PHP - Registration Form With Postgre Database, Need Some Help
Hello, iv got a code that validates form fields:
////////////////////duomenys is regform.php $username = $_POST['regname']; $email= $_POST['regemail']; $password1 = $_POST['regpass1']; $password2 = $_POST['regpass2']; /////////////////////////////////////////// ini_set('error_reporting', E_ALL); ini_set('display_errors', 1); $result = pg_query('SELECT 1 FROM duom WHERE LOWER(name)=\''.strtolower(pg_escape_string($username)).'\'')or exit(pg_last_error()); if(isset($_POST['regsubmit'])){ ////////////////////////////////////tikrina ar viskas uzpildyta if($username !="" && $email !="" && $password1 !="" && $password2 !="" && $password1 == $password2) { /////////////////////////////////////////////////////////////// if (pg_num_rows($result)) { exit('Toks vartotojas jau egzistuoja, pasirinkite kita vartotojo varda'); } else ///////////////////ideda duomenys is regform.php i duomenu baze $insert = "INSERT into duom(name, email, pass) VALUES('".$username."','".$email."','".$password1."')"; pg_query($insert); echo "Registracija pavyko!"; /////////////////////////////////////////////////////////////// } else echo "Blogai uzpildyti domenys!"; } everything is working but i need to add 1 more thing to this - to see if email already exists in the databse. I did it for username but idk how to add the same code for email. Heres the code to check if username already exists: ini_set('error_reporting', E_ALL); ini_set('display_errors', 1); $result = pg_query('SELECT 1 FROM duom WHERE LOWER(name)=\''.strtolower(pg_escape_string($username)).'\'')or exit(pg_last_error()); if (pg_num_rows($result)) { exit('Username already exists); thanks in advance Similar TutorialsCould anyone help me making a login function that checks the txt document if user and pw exists/are correct? -and if they are, sends you to a logged in page. This is for a assignment which is why I have to store the information in a text document, I know it's unsafe. Also i know i should use $_Sessions but I'm not sure how to use it and where to put it.
So far I have created the form which has 2 buttons one for registering and one for logging in. I have also created the registration function which checks the text file if the username already exists if not it will register it. <html lang="eng"> <head> <link rel="stylesheet" href="style.css"> <title>name</title> </head> <body> <div class="formdiv"> <h2>Log in or register</h2> <form action="" method="post"> <p>Username<p style="color:black">*</p> <input type="text" name="user" placeholder="Type in your username" required> <p>Password<p style="color:black">*</p> <input type="password" name="pw" placeholder="Type in your password" required> <?php if (isset($_POST['saveBtn'])){ $username = $_POST['user']; $password = $_POST['pw']; $error = register($username); if ($error == '') { echo "User: $username has been registered!<br/>"; } else echo $error; } ?> <input type="submit" name="saveBtn" value="Save new user"> <input type="submit" name="loginBtn" value="Login"> </form> </div> <?php // Registration function register($user){ $textError = ''; // Check and see if user exists $UserPassTxt = fopen("userpwd.txt","a+"); // Opens text doc rewind($UserPassTxt); while (!feof($UserPassTxt)) { $line = fgets($UserPassTxt); $tmp = explode(':', $line); if ($tmp[0] == $user) { $textError = "Username already exists!"; break; } } if ($textError == ''){ $hash = password_hash('', PASSWORD_DEFAULT); fwrite($UserPassTxt, "\n$user: $hash"); } fclose($UserPassTxt); // Closes txt doc return $textError; } ?> <?php //Login function login($user, $pass){ } ?> </body> ///here's my best attempt at the function <?php //Login $error = '0'; if (isset($_POST['loginBtn'])){ $username = $_POST['user']; $password = $_POST['pw']; $error = login($username,$password); } function login($user, $pass){ $errorText = ''; $validUser = false; $UserPassTxt = fopen("userpwd.txt","r"); rewind($UserPassTxt); while (!feof($UserPassTxt)) { $line = fgets($UserPassTxt); $tmp = explode(':', $line); if ($tmp[0] == $user) { if (trim($tmp[1]) == trim(password_hash('', PASSWORD_DEFAULT))){ $validUser= true; $_SESSION['user'] = $user; } break; } } fclose($UserPassTxt); if ($validUser != true) $errorText = "Not correct username or password"; if ($validUser == true) $_SESSION['validUser'] = true; else $_SESSION['validUser'] = false; return $errorText; } function logoutUser(){ unset($_SESSION['validUser']); unset($_SESSION['user']); } function checkUser(){ if ((!isset($_SESSION['validUser'])) || ($_SESSION['validUser'] != true)){ header('Location: index.php'); } } ?>
