|
PHP - Register Form - Confirm Password - Help
Hello,
I'm working on a register script, and basically I would like the user to repeat their password. And I would like PHP to compare the to passwords, and if they both match then it continues, whereas if they don't match it calls an error. Here is what I have so far: Form: Consists of 2 text fields - subpass, and subconfirmpass PHP: $field = "subpass"; if(!$subpass == $subconfirmpass){ $form->setError($field, "* Passwords do not match"); } $field is referring to the text fields in where the user inputs their password $form is keeping track of errors in user submitted forms and the form field values that were entered correctly. I would appreciate your help, Thanks Similar TutorialsI am trying to use the new way of validating the entered email in a register form. Code: [Select] /* REGISTER FORM */ // check if submit button has been clicked if (isset($_POST['submit_signup'])) { // process and assign variables after post submit button has been clicked $user_email = strip_tags(trim($_POST['email'])); $user_email = filter_var($user_email, FILTER_VALIDATE_EMAIL); $nickname = strip_tags(trim($_POST['nickname'])); $password = $_POST['password']; $repassword = $_POST['repassword']; $month = $_REQUEST['month']; $day = $_REQUEST['day']; $year = $_REQUEST['year']; $dob = $year . "-" . $month . "-" . $day; $find_us_question = strip_tags(trim($_POST['find_us_question'])); // connect to database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $check_query = "SELECT * FROM user WHERE nickname = '$nickname'"; $check_connect = mysqli_query($dbc, $check_query) or die(mysqli_error($dbc)); $check_count = mysqli_num_rows($check_connect); // Check if the email exists twice $query_get = "SELECT email FROM user WHERE email = '$user_email'"; $query_run = mysqli_query($dbc, $query_get); $num_rows = mysqli_num_rows($query_run); // check if username is already taken if ($check_count != 0) { echo "Username already exists!"; } elseif ($num_rows != 0) { echo "This email address is already registered in the database, you can not register it twice."; // check if fields are empty } elseif (empty($user_email) || empty($nickname) || empty($password) || empty($day) || empty($month) || empty($year)) { echo "Please fill out all the fields!"; // check char length of input data } elseif (strlen($nickname) > 30 || strlen($user_email) > 50) { echo "Maximum allowed character length for nickname/firstname/lastname are 30 characters!"; // check password char length } elseif (strlen($password) > 25 || strlen($password) < 6) { echo "Your password must be between 6 and 25 characters!"; // check if passwords match with each other } elseif ($password != $repassword) { echo "Please make sure your passwords are matching!"; } else { // encrypt password $password = sha1($password); I would like to implement now an error message stating something along the lines that the entered email address is not valid, how would I have to do the if statement to check the condition? This is my registering script: <?php include('connectvars.php'); $user_email = strip_tags(trim($_POST['email'])); $firstname = strip_tags(trim($_POST['firstname'])); $lastname = strip_tags(trim($_POST['lastname'])); $nickname = strip_tags(trim($_POST['nickname'])); $password = strip_tags($_POST['password']); $repassword = strip_tags($_POST['repassword']); $dob = $_POST['dob']; $find_us_question = strip_tags(trim($_POST['find_us_question'])); if (isset($_POST['submit_signup'])) { if ((empty($user_email)) || (empty($firstname)) || (empty($lastname)) || (empty($nickname)) || (empty($password)) || (empty($dob))) { echo "Please fill out all the fields!"; } else { // check char length of input data if (($nickname > 30) || ($firstname > 30) || ($lastname > 30) || ($user_email > 50)) { echo "Your nickname, first- and/or lastname seem to be too long, please make sure you have them below the maximum allowed length of 30 characters!"; } else { // check password char length if (($password > 25) || ($password < 6)) { echo "Your password must be between 6 and 25 characters!"; } else { // encrypt password $password = sha1($password); $repassword = sha1($repassword); if ($password != $repassword) { echo "Please make sure your passwords are matching!"; } else { $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $query = sprintf("INSERT INTO user (firstname, lastname, nickname, password, email, dob, doj) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', now())", mysqli_real_escape_string($dbc, $firstname), mysqli_real_escape_string($dbc, $lastname), mysqli_real_escape_string($dbc, $nickname), mysqli_real_escape_string($dbc, $password), mysqli_real_escape_string($dbc, $user_email), $dob); mysqli_query($dbc, $query); mysqli_close($dbc); echo "You have been successfully registered!"; } } } } } ?> A bunch of nested if statements, the read-ability gets worse after a while, I'm new to programming so I don't know if there's a better more read-able solution. Anyway, every time I try to sign up it's printing out the echo message: "Your password must be between 6 and 25 characters!" Which derives from: // check password char length if (($password > 25) || ($password < 6)) { echo "Your password must be between 6 and 25 characters!"; } else { EVEN if I stay between 6 and 25 characters it's still printing out this error message, let's say I have a password of 8 characters, and I've entered everything else correctly, it's still giving me all the time this error message, and I can not figure out why. Sorry for many posts, trying to make my website
When I press the register button on my website it will just act as if the page is refreshing and not send any information to mysql
I believe I have connected everything up correctly, can anyone tell my what I have done wrong please?
