelnione($Nr_domu) && (isset($_POST['Rejestruj']))) { $mesage='Wype³nij Wszystkie dane';} elseif (czywypelnione($Kod_pocztowy) && (isset($_POST['Rejestruj']))) { $mesage='Wype³nij Wszystkie dane';} elseif (!wal() && (isset($_POST['Rejestruj'])) ) { $mesage = 'Podany login jest ju¿ zajêty';} // mysql_close(); ?> I'm sorry but it's in polish because I'm from Poland , but i hope you'll understand it. When i complete the form there's nothing happens. What's the problem ? MOD EDIT: manual tags changed to code tags . . . Ok Here is my Problem the following works great except it does not add the $user var to the account_details. As well as outputs md5 wrong it outputs something but its different than the password should be. Heres my PHP code: Code: [Select] <?php session_start(); /** * @author Brian T. Flores * @copyright 2010 - 2014 */ error_reporting(E_ALL); $conn = mysql_connect($db_host, $db_user, $db_pass) or die ('Error connecting to mysql'); mysql_select_db($db_name); if($_GET['goahead']==1){ // If GoAhead Is set if(isset($_GET['user'])){ // If isset GoAhead $user = mysql_real_escape_string($_GET['user']); // Clean User for Transfer. $user_check = mysql_query("SELECT * FROM `account_details` WHERE `username01` = '$user'"); // Check to see if username is taken. $ucount = mysql_num_rows($user_check); // Get Username Check Count if($ucount!=""){ // If Username is Taken. die(3); // Die Error Number 3 } // End If Username is Taken. if(isset($_GET['pass'])){ // If password is set. $pass = mysql_real_escape_string($_GET['pass']); // Clean Password for Transfer. $encPass = md5($pass); // Encrypt Password if(isset($_GET['race'])){// If Race is Set. $race = mysql_real_escape_string($_GET['race']); // Clean Race for Transfer. if(isset($_GET['email'])){ // If Email is set. $email = mysql_real_escape_string($_GET['email']); // Clean Email for Transfer. $email_check = mysql_query("SELECT * FROM `account_details` WHERE `email` = '$email'");// Check to see if Email is Taken. $ecount = mysql_num_rows($email_check); // Get Email Check Count. if($ecount!=""){ // If Email is Taken. die(2); // Die Error Number 2 } // End If Email is Taken. if(isset($_GET['email2'])){ // If email confirmation is set. $email2 = mysql_escape_string($_GET['email2']); // Clean Email Confirmation for Transfer. if($email == $email2){ // If emails match. if(isset($_GET['planet'])){ // If Planet Name is Set. $pname = mysql_real_escape_string($_GET['planet']); // Clean Planet Name for Transfer. if(isset($_GET['security_code'])){ // If Security Code Input is set. $security_code = mysql_real_escape_string($_GET['security_code']); // Clean Security Code. $security_enc = md5($security_code); // Encrypt Security Code. $security_code2 = $_SESSION['image_random_value']; // Get Security Code Session if($security_enc == $security_code2){ // If Codes Match. $randActive = rand(11111111111111111111,99999999999999999999); // Get Activation Link pre-encrypt. $activation_link = md5($randActive); // Get Encrypted Activation Link. $q = "INSERT INTO `account_details` (`username01`, `password01`, `loggedIn`, `currentlyLogged`, `active`, `activelink`, `race`, `email`) VALUES ('$user', '$encPass', 0, 0, 0, '$activation_link', '$race', '$email');"; // ^ Add Account Query. $res = mysql_query($q) or die("Error Detected! <br />".mysql_error()); // ^ Add Account to SQL. $q = mysql_query("SELECT * FROM `account_details` WHERE `username01` = '$user'")or die(mysql_error()); // ^ Get Information from New Account. $newuserinfo = mysql_fetch_array($q);// Get New User Information $id = $newuserinfo['id']; // Set New Account Id. $q="INSERT INTO `planets` (`owner`, `name`, `recource1`, `recource2`, `recource3`, `recource4`, `recource5`, `turns_01`, `untrained_units_01`, `attackers_01`, `defenders_01`, `miners_01`, `covert_01`, `anticovert_01`, `ship_01`, `ship_02`, `ship_03`, `ship_04`, `ship_05`, `ship_06`, `ship_07`, `building01`, `building02`, `building03`, `building04`, `building05`, `building06`, `building07`, `building08`, `building09`) VALUES ('$id', '$pname', 35000, 15000, 12000, 135000, 125000, 220, 150, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0);"; // ^ Add Planet Query. $res2 = mysql_query($q) or die("Error Detected! <br />".mysql_error()); // Add Planet to SQL. $body = " Hello ".