Ok, first off, I tested my own coded reg system and when I make an error test, the error shows but the user info gets added to the database. How can I stop letting the code add the user to the database when an error occurs. <?php include "lang.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PokePals - Registering</title> <script type="text/javascript" src="http://code.jquery.com/jquery-1.4.2.min.js" /> <link rel="stylesheet" type="text/css" href="style.css" /></head> <body> <?php include "navbar.php"; ?> <?php // Important stuff goes here include "sql_local.php"; include "ban.php"; // Now for the registration page echo "<div class='panel'>"; if (isset($_POST["submit"])) { // Define the variables here $user = mysql_real_escape_string ($_POST["user"]); $pass1 = mysql_real_escape_string ($_POST["pass"]); $pass2 = mysql_real_escape_string ($_POST["passconf"]); $email = mysql_real_escape_string ($_POST["email"]); $email2 = mysql_real_escape_string ($_POST["email2"]); $dpfc = mysql_real_escape_string ($_POST["dpfc"]); $platinumfc = mysql_real_escape_string ($_POST["platinumfc"]); $hgssfc = mysql_real_escape_string ($_POST["hgssfc"]); $otherfc = mysql_real_escape_string ($_POST["otherfc"]); $favoritepkmn = mysql_real_escape_string ($_POST["favoritepkmn"]); $aboutme = mysql_real_escape_string ($_POST["aboutme"]); $hobbies = mysql_real_escape_string ($_POST["hobbies"]); $favorites = mysql_real_escape_string ($_POST["favorites"]); $gender = mysql_real_escape_string ($_POST["gender"]); // Now check for some errors // Did he/she fill out the form completely? Lets find out function errors() { if (!$_POST["user"] | !$_POST["pass"] | !$_POST["email"] ) { echo "<div class='error'>Please fill in the required fields</div>"; } // Passwords match if ($_POST['pass'] != $_POST['passconf']) { echo "<div class='error'>Password does not match with the other one</div>"; } // Email match if ($_POST['email'] != $_POST['email2']) { echo "<div class='error'>Email does not match with the other one</div>"; } } // Is the user banned? foreach($banned_ips as $ip_ban) { if($user_ip == $ip_ban) { die ("<div class='error'>Your IP address is banned from registering. Contact the site administrator for more info</div>"); } } // If there are no errors, start adding the information to the database if (!errors()) { // Secure the passwords $securepass = md5($pass1); // Submit to the database $insertuser = "INSERT INTO users (user, password, email, dpfc, platinumfc, hgssfc, otherfc, favoritepkmn, aboutme, hobbies, favorites, gender, regip) values ('$user', '$securepass', '$email', '$dpfc', '$platinumfc', '$hgssfc', '$otherfc', '$favoritepkmn', '$aboutme', '$hobbies', '$favorites', '$gender', '$user_ip')"; $add = mysql_query($insertuser, $con) or die ('Error: ' . mysql_error() . ' Please contact an admin'); if ($add) { echo ("<h3>Registration Success</h3><p>You may now login using your username and password. Start hatching some eggs now!</p>"); } } } ?> <div class='registerform'><form action='register.php' method='post'> <label>Username *</label> <input type='text' name='user' class='form1' value='<?php echo @$_POST['user']; ?>' /> <fieldset><legend>Password</legend> <label>Enter your password *</label> <input type='password' name='pass' class='form1' value='<?php echo @$_POST['pass']; ?>' /> <label>Password again *</label> <input type='password' name='passconf' class='form1' value='<?php echo @$_POST['passconf']; ?>' /> </fieldset> <fieldset><legend>Email</legend> <label>Enter your email *</label> <input type="text" name="email" class="form1" value="<?php echo @$_POST['email']; ?>" /> <label>Enter email again *</label> <input type="text" name="email2" class="form1" value="<?php echo @$_POST['email2']; ?>" /> </fieldset> <input type="submit" name="submit" class="submitbutton" value="Register!" /> </form> Ok Here is my Problem the following works great except it does not add the $user var to the account_details. As well as outputs md5 wrong it outputs something but its different than the password should be. Heres my PHP code: Code: [Select] <?php session_start(); /** * @author Brian T. Flores * @copyright 2010 - 2014 */ error_reporting(E_ALL); $conn = mysql_connect($db_host, $db_user, $db_pass) or die ('Error connecting to mysql'); mysql_select_db($db_name); if($_GET['goahead']==1){ // If GoAhead Is set if(isset($_GET['user'])){ // If isset GoAhead $user = mysql_real_escape_string($_GET['user']); // Clean User for Transfer. $user_check = mysql_query("SELECT * FROM `account_details` WHERE `username01` = '$user'"); // Check to see if username is taken. $ucount = mysql_num_rows($user_check); // Get Username Check Count if($ucount!=""){ // If Username is Taken. die(3); // Die Error Number 3 } // End If Username is Taken. if(isset($_GET['pass'])){ // If password is set. $pass = mysql_real_escape_string($_GET['pass']); // Clean Password for Transfer. $encPass = md5($pass); // Encrypt Password if(isset($_GET['race'])){// If Race is Set. $race = mysql_real_escape_string($_GET['race']); // Clean Race for Transfer. if(isset($_GET['email'])){ // If Email is set. $email = mysql_real_escape_string($_GET['email']); // Clean Email for Transfer. $email_check = mysql_query("SELECT * FROM `account_details` WHERE `email` = '$email'");// Check to see if Email is Taken. $ecount = mysql_num_rows($email_check); // Get Email Check Count. if($ecount!