If you want to check out the website to see what is going on check out www.jokestary.comli.com
<?php
//This function will display the registration form
function register_form(){
$date = date('D, M, Y');
echo "<form action='?act=register' method='post'>"
."Username: <input type='text' name='username' size='30'><br>"
."Password: <input type='password' name='password' size='30'><br>"
."Confirm your password: <input type='password' name='password_conf' size='30'><br>"
."Email: <input type='text' name='email' size='30'><br>"
."<input type='hidden' name='date' value='$date'>"
."<input type='submit' value='Register'>"
."</form>";
}
//This function will register users data
function register(){
//Connecting to database
include('connect.php');
if(!$connect){
die(mysql_error());
}
//Selecting database
$select_db = mysql_select_db("database", $connect);
if(!$select_db){
die(mysql_error());
}
//Collecting info
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$pass_conf = $_REQUEST['password_conf'];
$email = $_REQUEST['email'];
$date = $_REQUEST['date'];
//Here we will check do we have all inputs filled
if(empty($username)){
die("Please enter your username!<br>");
}
if(empty($password)){
die("Please enter your password!<br>");
}
if(empty($pass_conf)){
die("Please confirm your password!<br>");
}
if(empty($email)){
die("Please enter your email!");
}
//Let's check if this username is already in use
$user_check = mysql_query("SELECT username FROM users WHERE username='$username'");
$do_user_check = mysql_num_rows($user_check);
//Now if email is already in use
$email_check = mysql_query("SELECT email FROM users WHERE email='$email'");
$do_email_check = mysql_num_rows($email_check);
//Now display errors
if($do_user_check > 0){
die("Username is already in use!<br>");
}
if($do_email_check > 0){
die("Email is already in use!");
}
//Now let's check does passwords match
if($password != $pass_conf){
die("Passwords don't match!");
}
//If everything is okay let's register this user
$insert = mysql_query("INSERT INTO users (username, password, email) VALUES ('$username', '$password', '$email')");
if(!$insert){
die("There's little problem: ".mysql_error());
}
echo $username.", you are now registered. Thank you!<br><a href=login.php>Login</a> | <a href=index.php>Index</a>";
}
switch($act){
default;
register_form();
break;
case "register";
register();
break;
}
?>
Here is the connect.php code
<?php
$hostname="mysql6.000webhost.com"; //local server name default localhost
$username="a5347792_users"; //mysql username default is root.
$password=""; //blank if no password is set for mysql.
$database="a5347792_users"; //database name which you created
$con=mysql_connect($hostname,$username,$password);
if(! $con)
{
die('Connection Failed'.mysql_error());
}
mysql_select_db($database,$con);
?>
Hello,
i got a problem with a part of my code :
<?php Hi everyone, im working on a e comm site as a project. I have a register.php page, and its supposed to check for the presence of posted data, and if data is not posted show a form block,and if posted data is present insert it into a database. However its not working,i get an unexpected } on line 114, where there is a }else{ . I've only been working with php a few days, but from what i've read the braces seem where they should be,can someone please tell me where the problem is? <script language="JavaScript" type="text/javascript" src="library/checkout.js"></script> <?php //set up a couple of functions function doDB() { global $mysqli; //connect to server and select database; you may need it $mysqli = mysqli_connect("localhost", "root", "", "onlinestore"); } //determine if they need to see the form or not if (!$_POST) { //they need to see the form, so create form block $display_block = " <form name=\"register\" method=\"post\"action=\"index.php?r=1\"\ id=\"register\"> <table width=\"550\" border=\"0\" align=\"center\" cellpadding=\"5\" cellspacing=\"1\" class=\"entryTable\"> <tr class=\"entryTableHeader\"> <td colspan=\"2\">Login Details</td> </tr> <tr> <td width=\"150\" class=\"label\">Email</td> <td class=\"content\"><input name\=\"txtEmail\" type=\"text\" class=\"box\" id=\"txtEmail\" size=\"30\" maxlength=\"50\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Password</td> <td class=\"content\"><input name=\"txtPassword\" type=\"password\" class=\"box\" id=\"txtPassword\" size=\"30\" maxlength=\"50\"></td> </tr> </table> <p> </p> <table width=\"550\" border=\"0\" align=\"center\" cellpadding=\"5\" cellspacing=\"1\" class=\"entryTable\"> <tr class=\"entryTableHeader\"> <td colspan=\"2\">Shipping Information</td> </tr> <tr> <td width=\"150\" class=\"label\">First Name</td> <td class=\"content\"><input name=\"txtShippingFirstName\" type=\"text\" class=\"box\" id=\"txtShippingFirstName\" size=\"30\" maxlength=\"50\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Last Name</td> <td class=\"content\"><input name=\"txtShippingLastName\" type=\"text\" class=\"box\" id=\"txtShippingLastName\" size=\"30\" maxlength=\"50\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Address1</td> <td class=\"content\"><input