$user.", Congradulations! Your account on Ultimate Conquest has been Registed Today! Click the following Link to Activate Account: http://testing.ultimateconquest.net/activate.php?code=".$activation_link." If you have not registered an account and have found this message in error please click the following link to report this error: http://testing.ultimateconquest.net/errorreg.php?account=".$user." Thank you for registering for Ultimate Conquest - ULC, Head Admin Brian Flores AKA Photonic.... "; // Activation Email Information. if (mail($email, "Activate your ULC Ultimate Conquest Account! No-Reply!", $body)) { // If Email Is Sent. die("1"); // Die Error Number 1 } // End Send Email }else{ // If Security Codes do Not Match. die("12"); // Die Error Number 12 } }else{ // If Security Code is Not Set die("11"); // Die Error Number 13 } }else{ // If Planet Name is Not Set. die("10"); // Die Error Number 10. } }else{ // If Emails do not match. die("9"); // Die Error Number 9. } }else{ // If email confirmation is not set. die("8"); // Die Error Number 8. } }else{ // If email is not set. die("7"); // Die Error Number 7. } }else{ // If race is not set. die("6"); // Die Error Number 6. } }else{ // If Password is not set. die("5"); // Die Error Number 5. } }else{ // If Username is not set. die("4"); // Die Error Number 4. } }else{ // If GoAhead is Not Set. die("Go Ahead Not Established By Game System!"); } ?> Here is the Register Function in Javascript: Code: [Select] function regMast(){ var user = document.getElementById('username_client').value; var pass = document.getElementById('password_client').value; var race1 = document.getElementById('races1').value; if(race1 !=""){var race = document.getElementById('races1').value;} var race2 = document.getElementById('races2').value; if(race2 !=""){var race = document.getElementById('races2').value;} var race3 = document.getElementById('races3').value; if(race3 !=""){var race = document.getElementById('races3').value;} var race4 = document.getElementById('races4').value; if(race4 !=""){var race = document.getElementById('races4').value;} var planet_name = document.getElementById('pname').value; var email = document.getElementById('email').value; var email2 = document.getElementById('email2').value; var security_code = document.getElementById('security_code').value; var ajaxRequest; // The variable that makes Ajax possible! try{ // Opera 8.0+, Firefox, Safari ajaxRequest = new XMLHttpRequest(); } catch (e){ // Internet Explorer Browsers try{ ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try{ ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e){ // Something went wrong alert("Your browser broke!"); return false; } } } // Create a function that will receive data sent from the server ajaxRequest.onreadystatechange = function(){ if(ajaxRequest.readyState == 4){ var returni = ajaxRequest.responseText; if(returni == "1"){ document.getElementById('reg_error').innerHTML = 'Registration Completed! Check Activation Email for more information.'; } if(returni == "2"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Email Address Already Taken!'; } if(returni == "3"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Username Already Taken!'; } if(returni == "4"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Username Field Empty!'; } if(returni == "5"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Password Field Empty!'; } if(returni == "6"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! You must select a race!'; } if(returni == "7"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Email Field Empty!'; } if(returni == "8"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Email Confirmation Field Empty!'; } if(returni == "9"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Emails did not Match!'; } if(returni == "10"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Planet Name Field Empty!'; } if(returni == "11"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! You did not Input the Security Code!'; } if(returni == "12"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! The Security Code you Inputed did not Match the Image!'; }else{ document.getElementById('reg_error').innerHTML = returni; } } } var queryString = "?goahead=1&user=" + user + "&pass=" + pass + "&race=" + race + "&email=" + email + "&email2=" + email2 + "&security_code=" + security_code + "&planet=" + planet_name; ajaxRequest.open("GET", "register.php" + queryString, true); ajaxRequest.send(null); } This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=305698.0 You can see exactly whats its doing at www.digitaldesignersmall.com/reg/register.php Stuff just isnt working and even when i purposely try to make a error occur its not going to the right place Code: [Select] <?php include('connection.php'); $test1=$_POST['firstname']; $test2=$_POST['lastname']; $test3=$_POST['username']; if (!eregi("([^A-Za-z0-9])",$test1)){ if (!eregi("([^A-Za-z])",$test2)){ if (!eregi("([^A-Za-z])",$test3)){ $query="SELECT * FROM merchants WHERE username = '$_POST(username)'"; $result=mysql_query($query); $num=mysql_num_rows($result); if ($num == 0) { $query1="SELECT * FROM merchants WHERE email = '$_POST(email)'"; $result1=mysql_query($query1); $num1=mysql_num_rows($result1); if ($num1 == 0) { if (($_POST['password']==$_POST['password1'])&&($_POST['email']==$_POST['email1'])) { $name=strip_tags($_POST['username']); $first=strip_tags($_POST['firstname']); $last=strip_tags($_POST['lastname']); $pass=strip_tags($_POST['password']); $country=strip_tags($_POST['country']); $address=strip_tags($_POST['address']); $email=strip_tags($_POST['email']); $city=strip_tags($_POST['city']); $zip=strip_tags($_POST['zipcode']); $state=strip_tags($_POST['state']); $phone=strip_tags($_POST['phonenumber']); $aql="INSERT INTO merchants SET username='$name', firstname='$first', lastname='$last', email='$email', Country='$country', zipcode='$zip', password='$pass', city='$city', state='$state', phonenumber='$phone', address='$address'"; $result=mysql_query($sql); if ($result){ header("location:http://www.digitaldesignersmall.com/ffx.html"); } else { header("location:http://www.digitaldesignersmall.com/fff.html"); } } else{ header("location:http://www.digitaldesingersmall.com/afx.html"); } } else { header("location:http://www.digitaldesingersmall.com/afx.html"); } } else{ header("location:http://www.digitaldesignersmall.com/cxs.html"); } } else{ header("location:http://www.digitaldesignersmall.com/cxs.html"); } } else{ header("location:http://www.digitaldesignersmall.com/cxs.html"); } } ?> MOD EDIT: [code] . . . [/code] tags added. Hi guys, I have this registration form, for some reasons it just gives me "please all fields" on registration, can u help me see where im wrong please? thanks in advance code is attached below: Code: [Select] <?php //php form registration starts here if(isset($_POST['register'])){ $title=strip_tags($_POST ['title']); $firstname=strip_tags($_POST['firstname']); $surname=strip_tags($_POST['surname']); $email=strip_tags($_POST ['email']); $reemail=strip_tags($_POST ['reemail']); $password=strip_tags($_POST ['password']); $repassword=strip_tags($_POST ['repassword']); $street=strip_tags($_POST ['street']); $city=strip_tags($_POST ['city']); $postcode=strip_tags($_POST ['postocde']); $telephone=strip_tags($_POST ['telephone']); if($title && $firstname && $surname && $email && $reemail && $password && $repassword && $street && $city && $postcode && $telephone) { $getemails=mysql_query("SELECT * FROM member WHERE email='$email'"); $row=mysql_fetch_assoc($getemails); if(mysql_num_rows($getemails) > 0) { echo "This email is already registered in our database"; } else { if($email!=$reemail) echo "Your Emails do not match"; } if($password!=$repassword) { echo "Passwords do not match"; } else { $confirmedpass=md5($password); $submitusers= mysql_query("INSERT INTO members (title,Firstname,Surname,Street,City,Postcode,EmailAddress,Password, TelephoneNo,Credit) VALUES ('$title','$firstname','$surname','$street','$city','$postcode','$email','$confirmedpass','$telephone','0')"); } } else {echo "Please fill All required fields";} } ?> Hi, Im currently working on a website for a friend. The whole system works but registration is a bit dodgy. most of the time I have to add users via the backend as it throws up error messages. Can some one please look through my code and tell me what im doing wrong. Code: [Select] <?php session_start(); $page_title = 'Register'; include("includes/header.php");?> <!