=""){ // If Email is Taken. die(2); // Die Error Number 2 } // End If Email is Taken. if(isset($_GET['email2'])){ // If email confirmation is set. $email2 = mysql_escape_string($_GET['email2']); // Clean Email Confirmation for Transfer. if($email == $email2){ // If emails match. if(isset($_GET['planet'])){ // If Planet Name is Set. $pname = mysql_real_escape_string($_GET['planet']); // Clean Planet Name for Transfer. if(isset($_GET['security_code'])){ // If Security Code Input is set. $security_code = mysql_real_escape_string($_GET['security_code']); // Clean Security Code. $security_enc = md5($security_code); // Encrypt Security Code. $security_code2 = $_SESSION['image_random_value']; // Get Security Code Session if($security_enc == $security_code2){ // If Codes Match. $randActive = rand(11111111111111111111,99999999999999999999); // Get Activation Link pre-encrypt. $activation_link = md5($randActive); // Get Encrypted Activation Link. $q = "INSERT INTO `account_details` (`username01`, `password01`, `loggedIn`, `currentlyLogged`, `active`, `activelink`, `race`, `email`) VALUES ('$user', '$encPass', 0, 0, 0, '$activation_link', '$race', '$email');"; // ^ Add Account Query. $res = mysql_query($q) or die("Error Detected! <br />".mysql_error()); // ^ Add Account to SQL. $q = mysql_query("SELECT * FROM `account_details` WHERE `username01` = '$user'")or die(mysql_error()); // ^ Get Information from New Account. $newuserinfo = mysql_fetch_array($q);// Get New User Information $id = $newuserinfo['id']; // Set New Account Id. $q="INSERT INTO `planets` (`owner`, `name`, `recource1`, `recource2`, `recource3`, `recource4`, `recource5`, `turns_01`, `untrained_units_01`, `attackers_01`, `defenders_01`, `miners_01`, `covert_01`, `anticovert_01`, `ship_01`, `ship_02`, `ship_03`, `ship_04`, `ship_05`, `ship_06`, `ship_07`, `building01`, `building02`, `building03`, `building04`, `building05`, `building06`, `building07`, `building08`, `building09`) VALUES ('$id', '$pname', 35000, 15000, 12000, 135000, 125000, 220, 150, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0);"; // ^ Add Planet Query. $res2 = mysql_query($q) or die("Error Detected! <br />".mysql_error()); // Add Planet to SQL. $body = " Hello ".$user.", Congradulations! Your account on Ultimate Conquest has been Registed Today! Click the following Link to Activate Account: http://testing.ultimateconquest.net/activate.php?code=".$activation_link." If you have not registered an account and have found this message in error please click the following link to report this error: http://testing.ultimateconquest.net/errorreg.php?account=".$user." Thank you for registering for Ultimate Conquest - ULC, Head Admin Brian Flores AKA Photonic.... "; // Activation Email Information. if (mail($email, "Activate your ULC Ultimate Conquest Account! No-Reply!", $body)) { // If Email Is Sent. die("1"); // Die Error Number 1 } // End Send Email }else{ // If Security Codes do Not Match. die("12"); // Die Error Number 12 } }else{ // If Security Code is Not Set die("11"); // Die Error Number 13 } }else{ // If Planet Name is Not Set. die("10"); // Die Error Number 10. } }else{ // If Emails do not match. die("9"); // Die Error Number 9. } }else{ // If email confirmation is not set. die("8"); // Die Error Number 8. } }else{ // If email is not set. die("7"); // Die Error Number 7. } }else{ // If race is not set. die("6"); // Die Error Number 6. } }else{ // If Password is not set. die("5"); // Die Error Number 5. } }else{ // If Username is not set. die("4"); // Die Error Number 4. } }else{ // If GoAhead is Not Set. die("Go Ahead Not Established By Game System!"); } ?> Here is the Register Function in Javascript: Code: [Select] function regMast(){ var user = document.getElementById('username_client').value; var pass = document.getElementById('password_client').value; var race1 = document.getElementById('races1').value; if(race1 !=""){var race = document.getElementById('races1').value;} var race2 = document.getElementById('races2').value; if(race2 !=""){var race = document.getElementById('races2').value;} var race3 = document.getElementById('races3').value; if(race3 !=""){var race = document.getElementById('races3').value;} var race4 = document.getElementById('races4').value; if(race4 !=""){var race = document.getElementById('races4').value;} var planet_name = document.getElementById('pname').value; var email = document.getElementById('email').value; var email2 = document.getElementById('email2').value; var security_code = document.getElementById('security_code').value; var ajaxRequest; // The variable that makes Ajax possible! try{ // Opera 8.0+, Firefox, Safari ajaxRequest = new XMLHttpRequest(); } catch (e){ // Internet Explorer Browsers try{ ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try{ ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e){ // Something went wrong alert("Your browser broke!"); return false; } } } // Create a function that will receive data sent from the server ajaxRequest.onreadystatechange = function(){ if(ajaxRequest.readyState == 4){ var returni = ajaxRequest.responseText; if(returni == "1"){ document.getElementById('reg_error').innerHTML = 'Registration Completed! Check Activation Email for more information.'; } if(returni == "2"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Email Address Already Taken!'; } if(returni == "3"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Username