name=\"txtShippingAddress1\" type=\"text\" class=\"box\" id=\"txtShippingAddress1\" size=\"50\" maxlength=\"100\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Address2</td> <td class=\"content\"><input name=\"txtShippingAddress2\" type=\"text\" class=\"box\" id=\"txtShippingAddress2\" size=\"50\" maxlength=\"100\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Phone Number</td> <td class=\"content\"><input name=\"txtShippingPhone\" type=\"text\" class=\"box\" id=\"txtShippingPhone\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Area</td> <td class=\"content\"><input name=\"txtShippingState\" type=\"text\" class=\"box\" id=\"txtShippingState\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">City</td> <td class=\"content\"><input name=\"txtShippingCity\" type=\"text\" class=\"box\" id=\"txtShippingCity\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Post Code</td> <td class=\"content\"><input name=\"txtShippingPostalCode\" type=\"text\" class=\"box\" id=\"txtShippingPostalCode\" size=\"10\" maxlength=\"10\"></td> </tr> </table> <p> </p> <table width=\"550\" border=\"0\" align=\"center\" cellpadding=\"5\" cellspacing=\"1\" class=\"entryTable\"> <tr class=\"entryTableHeader\"> <td width=\"150\">Payment Information</td> <td><input type=\"checkbox\" name=\"chkSame\" id=\"chkSame\" value=\"checkbox\" onClick=\"setPaymentInfo(this.checked);\"> <label for=\"chkSame\" style=\"cursor:pointer\">Same as shipping information</label></td> </tr> <tr> <td width=\"150\" class=\"label\">First Name</td> <td class=\"content\"><input name=\"txtPaymentFirstName\" type=\"text\" class=\"box\" id=\"txtPaymentFirstName\" size=\"30\" maxlength=\"50\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Last Name</td> <td class=\"content\"><input name=\"txtPaymentLastName\" type=\"text\" class=\"box\" id=\"txtPaymentLastName\" size=\"30\" maxlength=\"50\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Address1</td> <td class=\"content\"><input name=\"txtPaymentAddress1\" type=\"text\" class=\"box\" id=\"txtPaymentAddress1\" size=\"50\" maxlength=\"100\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Address2</td> <td class=\"content\"><input name=\"txtPaymentAddress2\" type=\"text\" class=\"box\" id=\"txtPaymentAddress2\" size=\"50\" maxlength=\"100\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Phone Number</td> <td class=\"content\"><input name=\"txtPaymentPhone\" type=\"text\" class=\"box\" id=\"txtPaymentPhone\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Area</td> <td class=\"content\"><input name=\"txtPaymentState\" type=\"text\" class=\"box\" id=\"txtPaymentState\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">City</td> <td class=\"content\"><input name=\"txtPaymentCity\" type=\"text\" class=\"box\" id=\"txtPaymentCity\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Post Code</td> <td class=\"content\"><input name=\"txtPaymentPostalCode\" type=\"text\" class=\"box\" id=\"txtPaymentPostalCode\" size=\"10\" maxlength=\"10\"></td> </tr> </table> <p> </p> <p> </p> <p align=\"center\"> <input class=\"box\" name=\"btnStep1\" type=\"submit\" id=\"btnStep1\" value=\"Proceed >>\"> </p> </form>" } else { //connect to database doDB(); //add records $add_sql = "INSERT INTO tbl_customer (email) VALUES('".$_POST["txtEmail"]."')"; $add_sql = "INSERT INTO tbl_customer (password) VALUES('".$_POST["txtPassword"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_first_name) VALUES('".$_POST["txtShippingFirstName"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_last_name) VALUES('".$_POST["txtShippingLastName"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_address1) VALUES('".$_POST["txtShippingAddress1"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_address2) VALUES('".$_POST["txtShippingPhone"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_phone) VALUES('".$_POST["txtShippingState"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_city) VALUES('".$_POST["txtShippingCity"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_state) VALUES('".$_POST["txtShippingState"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_postal_code) VALUES('".$_POST["txtShippingPostalCode"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_first_name) VALUES('".$_POST["txtPaymentFirstName"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_last_name) VALUES('".$_POST["txtPaymentLastName"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_address1) VALUES('".$_POST["txtPaymentAddress1"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_address2) VALUES('".$_POST["txtPaymentPhone"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_phone) VALUES('".$_POST["txtPaymentState"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_city) VALUES('".$_POST["txtPaymentCity"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_state) VALUES('".$_POST["txtPaymentState"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_postal_code) VALUES('".$_POST["txtPaymentPostalCode"]."')"; $add_res = mysqli_query($mysqli, $add_sql) or die(mysqli_error($mysqli)); $display_block = "<p>Thanks for signing up!</p>"; } ?