--main Nav--> <?php include('includes/mainNav.php'); ?> <!--Section Title--> <h1><?php echo $page_title; ?></h1> <!--primary Content--> <div id="primaryContent"> <h2><span class="RedGbColor">Subscribe Now</span></h2> <p><br /> Register here and create your profile and to attend an event of your choice (link please).<br /> </p> </div> <!--Main Content--> <div id="mainContent"> <?php $username = $_SESSION['cre_email']; $idg = $_GET['id']; $ids = $idg; $_SESSION['id'] = $ids; //grabs the variables $title = $_POST['title']; $gender = $_POST['gender']; $fname = $_POST['fname']; $lname = $_POST['lname']; $mobile = $_POST['mobile']; $email = $_POST['email']; $password = $_POST['password']; $cpassword = $_POST['cpassword']; $add1 = $_POST['add1']; $add2 = $_POST['add2']; $add3 = $_POST['add3']; $add4 = $_POST['add4']; $pcode = $_POST['pcode']; $dd = $_POST['day']; $mm = $_POST['month']; $yyyy = $_POST['year']; $news = $_POST['newsopt']; $market = $_POST['market']; $today = date(mdY); $tmp = explode(':', $title); $cust_gender = $tmp[0]; $cust_title = $tmp[1]; $male_status = $_POST[male_status]; $female_status = $_POST[female_status]; //debug info //error_reporting(E_ALL); //print_r($_GET); //print_r($_POST); //print_r($_SESSION); if ($_SESSION['loggedin'] == 1) { // logged in echo "<script language=\"JavaScript\">window.location='index.php'</script>"; exit(); } else { $month = array( array("01","Jan"), array("02","Feb"), array("03","Mar"), array("04","Apr"), array("05","May"), array("06","Jun"), array("07","Jul"), array("08","Aug"), array("09","Sep"), array("10","Oct"), array("11","Nov"), array("12","Dec") ); echo (' <h2><span class=\"RedGbColor\">Please take a few minutes to register.</span></h2> <div id=\"form1\"> <form action='validFormRegister.php?id=$idg' method=\"post\" enctype=\"multipart/form-data\"> <table width=\"380\"> <tr class=\"formText\"> <td width=\"152\" valign='bottom' style='padding-top:4px;'><label class=\"small\" for='gender'>Gender:</label><em>*</em></td> <td width=\"222\" class='small' style='padding-top:4px;'><input type='radio' name='gender' value='m' $male_status tabindex=\"1\">male <input type='radio' name='gender' value='f' $female_status>female </td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for='fname'>First Name:</label><em>*</em></td> <td><input name=\"fname\" size=\"25\" tabindex=\"2\" maxlength=\"25\" class=\"txtbx\" value=\"$fname\"></td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for='lname'>Last Name:</label><em>*</em></td><td><input name=\"lname\" value='$lname' size=\"30\" maxlength=\"30\" tabindex=\"3\" class=\"txtbx\"> </td> <tr> <td height=\"29\" colspan=\"2\"><hr /></td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for='mobile'>Mobile/Phone:</label><em>*</em></td><td><input name=\"mobile\" value='$mobile' size=\"12\" tabindex=\"4\" maxlength=\"12\" class=\"txtbx\"></td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for=\"email\">Email Address:</label><em>*</em> </td> <td><input name=\"email\" size=\"25\" tabindex=\"5\" value='$email' maxlength=\"100\" class=\"txtbx\"> </td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"password\">Password:</label><em>*</em></td><td><input type=\"password\" name=\"password\" size=\"12\" maxlength=\"14\" tabindex=\"6\" class=\"txtbx\"> <a href=\"javascript:alert('Your password must be between 4 and 14 characters long.')\"><small>HELP</small></a> </td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"cpassword\">Confirm Password:</label><em>*</em></td><td><input type=\"password\" name=\"cpassword\" size=\"12\" maxlength=\"14\" tabindex=\"7\" class=\"txtbx\"> <a href=\"javascript:alert('Your password must be between 4 and 14 characters long.')\"><small>HELP</small></a> </td> </tr> <tr> <td height=\"29\" colspan=\"2\"><hr /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add1\">House Name:</label> </td> <td><input name=\"add1\" type=\"text\" tabindex=\"8\" class=\"txtbx\" value='$add1' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add2\">Street Address:</label> </td> <td><input name=\"add2\" type=\"text\" tabindex=\"9\" class=\"txtbx\" value='$add2' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add3\">Town:</label> </td> <td><input name=\"add3\" type=\"text\" tabindex=\"10\" class=\"txtbx\" value='$add3' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add4\">County:</label> </td> <td><input name=\"add4\" type=\"text\" tabindex=\"11\" class=\"txtbx\" value='$add4' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"pcode\">Post Code:</label> </td> <td><input name=\"pcode\" type=\"text\" tabindex=\"12\" class=\"txtbx\" value='$pcode' /></td> </tr> <tr> <td height=\"29\" colspan=\"2\"><hr /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"market\">How did you hear of us?