Already Taken!'; } if(returni == "4"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Username Field Empty!'; } if(returni == "5"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Password Field Empty!'; } if(returni == "6"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! You must select a race!'; } if(returni == "7"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Email Field Empty!'; } if(returni == "8"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Email Confirmation Field Empty!'; } if(returni == "9"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Emails did not Match!'; } if(returni == "10"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Planet Name Field Empty!'; } if(returni == "11"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! You did not Input the Security Code!'; } if(returni == "12"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! The Security Code you Inputed did not Match the Image!'; }else{ document.getElementById('reg_error').innerHTML = returni; } } } var queryString = "?goahead=1&user=" + user + "&pass=" + pass + "&race=" + race + "&email=" + email + "&email2=" + email2 + "&security_code=" + security_code + "&planet=" + planet_name; ajaxRequest.open("GET", "register.php" + queryString, true); ajaxRequest.send(null); } I need help trying to figure out why my form won't write the database it is supposed to - i checked the connection to the database and it works and the user seems to have permission to edit database - the error I get is "Error: User not added to database." from "register.php". Can someone please look over my code and see if the problem is coming from somewhere within?
I created a connection file (connect.php)
<? session_start(); // Replace the variable values below // with your specific database information. $host = "localhost"; $user = "master"; $pass = "hidden"; $db = "user"; // This part sets up the connection to the // database (so you don't need to reopen the connection // again on the same page). $ms = mysql_pconnect($host, $user, $pass); if ( !$ms ) { echo "Error connecting to database.\n"; } // Then you need to make sure the database you want // is selected. mysql_select_db($db); ?>Then there is the php script (register.php): <?php session_start(); // connect.php is a file that contains your // database connection information. This // tutorial assumes a connection is made from // this existing file. require('connect.php'); // If the values are posted, insert them into the database. if (isset($_POST['email']) && isset($_POST['password'])){ $firstname = $_POST['firstname']; $lastname = $_POST['lastname']; $email = $_POST['email']; $password = $_POST['password']; $query = "INSERT INTO `member` (firstname, lastname, email, password) VALUES ('$firstname', '$lastname', '$email' '$password')"; $result = mysql_query($query); if ( !mysql_insert_id() ) { die("Error: User not added to database."); } else { // Redirect to thank you page. Header("Location: surveylanding_no-sidebar.html"); } } ?>Here is the HTML form: <form name="htmlform" method="post" class="form" action="register.php"> <p class="firstname"> <input type="text" name="firstname" id="firstname" /> <label for="firstname">First Name</label> </p> <p class="lastname"> <input type="text" name="lastname" id="lastname" /> <label for="lastname">Last Name</label> </p> <p class="email"> <input type="email" name="email" id="email" /> <label for="email">Email</label> </p> <p class="Password"> <input type="password" name="password" id="password" /> <label for="password">Password</label> </p> <p class="submit"> <input type="submit" value="Register"/> </p> </form> Is jquery/Ajax better than real/raw PHP for form validation ?! What if JavaScript is turned off on the browser?! why after someone refreshing a page on the browser, the variables used to echo error after invalid data is being submitted will return the undefined variables error?! And how to handle form validation including an empty form field, maximum amount of value entered and so on I'm making a registration form and i want to add a user when i click the registration button, but the user can not already be in the database, i set the user to be unique inside of the database and when i try to add a new user it gives an error message, but instead of that error message i would like to input please enter another user-name or user already exist something like that the error message says duplicate entry 'username' inside of db basically... can someone help me with this ? Currently I'm trying to get a registration form to work adding a username and password into a database. That bit I understand and have managed to do aswell as getting the password to hash using the line below: $hashed = password_hash($password, PASSWORD_DEFAULT);