> ok, so I have this code for my event registration page......I need to make this event register button dissapear after the date has passed.......can I do this using dd/mm/yyyy or do i need yyyy-mm-dd? here is the codeif ($reg_end == date("F",strtotime("+1 month"))){ echo "<form action='registration.php' method='get'><input type='hidden' name='eventid' value='{$row['eventid']}'><INPUT TYPE='submit' name='submit' VALUE='Register'></form>\n";} else{echo "No longer accepting registrations";} also I need to know how to modify the red code to do this........thanks in advance.......btw I will have field call reg_end which is when the turn off date is....... Hi All, Prob very simple but here goes. I've a form on a page, which needs a recaptcha field, due to design constraints however, it won't fit. I therefore need it so you fill in the form, click submit, a new window appears with the recaptcha field and a confirmation button. Once you click confirm, the form is processed and the email sent. What's the best way to do this please? The form script has the PHP to handle the emailing side. Hi guys I am working on adding a third party php members register and login into a clients web site but every time I try the regidter page is shows me this error message. Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'username'@'localhost' (using password: YES) in /home/cpassoc2/public_html/register-exec.php on line 15 Failed to connect to server: Access denied for user 'username'@'localhost' (using password: YES) This is what i have in the config.php page. <?php define('DB_HOST', 'localhost'); define('DB_USER', 'cpassoc2-memark'); define('DB_PASSWORD', '?????????'); password replaced define('DB_DATABASE', 'cpassoc2-me'); ?> I have set up the my SQL within the control panel of the site, So do i need to do any thing else???, what am i missing???. Mark..... Hello, My user login script saves their passwords into my SQL in a md5 encryption. I am currently working on a 'forgot password' that sends the password to their email. The code that pulls out the password is this: echo $req_user_info['pass']; Now is there a way to decrypt the 'pass' (currently nothing is displayed - not even the encryption code) Please help - Ollie Hello: I wanted to see if I can make my password protected pages in my admin area, and the login form "more secure." I was told I should use MD5 / SALTING / HASHING to do this. I have tried some online tutorials, but am not understanding it, so I wanted to start from what I have and build upon it> This is my database table storing the myAdmins data (when I initially insert it into the database): Code: [Select] CREATE TABLE `myAdmins` ( `id` int(4) NOT NULL auto_increment, `myUserName` varchar(65) NOT NULL default '', `myPassword` varchar(65) NOT NULL default '', PRIMARY KEY (`id`) ) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; INSERT INTO myAdmins VALUES("1","abc","123"); This is the login form I use: Code: [Select] <?php include('../include/myConn.php'); include('include/myAdminNav.php'); session_start(); session_destroy(); $message=""; $Login=$_POST['Login']; if($Login){ $myUserName=$_POST['myUserName']; $myPassword=$_POST['myPassword']; $result=mysql_query("select * from myAdmins where myUserName='$myUserName' and myPassword='$myPassword'"); if(mysql_num_rows($result)!='0'){ session_register("myUserName"); header("location:a_Home.php"); exit; }else{ $message="<div class=\"myAdminLoginError\">Incorrect Username or Password</div>"; } } ?> <form id="form1" name="form1" method="post" action="<? echo $PHP_SELF; ?>"> <? echo $message; ?> Username: <input name="myUserName" type="text" id="myUserName" size="40" /> Password: <input name="myPassword" type="password" id="myPassword" size="40" /> <input name="Login" type="submit" id="Login" value="Login" /> </form> This is the code on top of each page I password protect: Code: [Select] <? session_start(); if(!session_is_registered(myUserName)){ header("location:Login.php"); } ?> Works well, but can it be "better"?? And, if I am allowing the admin to update his/her username or password, I do it this way: Code: [Select] <?php include('../include/myConn.php'); include('include/myCheckLogin.php'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $myUserName = mysql_real_escape_string($_POST['myUserName']); $myPassword = mysql_real_escape_string($_POST['myPassword']); $sql = " UPDATE myAdmins SET myUserName = '$myUserName', myPassword = '$myPassword' "; mysql_query($sql) && mysql_affected_rows() ?> <?php } $query=mysql_query("SELECT * FROM myAdmins") or die("Could not get data from db: ".mysql_error()); while($result=mysql_fetch_array($query)) { $myUserName=$result['myUserName']; $myPassword=$result['myPassword']; } ?> <form method="post" action="<?php echo $PHP_SELF;?>"> <input type="hidden" name="POSTBACK" value="EDIT"> Username: <input type="text" size="60" maxlength="60" name="myUserName" value="<?php echo $myUserName; ?>"> Password: <input type="password" size="60" maxlength="60" name="myPassword" value="<?php echo $myPassword; ?