</label> </td> <td><select name=\"market\" id=\"market\" tabindex=\"13\"> <option value='$market' selected>$market</option> <option value='internet'>Internet search</option> <option value='friend'>Friend recommended</option> <option value='dating site'>Dating site</option> <option value='Gay press'>Gay press</option> <option value='Time Out'>Time Out</option> <option value='Flyer'>Flyer</option> <option value='previous customer'>Previous attendance</option> <option value='other'>Other</option> </select></td> <td> </td> </tr> <tr class=\"formText\"><td><label class=\"small\" for=\"day\">Date </label><label class=\"small\" for=\"Month\"> of </label><label class=\"small\" for=\"Year\"> Birth:</label></td> <td> <select name=\"day\" id=\"day\" tabindex=\"14\"> <option value='$dd'>$dd</option> "); for($i=1; $i<32; $i++) { echo "<option value=\"".$i."\">".$i."\n"; } echo (" </select> <select name=\"month\" id=\"month\" tabindex=\"15\"> <option value='$mm'>$mm</option> "); for($i=0; $i<12; $i++) { echo "<option value=\"".$month[$i][0]."\">".$month[$i][1]."\n"; } echo (" </select> <select name=\"year\" id=\"year\" tabindex=\"16\"> <option value='$yyyy'>$yyyy</option> "); for($i=1944; $i<1991; $i++) { echo "<option value=\"".$i."\">".$i."\n"; } echo (" </select> </td> <td> </td> </tr> <tr class=\"formText\"> <td><label for=\"photo\">Upload a photo</label></td> <td><input name=\"photo\" type=\"file\" tabindex=\"17\"></td> <tr> <td></td> <td>MAX FILE SIZE : 1MB <a href=\"javascript:alert('Please upload a photo of yourself. Optimum size is 640 pixels wide by 480 pixels high. Maximum file size of 1MB.')\"><small>HELP</small></a><br /><br /> </td> <tr class=\"formText\"> <td><label for=\"newsopt\">I wish to receive newsletters</label> </td> <td> <input name=\"newsopt\" type=\"checkbox\" tabindex=\"18\" id=\"newsOpt\" value='1' checked /> </td> <td> </td> </tr> <tr> <td> </td> <td> <input type=\"submit\" tabindex=\"19\" value=\"Continue\" class=\"btn_sm_left\" id=\"submitBtn\" onclick='this.disabled=true;this.value=\"Please Wait\";document.forms[1].submit();' style='width:120px;'/> <input type=\"reset\" value=\"Reset\" class=\"btn_sm_left\" /></td> <td> </td> </tr> </table> </form> <p class='pink2'><strong>Note</strong>: Fields marked with an <em>asterix (*)</em> are required.</p> '); } ?> </div> </div> <!--primary Content--> <div id="primaryContent"> <!--Login--> <?php include('includes/login.php'); ?> </div> <!--Footer--> <?php include('includes/footer.php'); ?> </div> </div> </body> </html> i am trying to set up a website for a school function. i have the register page up and running but i would like to make it so only people with a school email address may register. i.e name@school.edu I have looked through a lot of forms, but have yet to find the answer. Everything that i have found doesn't work. Thanks New to php and starting to feel way in over my head. Please help, point me in the right direction here. How do i create a new folder with a index.html like (www.mydomain.com/NEWUSER/index.html) when a user registers for my site and have it do live check for AVAILABILITY? I want to give my users a unique url for there profile. how then do i automate the creation of x.com/newuser/index.html and write it with the users input from my database at the same time? Im trying to build mysql php user registration. For some reason i cannot insert values into my database. Code: [Select] <?php $submit = $_POST['submit']; $fullname = strip_tags($_POST['fullname']); $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); // Connect the database $connection = mysql_connect("bla", "bla", "bla") or die ("Could not connect"); mysql_select_db("my_db", $connection); // mysql query $query = "INSERT INTO users VALUES (''. 'fullname', 'username', 'password')"; mysql_query($query); echo "You have successfully registered"; ?