What I'm trying to do now is have the passwords check to see if they are the same, if so the user is able to register, if not they are sent back to the registration page(which was working before I started tampering with the next bit). I also want to checkto see if the username is taken, the following code is what I have so far: <?php session_start(); /* Attempt MySQL server connection. Assuming you are running MySQL server with default setting (user 'root' with no password) */ $link = mysqli_connect("localhost", "root", "", "rockinrochester"); // Check connection if($link === false){ die("ERROR: Could not connect. " . mysqli_connect_error()); } $sql= mysql_query("SELECT FROM register (username, password) WHERE username=$username"); if(mysql_num_rows($sql)>=1) { echo"name already exists"; } else { $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; $hashed = password_hash($password, PASSWORD_DEFAULT); if($password != $password2) { //checks to see if passwords match, if they don't it redirects person back to registration form header('Location: register.php'); echo "passwords didn't match"; } else { $sql = "INSERT INTO register (username, password) VALUES ( '$username','$hashed')"; // if passwords match inputs them into database } if(mysqli_query($link, $sql)){ header('Location: registered.php'); // if it works relocated person to registered.html } else{ echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); // if it fails it prints an error message } // Close connection mysqli_close($link); } ?> <?php session_start(); /* Attempt MySQL server connection. Assuming you are running MySQL server with default setting (user 'root' with no password) */ $link = mysqli_connect("localhost", "root", "", "rockinrochester"); // Check connection if($link === false){ die("ERROR: Could not connect. " . mysqli_connect_error()); } $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; $hashed = password_hash($password, PASSWORD_DEFAULT); $sql = mysql_query("SELECT FROM register(username, password, ) WHERE username=$username"); if(mysql_num_rows($sql)>=1) { echo"name already exists"; } else{ if($password != $password2) { //checks to see if passwords match, if they don't it redirects person back to registration form header('Location: register.php'); echo "passwords didn't match"; } else { $sql = "INSERT INTO register (username, password) VALUES ( '$username','$hashed')"; // if passwords match inputs them into database } if(mysqli_query($link, $sql)){ header('Location: registered.php'); // if it works relocated person to registered.html } else{ echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); // if it fails it prints an error message } // Close connection mysqli_close($link); } ?> at the minute It's throwing back the following error Quote
Edited April 4, 2019 by dylfs changing code Hi Guys, This is really stumping me here lol i have set my registration page code to email me when a user signs up (once its entered in the database) code: Code: [Select] <?php if (isset($_POST['submitSignUp'])) { // Errors array() $errors = array(); // POST vars $fName = mysql_real_escape_string($_POST['fname']); $lName = mysql_real_escape_string($_POST['lname']); $email = mysql_real_escape_string($_POST['email']); $pass1 = mysql_real_escape_string($_POST['pass1']); $pass2 = mysql_real_escape_string($_POST['pass2']); $cntry = mysql_real_escape_string($_POST['cntry']); // Does passwords match if ($pass1 != $pass2) { $errors[] = "Your passwords don't match."; } // Potential errors // Empty fields if (empty($fName) || empty($lName) || empty($email) || empty($pass1) || empty($pass2)) { $errors[] = "You never filled in all the fields."; } else { // Does user exist? $result = mysql_query("SELECT * FROM `dig_customers` WHERE `email`='$email' LIMIT 1"); if (mysql_num_rows($result) > 0) { $errors[] = "The e-mail address <b>$email</b> has already been registered."; } else { // Empty for now... } } // display errors if any exist if (count($errors) > 0) { print "<div id=\"errorMsg\"><h3>Ooops! There was error(s)</h3><ol>"; foreach($errors as $error) { print "<li>$error</li>"; } print "</ol></div>"; } else { print "<div id=\"okMsg\"><p>All done :) you can now sign in.</p></div>"; // Encrypt the password before insertion $encPass = md5($pass1); // Insert into the database $q = mysql_query("INSERT INTO `dig_customers` (`id`, `password`, `password_unencrypted`, `gender`, `title`, `first_name`, `last_name`, `address`, `city`, `state_county`, `post_zip_code`, `country`, `email`, `home_number`, `mobile_number`, `news_letter`, `special_offers`, `admin_level`, `registered`) VALUES ('', '$encPass', '$pass1', 'NULL', 'NULL', '$fName', '$lName', 'NULL', 'NULL', 'NULL', 'NULL', '$cntry', '$email', 'NULL', 'NULL', 'NULL', 'NULL', 'N', NOW())"); if ($q) { // Alert on signup send_graham_email("User Has Signed Up!"); } } } ?