>"> <input type="submit" value="Submit" /> </form> Should it be "better" .. ?? I don't seem to understand how to "encrypt" all of this to make it "stronger" .. Ideas? Improvements? how could we put this into a form? Code: [Select] $username = "@yahoo.com"; $password = "pass"; // do login to facebook $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, "https://login.facebook.com/login.php?m&next=http://m.facebook.com/home.php"); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_POSTFIELDS, "email=" . $username . "&pass=" . $password . "&login=Log In"); curl_setopt($curl, CURLOPT_ENCODING, ""); curl_setopt($curl, CURLOPT_COOKIEJAR, getcwd() . '/cookies_facebook.cookie'); $curlData = curl_exec($curl); curl_close($curl); // do get post url $urlPost = substr($curlData, strpos($curlData, "action=\"/a/home") + 8); $urlPost = substr($urlPost, 0, strpos($urlPost, "\"")); $urlPost = "http://m.facebook.com" . $urlPost; // do get some parameters for updating the status $fbDtsg = substr($curlData, strpos($curlData, "name=\"fb_dtsg\"")); $fbDtsg = substr($fbDtsg, strpos($fbDtsg, "value=") + 7); $fbDtsg = substr($fbDtsg, 0, strpos($fbDtsg, "\"")); $postFormId = substr($curlData, strpos($curlData, "name=\"post_form_id\"")); $postFormId = substr($postFormId, strpos($postFormId, "value=") + 7); $postFormId = substr($postFormId, 0, strpos($postFormId, "\"")); // do update facebook status $statusMessage = "Status updated :-)"; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $urlPost); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS, "fb_dtsg=" . $fbDtsg . "&post_form_id=" . $postFormId . "&status=" . $statusMessage . "&update=Update Status"); curl_setopt($curl, CURLOPT_ENCODING, ""); curl_setopt($curl, CURLOPT_COOKIEFILE, getcwd() . '/cookies_facebook.cookie'); curl_setopt($curl, CURLOPT_COOKIEJAR, getcwd() . '/cookies_facebook.cookie'); $curlData = curl_exec($curl); curl_close($curl); echo "Your Facebook status already updated with '" . $statusMessage . "'"; Code: [Select] <?php include 'config.php'; //include 'dbc.php'; ?> <?php function filter($data) { // <--line 6 $data = trim(htmlentities(strip_tags($data))); if (get_magic_quotes_gpc()) $data = stripslashes($data); $data = mysql_real_escape_string($data); return $data; } ?> <?php /******************* ACTIVATION BY FORM**************************/ if ($_POST['doReset']=='Reset') { $err = array(); $msg = array(); foreach($_POST as $key => $value) { $data[$key] = filter($value); } if(!isEmail($data['email'])) { $err[] = "ERROR - Please enter a valid email"; } $email = $data['email']; //check if activ code and user is valid as precaution $rs_check = mysql_query("select id from users where email='$email'") or die (mysql_error()); $num = mysql_num_rows($rs_check); // Match row found with more than 1 results - the user is authenticated. if ( $num <= 0 ) { $err[] = "Error - Sorry no such account exists or registered."; //header("Location: forgot.php?msg=$msg"); //exit(); } if(empty($err)) { $new_pass = GenPwd(); $pass_reset = MD5($new_pass); //$sha1_new = sha1($new); //set update sha1 of new password + salt $rs_activ = mysql_query("update users set pass='$pass_reset' WHERE email='$email'") or die(mysql_error()); $host = $_SERVER['HTTP_HOST']; $host_upper = strtoupper($host); //send email $message = "Here are your new password details ...\n User Email: $email \n Passwd: $new_pass \n Thank You Administrator $host_upper ______________________________________________________ THIS IS AN AUTOMATED RESPONSE. ***DO NOT RESPOND TO THIS EMAIL**** "; mail($email, "Reset Password", $message, "From: \"Member Registration\" <auto-reply@$host>\r\n" . "X-Mailer: PHP/" . phpversion()); $msg[] = "Your account password has been reset and a new password has been sent to your email address."; //$msg = urlencode(); //header("Location: forgot.php?msg=$msg"); //exit(); } } ?> <html> <head> <title>Forgot Password</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script> <script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script> <script> $(document).ready(function(){ $("#actForm").validate(); }); </script> <link href="styles.css" rel="stylesheet" type="text/css"> </head> <body> <table width="100%" border="0" cellspacing="0" cellpadding="5" class="main"> <tr> <td colspan="3"> </td> </tr> <tr> <td width="160" valign="top"><p> </p> <p> </p> <p> </p> <p> </p> <p> </p></td> <td width="732" valign="top"> <h3 class="titlehdr">Forgot Password</h3> <p> <?php /******************** ERROR MESSAGES************************************************* This code is to show error messages **************************************************************************/ if(!empty($err)) { echo "<div class=\"msg\">"; foreach ($err as $e) { echo "* $e <br>"; } echo "</div>"; } if(!empty($msg)) { echo "<div class=\"msg\">" . $msg[0] . "</div>"; } /******************************* END ********************************/ ?> </p> <p>If you have forgot the account password, you can <strong>reset password</strong> and a new password will be sent to your email address.