> Any help spotting the error would be appreciated! I'm making a registration form and i want to add a user when i click the registration button, but the user can not already be in the database, i set the user to be unique inside of the database and when i try to add a new user it gives an error message, but instead of that error message i would like to input please enter another user-name or user already exist something like that the error message says duplicate entry 'username' inside of db basically... can someone help me with this ? Hi Guys, This is really stumping me here lol i have set my registration page code to email me when a user signs up (once its entered in the database) code: Code: [Select] <?php if (isset($_POST['submitSignUp'])) { // Errors array() $errors = array(); // POST vars $fName = mysql_real_escape_string($_POST['fname']); $lName = mysql_real_escape_string($_POST['lname']); $email = mysql_real_escape_string($_POST['email']); $pass1 = mysql_real_escape_string($_POST['pass1']); $pass2 = mysql_real_escape_string($_POST['pass2']); $cntry = mysql_real_escape_string($_POST['cntry']); // Does passwords match if ($pass1 != $pass2) { $errors[] = "Your passwords don't match."; } // Potential errors // Empty fields if (empty($fName) || empty($lName) || empty($email) || empty($pass1) || empty($pass2)) { $errors[] = "You never filled in all the fields."; } else { // Does user exist? $result = mysql_query("SELECT * FROM `dig_customers` WHERE `email`='$email' LIMIT 1"); if (mysql_num_rows($result) > 0) { $errors[] = "The e-mail address <b>$email</b> has already been registered."; } else { // Empty for now... } } // display errors if any exist if (count($errors) > 0) { print "<div id=\"errorMsg\"><h3>Ooops! There was error(s)</h3><ol>"; foreach($errors as $error) { print "<li>$error</li>"; } print "</ol></div>"; } else { print "<div id=\"okMsg\"><p>All done :) you can now sign in.</p></div>"; // Encrypt the password before insertion $encPass = md5($pass1); // Insert into the database $q = mysql_query("INSERT INTO `dig_customers` (`id`, `password`, `password_unencrypted`, `gender`, `title`, `first_name`, `last_name`, `address`, `city`, `state_county`, `post_zip_code`, `country`, `email`, `home_number`, `mobile_number`, `news_letter`, `special_offers`, `admin_level`, `registered`) VALUES ('', '$encPass', '$pass1', 'NULL', 'NULL', '$fName', '$lName', 'NULL', 'NULL', 'NULL', 'NULL', '$cntry', '$email', 'NULL', 'NULL', 'NULL', 'NULL', 'N', NOW())"); if ($q) { // Alert on signup send_graham_email("User Has Signed Up!"); } } } ?> When i do a test signup on: http://www.digicures.com/sign-up.php everything works great i get an email and the entry is saved in the database, over the paste week or so i have had about 8 emails saying people have signed up but when i check the database there nothing there! i can't understand it, only when the insert query is true should it send me the mail eh? can anyone see any problems with the code at all? cheers guys Graham Hi, I wonder whether someone may be able to help me please. I'm fairly new to PHP so please bear with me. I'm trying to put together a script which bascially creates a hierarchical tree of folders upon a new account being created by a user. I would like to take the 'username' that the user registers with to use as the name for the first folder, then, create a folder at the second level called 'images' and then finally, a folder within that called 'thumbs'. From the research that I've done, I believe that I need to use the 'mkdir' command, but I can't find a very straight forward tutorial. I just wondered whether someone could perhaps please help me out with this, so that I at least have a good solid starting point. I have a page for event registration and I have subevents that will have a check mark by them. how do i make it so that a check mark only appears if a subevent is present? This is related to my post http://www.phpfreaks.com/forums/index.php/topic,307907.msg1455208.html#msg1455208 I have never programmed using OOP, and I am unsure where to start. All of the tutorials and books I have read use stupid examples that don't seem to help you "in the real world"?! So I want to write my first bit of PHP OOP to register