> When i do a test signup on: http://www.digicures.com/sign-up.php everything works great i get an email and the entry is saved in the database, over the paste week or so i have had about 8 emails saying people have signed up but when i check the database there nothing there! i can't understand it, only when the insert query is true should it send me the mail eh? can anyone see any problems with the code at all? cheers guys Graham below is the code for a registration form. It "works",I mean that the insert query is being performed, some error messages appear. the problem is, i don't understand how "root" is being automatically sent to the database as a username. when logging into phpmyadmin, the username root appears because it is on autofill. but, i don't get why it's filling the registration form with root. i don't see "root" entered on the form, but, after registering, it says "Congratulations root!". If i leave the form blank, i don't get the error message for blank username either. i've just started learning php,so i guess something might be wrong with the code. any help, please? Code: [Select] <html> <head> <link rel="stylesheet" type="text/css" href="reset.css" media="screen" /> <link rel="stylesheet" type="text/css" href="style.css" media="screen" /> <title>Register</title> </head> <body> <div id="layout_wrapper"> <div id="layout_container"> <div id="layout_content"> <div id="site_title"> <h1><a href="home.html">WEBSITE</a></h1> <h2>WEBSITE DESCRI</h2> </div> <div id="header_image"></div> <div class="clearer"> </div> </div> <div id="main"> <div class="post"> <div class="post_top"> <div class="post_title"><h2>REGISTER</h2></div> </div> <div class="post_body"> <?php $error_stat=0; $errorMsg=''; if (isset ($_POST['submit'])){ $username = $_POST['username']; $gender = preg_replace('#[^a-z]#i', '', $_POST['gender']); $b_m = preg_replace('#[^0-9]#i', '', $_POST['birth_month']); $b_d = preg_replace('#[^0-9]#i', '', $_POST['birth_day']); $b_y = preg_replace('#[^0-9]#i', '', $_POST['birth_year']); $email1 = $_POST['email1']; $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; $email1 = stripslashes($email1); $pass1 = stripslashes($pass1); $email2 = stripslashes($email2); $pass2 = stripslashes($pass2); $email1 = strip_tags($email1); $pass1 = strip_tags($pass1); $email2 = strip_tags($email2); $pass2 = strip_tags($pass2); include_once "../scripts/connect_to_mysql.php"; $emailCHecker = mysql_real_escape_string($email1); $emailCHecker = str_replace("`", "", $emailCHecker); $sql_uname_check = mysql_query("SELECT user_name FROM tbl_user WHERE user_name='$username'"); $uname_check = mysql_num_rows($sql_uname_check); $sql_email_check = mysql_query("SELECT email FROM tbl_user WHERE email='$emailCHecker'"); $email_check = mysql_num_rows($sql_email_check); if ((!$username) || (!$gender) || (!$b_m) || (!$b_d) || (!$b_y) || (!$email1) || (!$pass1) || (!$pass2)) { $error_stat=1; $errorMsg = 'ERROR: You did not submit the following required information:<br /><br />'; if(!$username){ $errorMsg .= ' * User Name<br />'; } if(!$gender){ $errorMsg .= ' * Sex <br />'; } if(!$b_m){ $errorMsg .= ' * Birth Month<br />'; } if(!$b_d){ $errorMsg .= ' * Birth Day<br />'; } if(!$b_y){ $errorMsg .= ' * Birth year<br />'; } if(!$email1){ $errorMsg .= ' * Email Address<br />'; } if(!$pass1){ $errorMsg .= ' * Login Password<br />'; } if(!$pass2){ $errorMsg .= ' * Confirm Login Password<br />'; } } else if ($pass1 != $pass2) { $errorMsg = 'ERROR: Your Password fields below do not match<br />'; } else if (strlen($username) < 4) { $errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 4 - 20 characters please.<br />"; } else if (strlen($username) > 20) { $errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 4 - 20 characters please.<br />"; } else if ($uname_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside of our system. Please try another.<br />"; } else if ($email_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside of our system. Please use another.<br />"; } else { $email1 = mysql_real_escape_string($email1); $pass1 = mysql_real_escape_string($pass1); $full_birthday = "$b_y-$b_m-$b_d"; $sql = mysql_query("INSERT INTO tbl_user (user_name, sex, dob, date_joined,email, password) VALUES('$username','$gender','$full_birthday', now(),'$email1', '$pass1')") or die (mysql_error()); $id = mysql_insert_id(); echo "<h2>Registration Successful!</h2>"; echo "<p>Congratulations <b>$username</b>, your registration was successful. Your account has now been created with the following details:</p>"; echo "<p><b>Username:</b> $username</p>"; echo "<p><b>Password:</b> $pass1</p>"; echo "<p><b>Sex:</b> $gender</p>"; echo "<p><b>Email:</b> $email1</p>"; echo "<p><b>DOB:</b> $full_birthday</p>"; echo "<p>You may now login.</p>"; } // Close else after duplication checks } if (!isset($_POST['submit']) || $error_stat==1) { ?> <?php echo $errorMsg;?> <form method="POST" action=""> <table> <tr> <td width="114" bgcolor="#FFFFFF">User Name: *</span></td> <td width="452" bgcolor="#FFFFFF"><input name="username" type="text" id="username " size="32" maxlength="20" /> <span id="nameresponse">Alphanumeric Characters Only</span></td> </tr> <tr> <td bgcolor="#EFEFEF">Sex:*</span></td> <td bgcolor="#EFEFEF"><label> <input name="gender" type="radio" id="gender" value="m" checked="checked" />Male <input type="radio" name="gender" id="gender" value="f" />Female </label></td> </tr> <tr> <td bgcolor="#FFFFFF">Date of Birth:*</span></td> <td bgcolor="#FFFFFF"> <select name="birth_month" id="birth_month"> <option value="01">January</option> <option value="02">February</option> <option value="03">March</option> <option value="04">April</option> <option value="05">May</option> <option value="06">June</option> <option