</p> <form action="forgot.php" method="post" name="actForm" id="actForm" > <table width="65%" border="0" cellpadding="4" cellspacing="4" class="loginform"> <tr> <td colspan="2"> </td> </tr> <tr> <td width="36%">Your Email</td> <td width="64%"><input name="email" type="text" class="required email" id="txtboxn" size="25"></td> </tr> <tr> <td colspan="2"> <div align="center"> <p> <input name="doReset" type="submit" id="doLogin3" value="Reset"> </p> </div></td> </tr> </table> <div align="center"></div> <p align="center"> </p> </form> <p> </p> <p align="left"> </p></td> <td width="196" valign="top"> </td> </tr> <tr> <td colspan="3"> </td> </tr> </table> </body> </html> Fatal error: Cannot redeclare filter() (previously declared in/forgot.php:6) what is wrong ? Hello PhP Freaks forum In the past weeks ive been trying to make a website, where you can register. Everything seems to work except my cherished Change password feature. Everytime you try to change the password, it just resets it to nothing. Here is the code below. <?php if(isset($_SESSION['username'])) { $username = $_SESSION['username']; $lastname = $_SESSION['lastname']; $firstname = $_SESSION['firstname']; $email = $_SESSION['email']; echo " <h4>Options for:</h4> $username <br /> <br /> First name: $firstname <br />Last name: $lastname <br /><br /><h3>Want to change your password:</h3><br /> <form action='?do=option' method='post'> Old password <input type='password' placeholder='Has to be between 5-15 digits' name='password' size='30' value='' /><br /> <br /> New Password<input type='password' placeholder='Has to be between 5-15 digits' name='newpass' size='30' value='' /><br /> <br /> Confirm new password <input type='password' placeholder='Has to be between 5-15 digits' name='passconf' size='30' value='' /><br /> <center></div><input type='submit' value='Submit'/></center></form>"; }else{ echo 'Please login to view your options!'; } $password = $_REQUEST['password']; $pass_conf = $_REQUEST['newpass']; $email = $_REQUEST['passconf']; $connect = mysql_connect("Host", "User", "Password"); if(!$connect){ die(mysql_error()); } //Selecting database $select_db = mysql_select_db("My Database", $connect); if(!$select_db){ die(mysql_error()); } //Find if entered data is correct $result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'"); $row = mysql_fetch_array($result); $id = $row['id']; mysql_query("UPDATE users SET password='$newpass' WHERE username='$user'") ?> And i do know that i dont have a if(Empty($newpass)){ Die(Please fill out the new password) } Or any security on the others, but the problem just seems that it resets the password into nothing Hope i can get this fixed Best Regards William Pfaffe <?php
require_once('upper.php'); require_once('database.php'); echo $error_msg=''; if(isset($_POST['submit'])) { $LoginId=mysqli_real_escape_string($dbc,trim($_POST['LoginId'])); $Password1=mysqli_real_escape_string($dbc,trim($_POST['Password1'])); $Password2=mysqli_real_escape_string($dbc,trim($_POST['Password2'])); $Name=mysqli_real_escape_string($dbc,trim($_POST['Name'])); $Age=mysqli_real_escape_string($dbc,trim($_POST['Age'])); $BloodGroup=mysqli_real_escape_string($dbc,trim($_POST['BloodGroup'])); if(!isset($_POST['Sex'])) { echo 'Please enter Sex<br>'; } else{ $Sex= mysqli_real_escape_string($dbc,trim($_POST['Sex'])); } $Qualification=mysqli_real_escape_string($dbc,trim($_POST['Qualification'])); $ContactNumber=mysqli_real_escape_string($dbc,trim($_POST['ContactNumber'])); $Email=mysqli_real_escape_string($dbc,trim($_POST['Email'])); $Address=mysqli_real_escape_string($dbc,trim($_POST['Address'])); $AboutYourself=mysqli_real_escape_string($dbc,trim($_POST['AboutYourself'])); //$countCheck=count($_POST['checkbox']); //echo $countCheck; //$checkbox=$_POST['checkbox']; //$countCheck=count($checkbox); if(empty($LoginId)){echo 'Please enter Login Id';} elseif(empty($Password1)){echo 'Please enter Password';} elseif(empty($Password2)){echo 'Please confirm Password';} elseif($Password1!==$Password2){echo 'Password didn\'t match';} elseif(empty($Name)){echo 'Please enter Name';} elseif(empty($Age)){echo 'Please enter Age';} elseif(!isset($_POST['Sex'])){} elseif(empty($Qualification)){echo 'Please enter Qualification';} elseif(empty($ContactNumber)){echo 'Please enter Contact Number';} elseif(empty($Email)){echo 'Please enter Email';} elseif(empty($Address)){echo 'Please enter Address';} elseif(empty($AboutYourself)){echo 'Please enter About Yourself';} elseif(!isset($_POST['checkbox'])){ echo 'You have to register at least one activity.';} elseif(!isset($_POST['TermsAndConditions'])){ echo 'You have to agree all Terms and Conditions of Elite Brigade.';} else { require_once('database.php'); $query="select * from registration where LoginId='$LoginId'"; $result=mysqli_query($dbc,$query); if(mysqli_num_rows($result)==0) { $checkbox=$_POST['checkbox']; $countCheck=count($_POST['checkbox']); $reg_id=' '; for($i=0;$i<$countCheck;$i++) { $reg_id=$reg_id.