Customers for my website. I think having a "Registration" class makes sense, but I'm not sure how to tie that to my website. If I write an HTML webpage and on it I have a Form where users can enter registration info, then how do I tie that "static" and/or "procedural" code to my OOP? I was thinking of having it so that when a user clicks the "Register" button that I call a PHP file that has my Registration class and I first instantiate it so that the user has his/her own "Registration object". From there, maybe I could call a method in Registration that actually registers the user. (Or maybe I can just do that during instantiation?!) Can someone help me out here? TomTees Currently I'm trying to get a registration form to work adding a username and password into a database. That bit I understand and have managed to do aswell as getting the password to hash using the line below: $hashed = password_hash($password, PASSWORD_DEFAULT);
What I'm trying to do now is have the passwords check to see if they are the same, if so the user is able to register, if not they are sent back to the registration page(which was working before I started tampering with the next bit). I also want to checkto see if the username is taken, the following code is what I have so far:
<?php
session_start();
/* Attempt MySQL server connection. Assuming you are running MySQL
server with default setting (user 'root' with no password) */
$link = mysqli_connect("localhost", "root", "", "rockinrochester");
// Check connection
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
$sql= mysql_query("SELECT FROM register (username, password) WHERE username=$username");
if(mysql_num_rows($sql)>=1)
{
echo"name already exists";
}
else
{
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$hashed = password_hash($password, PASSWORD_DEFAULT);
if($password != $password2) { //checks to see if passwords match, if they don't it redirects person back to registration form
header('Location: register.php');
echo "passwords didn't match";
}
else {
$sql = "INSERT INTO register (username, password) VALUES ( '$username','$hashed')"; // if passwords match inputs them into database
}
if(mysqli_query($link, $sql)){
header('Location: registered.php'); // if it works relocated person to registered.html
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); // if it fails it prints an error message
}
// Close connection
mysqli_close($link);
}
?>
<?php
session_start();
/* Attempt MySQL server connection. Assuming you are running MySQL
server with default setting (user 'root' with no password) */
$link = mysqli_connect("localhost", "root", "", "rockinrochester");
// Check connection
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$hashed = password_hash($password, PASSWORD_DEFAULT);
$sql = mysql_query("SELECT FROM register(username, password, ) WHERE username=$username");
if(mysql_num_rows($sql)>=1)
{
echo"name already exists";
}
else{
if($password != $password2) { //checks to see if passwords match, if they don't it redirects person back to registration form
header('Location: register.php');
echo "passwords didn't match";
}
else {
$sql = "INSERT INTO register (username, password) VALUES ( '$username','$hashed')"; // if passwords match inputs them into database
}
if(mysqli_query($link, $sql)){
header('Location: registered.php'); // if it works relocated person to registered.html
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); // if it fails it prints an error message
}
// Close connection
mysqli_close($link);
}
?>
at the minute It's throwing back the following error Quote
Edited April 4, 2019 by dylfs changing code Hey guys!
I'm sorry if this wrong section to post this, but this one was the most reasonable to ask.
So I'm looking for a guy who could program a system for my website. It's gonna be a site where people can register and join the raffles.
The raffles will work on a ticket system where you have to buy a ticket to join a competition. The registration has to be safe and same as raffle without any bugs etc..
Will give more info when you write me down!
If you are intrested you can add me on skype: mikinjsh95
Or send an email on: miks.silins@outlook.com
I will pay for the code, no doubt! Will pay half money and when the script is done will pay the rest!