value="07">July</option> <option value="08">August</option> <option value="09">September</option> <option value="10">October</option> <option value="11">November</option> <option value="12">December</option> </select> <select name="birth_day" id="birth_day"> <option value="01">1</option> <option value="02">2</option> <option value="03">3</option> <option value="04">4</option> <option value="05">5</option> <option value="06">6</option> <option value="07">7</option> <option value="08">8</option> <option value="09">9</option> <option value="10">10</option> <option value="11">11</option> <option value="12">12</option> <option value="13">13</option> <option value="14">14</option> <option value="15">15</option> <option value="16">16</option> <option value="17">17</option> <option value="18">18</option> <option value="19">19</option> <option value="20">20</option> <option value="21">21</option> <option value="22">22</option> <option value="23">23</option> <option value="24">24</option> <option value="25">25</option> <option value="26">26</option> <option value="27">27</option> <option value="28">28</option> <option value="29">29</option> <option value="30">30</option> <option value="31">31</option> </select> <select name="birth_year" id="birth_year"> <option value="2010">2010</option> <option value="2009">2009</option> <option value="2008">2008</option> <option value="2007">2007</option> <option value="2006">2006</option> <option value="2005">2005</option> <option value="2004">2004</option> <option value="2003">2003</option> <option value="2002">2002</option> <option value="2001">2001</option> <option value="2000">2000</option> <option value="1999">1999</option> <option value="1998">1998</option> <option value="1997">1997</option> <option value="1996">1996</option> <option value="1995">1995</option> <option value="1994">1994</option> <option value="1993">1993</option> <option value="1992">1992</option> <option value="1991">1991</option> <option value="1990">1990</option> <option value="1989">1989</option> <option value="1988">1988</option> <option value="1987">1987</option> <option value="1986">1986</option> <option value="1985">1985</option> <option value="1984">1984</option> <option value="1983">1983</option> <option value="1982">1982</option> <option value="1981">1981</option> <option value="1980">1980</option> <option value="1979">1979</option> <option value="1978">1978</option> <option value="1977">1977</option> <option value="1976">1976</option> <option value="1975">1975</option> <option value="1974">1974</option> <option value="1973">1973</option> <option value="1972">1972</option> <option value="1971">1971</option> <option value="1970">1970</option> <option value="1969">1969</option> <option value="1968">1968</option> <option value="1967">1967</option> <option value="1966">1966</option> <option value="1965">1965</option> <option value="1964">1964</option> <option value="1963">1963</option> <option value="1962">1962</option> <option value="1961">1961</option> <option value="1960">1960</option> <option value="1959">1959</option> <option value="1958">1958</option> <option value="1957">1957</option> <option value="1956">1956</option> <option value="1955">1955</option> <option value="1954">1954</option> <option value="1953">1953</option> <option value="1952">1952</option> <option value="1951">1951</option> <option value="1950">1950</option> <option value="1949">1949</option> <option value="1948">1948</option> <option value="1947">1947</option> <option value="1946">1946</option> <option value="1945">1945</option> <option value="1944">1944</option> <option value="1943">1943</option> <option value="1942">1942</option> <option value="1941">1941</option> <option value="1940">1940</option> <option value="1939">1939</option> <option value="1938">1938</option> <option value="1937">1937</option> <option value="1936">1936</option> <option value="1935">1935</option> <option value="1934">1934</option> <option value="1933">1933</option> <option value="1932">1932</option> <option value="1931">1931</option> <option value="1930">1930</option> <option value="1929">1929</option> <option value="1928">1928</option> <option value="1927">1927</option> <option value="1926">1926</option> <option value="1925">1925</option> <option value="1924">1924</option> <option value="1923">1923</option> <option value="1922">1922</option> <option value="1921">1921</option> <option value="1920">1920</option> <option value="1919">1919</option> <option value="1918">1918</option> <option value="1917">1917</option> <option value="1916">1916</option> <option value="1915">1915</option> <option value="1914">1914</option> <option value="1913">1913</option> <option value="1912">1912</option> <option value="1911">1911</option> <option value="1910">1910</option> <option value="1909">1909</option> <option value="1908">1908</option> <option value="1907">1907</option> <option value="1906">1906</option> <option value="1905">1905</option> <option value="1904">1904</option> <option value="1903">1903</option> <option value="1902">1902</option> <option value="1901">1901</option> <option value="1900">1900</option> </select> </td> </tr> <tr> <td bgcolor="#EFEFEF">Email Address:*</span></td> <td bgcolor="#EFEFEF"><input name="email1" type="text" id="email1" size="32" maxlength="48" /></td> </tr> <tr> <td bgcolor="#FFFFFF">Create Password:*</span></td> <td bgcolor="#FFFFFF"><input name="pass1" type="password" id="pass1" size="32" maxlength="16" /> <span>Alphanumeric Characters Only</span></td> </tr> <tr> <td bgcolor="#EFEFEF">Confirm Password: *</span></td> <td bgcolor="#EFEFEF"><input name="pass2" type="password" id="pass2" size="32" maxlength="16" /> <span>Alphanumeric Characters Only</span></td> </tr> <tr> <td><input type="submit" name="submit" value="Sign Up!" /></td> </tr> </table> </form> <?php } ?