$checkbox[$i].','; $query="insert into activity_participation (LoginId,Title,Date) values ('$LoginId','$checkbox[$i]',CURDATE())"; $result=mysqli_query($dbc,$query) or die("Not Connected"); } $query="insert into registration (LoginId,Password,Name,Age,BloodGroup,Sex,Qualification,ContactNumber,Email,Address,AboutYourself,Activity)values ('$LoginId'[B],SHA('$Password1'),[/B]'$Name','$Age','$BloodGroup','$Sex','$Qualification','$ContactNumber','$Email','$Address','$AboutYourself',',$reg_id')"; $result=mysqli_query($dbc,$query) or die("Not Connect"); echo ' Dear '.$Name.'.<br>Your request has been mailed to admin.<br>Your account is waiting for approval<br>'; $from= 'Elite Brigade'; $to='ankitp@rsquareonline.com'; $subject='New User Registration'; $message="Dear admin,\n\nA new user request for registration. Please check it out.\n\nRegards\nMicro"; mail($to,$subject,$message,'From:'.$from); //header('Location: index.php'); // header('Location: Registration.php'); } else { echo 'Dear '.$Name. ', <br> An account already exist with login-id<b> '.$LoginId.'</b> <br>Please try another login-id'; }} } ?> <html> <head> <script src="jquery-latest.js"></script> <script type="text/javascript" src="jquery-validate.js"></script> <style type="text/css"> * { font-family: Verdana; } label.error { color: white; padding-left: .5em; } p { clear: both; } .submit { margin-left: 12em; } em { font-weight: bold; padding-right: 1em; vertical-align: top; } </style> <script> $(document).ready(function(){ $("#commentForm").validate(); }); </script> </head> <body> <?php echo $error_msg; ?> <form action='<?php echo $_SERVER['PHP_SELF'];?>' id="commentForm" method='post'> <div class="registration_and_activity"> <table border="0" width="380"> <tr><td colspan="2"> <h3>New User?</h3></td></tr> <tr><td width="120"> <em>*</em>Enter Login id</td><td width="150"><input type='text' name='LoginId' minlength="4" value='<?php if(!empty($LoginId))echo $LoginId;?>' /></td></tr> <tr><td> <em>*</em>Enter Password</td> <td><head> <div id="divMayus" style="visibility:hidden">Caps Lock is on.</div> <SCRIPT language=Javascript> function capLock(e){ kc = e.keyCode?e.keyCode:e.which; sk = e.shiftKey?e.shiftKey:((kc == 16)?true:false); if(((kc >= 65 && kc <= 90) && !sk)||((kc >= 97 && kc <= 122) && sk)) document.getElementById('divMayus').style.visibility = 'visible'; else document.getElementById('divMayus').style.visibility = 'hidden'; } </SCRIPT> </HEAD> <input onkeypress='return capLock(event)' type='password' name='Password1' value='<?php if(!empty($Password1))echo $Password1;?>' /></td></tr> <tr><td> <em>*</em>Confirm Password</td><td><input type='password' name='Password2' value='<?php if(!empty($Password2))echo $Password2;?>' /></td></tr> <tr><td width="120"> <em>*</em>Enter Name</td> <td><input type='text' name='Name' value='<?php if(!empty($Name))echo $Name;?>' /></td></tr> <tr><td> <em>*</em>Enter Age</td><HEAD> <SCRIPT language=Javascript> function isNumberKey(evt) { var charCode = (evt.which) ? evt.which : event.keyCode if (charCode > 31 && (charCode < 48 || charCode > 57)) return false; return true; } </SCRIPT> </HEAD> <td><INPUT onkeypress='return isNumberKey(event)' type='text' name='Age' value='<?php if(!empty($Age))echo $Age;?>'/></td></tr> <tr><td> <em>*</em>Enter Blood</td><td><input type='text' name='BloodGroup' value='<?php if(!empty($BloodGroup))echo $BloodGroup;?>' /></td></tr> <tr><td> <em>*</em>Enter Sex</td><td><input type='radio' name='Sex' style='width:16px; border:0;' 'value='Male' />Male <input type='radio' name='Sex' style='width:16px; border:0;' 'value='Female' />Female</td></tr> <tr><td> <em>*</em>Enter Qualification</td><td><input type='text' name='Qualification' value='<?php if(!empty($Qualification))echo $Qualification;?>' /></td></tr> <tr><td> <em>*</em>Contact Number </td><td><input onkeypress='return isNumberKey(event)'type='text' name='ContactNumber' value='<?php if(!empty($ContactNumber))echo $ContactNumber;?>' /></td></tr> <tr><td> <em>*</em>Enter Email</td><td><input type='text' name='Email'class="email" value='<?php if(!empty($Email))echo $Email;?>' /></td></tr> <tr><td> <em>*</em>Enter Address</td><td><input type='text' name='Address' value='<?php if(!empty($Address))echo $Address;?>' /></td></tr> <tr ><td > <em>*</em>About Yourself </td></tr> <tr><td colspan="2"><textarea rows='10' cols='40' name='AboutYourself' /><?php if(!empty($Address))echo $Address;?></textarea></td></tr> <tr><td> <?php echo" <tr><td colspan='2'><em>*</em><b>Select fields for which you want to register</b></td></tr>"; require_once('database.php'); $query="select * from activity"; $result=mysqli_query($dbc,$query); while($row=mysqli_fetch_array($result)){ $Title=$row['Title']; $ActivityId=$row['ActivityId']; echo "<tr><td>$Title</td>"; echo "<td><input type='checkbox' name='checkbox[]' value='$Title' style='width:14px; text-align:right;'/></td></tr>";//value=$ActivityId tells ActivityId variable extracts with name="checkbox" echo "<br/>"; } echo "<td><em>*</em><input type='checkbox' name='TermsAndConditions' style='width:14px; text-align:right;'/></td><td> I agree all <a href='TermsAndConditions.php'>Terms and conditions </a>of Elite Brigade</td></tr>"; echo "<tr><td colspan='2' align='center'><input type='submit' value='Register' name='submit' style='background:url(./images/button_img2.png) no-repeat 10px 0px; width:100px; padding:3px 0 10px 0; color:#FEFBC4; border:0;'/></td></tr><br>"; echo " </td></tr></table> </div> </form> </body> </html>"; require_once('lower.php'); ?