Hi Can anyone help with this problem it seems very simple, I am not an experienced PHP coder but keen to progress. I am trying to create a User Registration project but have a problem. every time I try to login using mysqli_fetch_assoc it drops through to my error Invalid Email /Password it seems that the mysqli code is not working correctly but I do not understand this function enough can anyone help. I have attached the coding if this helps. This is the function
function Login_Attempt($Email,$Password){
This is the code I am using Login.php
<?php require_once("Include/Session.php"); ?>
<br><input type="Submit" Name="Submit" value="Login"><br> Hope this Helps Ossieboy
I'm using an open source registration and login validation system. I've got it working well, apart from I've discovered when adding check if username is taken, it has broken the script and allows duplicate usernames and email addresses: Code: [Select] <?php include ('database_connection.php'); if (isset($_POST['formsubmitted'])) { $error = array();//Declare An Array to store any error message if (empty($_POST['name'])) {//if no name has been supplied $error[] = 'Please Enter a name ';//add to array "error" } else { $name = $_POST['name'];//else assign it a variable } if (empty($_POST['e-mail'])) { $error[] = 'Please Enter your Email '; } else { if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['e-mail'])) { //regular expression for email validation $Email = $_POST['e-mail']; } else { $error[] = 'Your EMail Address is invalid '; } } if (empty($_POST['Password'])) { $error[] = 'Please Enter Your Password '; } else { $Password = $_POST['Password']; } if (empty($error)) //send to Database if there's no error ' { // If everything's OK... // Make sure the email address is available: $query_verify_email = "SELECT * FROM members WHERE Email ='$Email'"; $result_verify_email = mysqli_query($dbc, $query_verify_email); if (!$result_verify_email) {//if the Query Failed ,similar to if($result_verify_email==false) echo ' Database Error Occured '; } if (mysqli_num_rows($result_verify_email) == 0) { // IF no previous user is using this email . // Make sure the user is available: $query_verify_user = "SELECT * FROM members WHERE Username ='$name'"; $result_verify_user = mysqli_query($dbc, $query_verify_user); if (!$result_verify_user) { echo ' Database Error Occured '; } } if (mysqli_num_rows($result_verify_user) == 0) { // IF no previous user is using this user . // Create a unique activation code: $activation = md5(uniqid(rand(), true)); $query_insert_user = "INSERT INTO `members` ( `Username`, `Email`, `Password`, `Activation`, `res1`, `res2`, `ounit1`, `dunit1`) VALUES ( '$name', '$Email', '$Password', '$activation', '50000', '50000', '100', '100')"; $result_insert_user = mysqli_query($dbc, $query_insert_user); if (!$result_insert_user) { echo 'Query Failed '; } if (mysqli_affected_rows($dbc) == 1) { //If the Insert Query was successfull. // Send the email: $message = " To activate your account, please click on this link:\n\n"; $message .= WEBSITE_URL . '/activate.php?email=' . urlencode($Email) . "&key=$activation"; mail($Email, 'Registration Confirmation', $message, 'From: Admin@TheGameCo.Com'); // Flush the buffered output. // Finish the page: echo '<div class="success">Thank you for registering! A confirmation email has been sent to '.$Email.' Please click on the Activation Link to Activate your account </div>'; } else { // If it did not run OK. echo '<div class="errormsgbox">You could not be registered due to a system error. We apologize for any inconvenience.</div>'; } } else { // The email address is not available. echo '<div class="errormsgbox" >That email address or username has already been registered. </div>'; } } else {//If the "error" array contains error msg , display them echo '<div class="errormsgbox"> <ol>'; foreach ($error as $key => $values) { echo ' <li>'.$values.'</li>'; } echo '</ol></div>'; } mysqli_close($dbc);//Close the DB Connection } // End of the main Submit conditional. ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Game Name - Home</title> <link rel="stylesheet" type="text/css" href="style.css" /> </head> <body> <div id="container"> <div id="header"> <?php include("includes/header.php"); ?> </div> <div id="nav"> <?php include("includes/nav.php"); ?> </div> <div id="content"> <form action="index.php" method="post" class="registration_form"> <fieldset> <legend>Registration Form</legend> <p>Create A new Account<br />Already a member? <a href="login.php">Log in</a></p> <div class="elements"> <label for="name">Username:</label> <input type="text" id="name" name="name" size="25" /> </div> <div class="elements"> <label for="e-mail">E-mail:</label> <input type="text" id="e-mail" name="e-mail" size="25" /> </div> <div class="elements"> <label for="Password">Password:</label> <input type="password" id="Password" name="Password" size="25" /> </div> <div class="submit"> <input type="hidden" name="formsubmitted" value="TRUE" /> <input type="submit" value="Register" /> </div> </fieldset> </form> </div> <div id="footer"> <?php include("includes/footer.php"); ?> </div> </div> </body> </html> To add user verification I simply duplicated the email verification: Code: [Select] // Make sure the user is available: $query_verify_user = "SELECT * FROM members WHERE Username ='$name'"; $result_verify_user = mysqli_query($dbc, $query_verify_user); if (!$result_verify_user) { echo ' Database Error Occured '; } } if (mysqli_num_rows($result_verify_user) == 0) { // IF no previous user is using this user . Can anyone see where I've gone wrong? |
|||||||