> Hi Friends .... I encrypt user password by SHA('$Password') method but now i want to add "Forget Password Module" for which I need to decrypt it first before tell my user but I don't Know how to decrypt it. Please help me........ This topic has been moved to Application Design. http://www.phpfreaks.com/forums/index.php?topic=353345.0 I have developed a code for a login and seems to work well (No syntax error according to https://phpcodechecker.com/ but when I enter a username and a password in the login form, I get an error HTTP 500. I think that everything is ok in the code but obviously there is something that I am not thinking about. The code (excluding db connection): $id="''"; $username = $_POST['username']; $password = md5($_POST['password']); $func = "SELECT contrasena FROM users WHERE username='$username'"; $realpassask = $conn->query($func); $realpassaskres = $realpassask->fetch_assoc(); $realpass= $realpassaskres[contrasena]; $func2 = "SELECT bloqueado FROM users WHERE username='$username'"; $blockedask = $conn->query($func2); $blockedres = $blockedask->fetch_assoc(); $bloqueado = $blockedres[bloqueado];
//Login if(!empty($username)) { // Check the email with database Hi!! I want to delete record which i clicked the delete button in the table. I want a confirm box for delete Here is code display.php Code: [Select] <?php $cn=mysql_connect("localhost","root",""); mysql_select_db("register",$cn); $qry2=mysql_query("SELECT * FROM reg_table"); ?> <html> <head> <script type="text/javascript"> function show_confirm() { var r=confirm("Do you want to Delete?"); if (r==true) { } else { alert("You pressed Cancel!"); } } </script> </head> <body> <form action="delete.php" method="get"> <table width="200" border="1"> <tr> <th scope="col">Name</th> <th scope="col">Address</th> <th scope="col">Gender</th> <th scope="col">Qualify</th> </tr> <?php while($res=mysql_fetch_array($qry2)) { ?> <tr> <td><?php echo $res['name']; ?></td> <td><?php echo $res['adrs']; ?></td> <td><?php echo $res['gender']; ?></td> <td><?php echo $res['qualify']; ?></td> <td> <a href="edit.php?uid=<?php echo $res['id']; ?>">edit</a></td> <td> <input type="hidden" name="nid" value="<?php echo $res['id']; ?>" /> </td> <td> <input type="submit" value="Delete" name="del" onClick="return show_confirm();"> </td> </tr> <?php } ?> </table> </form> </body> </html> delete.php Code: [Select] <html> <body> <?php $cn=mysql_connect("localhost","root",""); mysql_select_db("register",$cn); $del_id=$_GET['nid']; $qry=mysql_query("delete from reg_table where id='".$del_id."' "); if($qry) { echo "deleted"; } else { echo "not deleted"; } ?> </body> </html> Hello Frnds, I have code which i am using for update a file ..... Code: [Select] $poid = $_POST['txtpoid']; $suppid = $_POST['suppid']; $custid = $_POST['custid']; $podate = $_POST['timestamp']; $poqty = $_POST['txtpoqty']; $chkqty = $_POST['chkqty']; if($chkqty<>$poqty) { ////HERE I WANT TO SHOW CONFIRM JAVASCRIPT WITH YES/NO OPTION (YOU ARE GOING TO CHANGE QUANTITY. ARE YOU SURE), IF YES THE QUERY UPDATE IF NOTHEN EXIT FROM HERE SO WHATS THE CODE please HELP///////////// } $query = ("update po SET suppid='$suppid',custid='$custid,podate='$podate',poqty='$poqty' where poid='$poid'"); if(!mysql_query($query, $link)) die ("Mysql error ....<p>".mysql_error()); Can anyone help me with this delete confirm box. I have tried but somehow its not working. Can anyone help me with this? Thankz. html codes : echo "<td><a href=delete.php?id=" . $rows['id'] ." onclick=\"return confirm(Are you sure?);\">Delete</a></td>"; delete.php : <?php include "config.php"; ?> <?php $id=$_GET['id']; ?> <script type="text/javascript"> <!-- function confirmation() { var answer = confirm('Are you sure you want to delete?') if (answer){ $sql="DELETE FROM document WHERE id='$id'"; } else{ alert("Cancelled the delete!") } } </script> hey guys, im pretty awful in programming, so bare with me.
im using javascript to pop-up a message box.
if user confirms, the page will insert data in mysql and redirects to the index page.
if user cancels the pop-up message, it will just stay on the main page.
but i can't seemed to pass the variables as it calls a set function...
what did i do wrong? any help from anyone is highly appreciated.
html page
<form method="post" action="seatplan_occupied.php"> <input name = "btn_seatOccupied" type = "submit" class="btnFORM" value="CONFIRM" onClick="seatOccupied()"> </form>php/javascript page (seatplan_occupied.php)
<script>
function seatOccupied()
{
document.getElementById("btn_seatOccupied").innerHTML;
if (confirm("Are you sure you want to confirm your purchase?") == true)
{
alert("Yeay! You bought ticket/s");
<?php
include("databaseconnect.php");
mysql_query("UPDATE tblseatchart SET seatSTATUS='Occupied' WHERE seatSTATUS='Selected'");
include("index.php");
?>
}
else
{
alert("Owh No! You Cancelled to confirm... Whats wrong?");
}
}
</script>
|
|||||||