> </div> <div id="footer"> <div class="left">© 2011</div> <div class="right"><a href="#">....</a><a href="#">....</a></div> <div class="clearer"> </div> </div> </div> </div> </div> </body> </html> Any body please, Why my registration form page stoped working, don't feed the dbase any more, I'm the only one with access to make changes but I did not make any changes, just stoped out of no where, any ideas? Hi, php newbie here, web developer newbie too! Some time ago I did a website which included a course registration form which someone else created for me in php. This worked fine and I amended the original to work on another website. I am currently updating this second website and the php has stopped working, and I am no longer in contact with the original developer of the code. The form is at: http://www.bisntechnologies.com/register.htm, and the php is: <?php /* ------- Stuff You Can Change --------- */ $recipient = 'registration@bisntechnologies.com'; $redirect = 'confirmation.php'; /* -------------------------------------- */ $name = $HTTP_POST_VARS['name']; $company = $HTTP_POST_VARS['company']; $position = $HTTP_POST_VARS['position']; $telephone = $HTTP_POST_VARS['telephone']; $email = $HTTP_POST_VARS['email']; $interest = $HTTP_POST_VARS['interest']; $clientip = $_SERVER['REMOTE_ADDR']; $msg = "Name: $name\nCompany: $company\nPosition: $position\nTelephone: $telephone\nE-mail: $email\nInterest: $interest\n\nIP Address: $clientip"; $replymsg = "<html><body style=\"font-family: Trebuchet MS; font-size: 13px\"><p>Dear $name,</p><p>Thank you for registering.</p><p><a href=\"http://www.bisntechnologies.com\"><img border=0 src=\"http://www.bisntechnologies.com/images/NewLogo.jpg\" alt=\"BiSN Technologies Ltd\"></a></p></body></html>"; if (mail($email,'Registration',$replymsg,"MIME-Version: 1.0\r\nContent-type: text/html;charset=iso-8859-1\r\nFrom: registration@bisntechnologies.com")) { mail($recipient,'Registration Confirmation',$msg,"From: $email"); include($redirect); } else { echo "<h4>\"$email\" is an invalid e-mail address. Please click the browser's Back button.</h4>"; } ?> Putting in valid information gives the error: "" is an invalid e-mail address. Please click the browser's Back button." which it didn't used to do. I expect it is a very simple mistake but I cannot trace it. Any help to pinpoint the problem greatly appreciated. I need an Event Registration Script that allows for payment with Paypal & saves form details and Paypal transaction ID to my MySQL DB After the payment has been finalized. I want to have ppl be able to register for camp, and with that choose if they want to preorder the new camp DVD, order last camps DVD, order both DVD's or neither DVD. I am not incredible gifted with PHP since I am new so please be gentle. What do you recommend? I would like to learn a little from this process instead of buying a completed script. Thanks Hello, I am currently coding a site from scratch. I know i can use templates and everything else but i want the experience. The HTML I've had down for years but it seems PHP is getting a little elusive for me. I'm trying to create a registration form and when i test my site i keep getting parse errors and syntax errors... mainly regarding the use of {} and if/else. Any help would be appreciated. Most of the code is still incomplete, I have to go back and fill in some areas I've left blank for now, but i have commented using // Where the browser is kicking back my errors.
- “Any sufficiently advanced technology is indistinguishable from magic” (Arthur C. Clark, 1962)
<?php $con = Mysqli_connect("'', '', ''"); if (Mysqli_connect_errno()) { echo "Failed to connect to DB. Please check your connection info." . Mysqli_connect_errno; // Only if there is an error. } //Declaring Variable for Registration form $fname = ""; $lname = ""; $em = ""; $emc = ""; $pass = ""; $passc = ""; $date = ""; $error_array = ""; if (insert($_POST['register_button'])) { // To handle the registration form // First Name Values $fname = strip_tags($_POST['reg_fname']); $fname = str_replace(' ', '', $fname); $fname = ucfirst(strtolower($fname)); // Last Name Values $lname = strip_tags($_POST['reg_lname']); $lname = str_replace(' ', '', $lname); $lname = ucfirst(strtolower($lname)); // Registration Email Values $em = strip_tags($_POST['reg_email']); $em = str_replace(' ', '', $em); // Confirm Registration Email Values $emc = strip_tags($_POST['reg_emailc']); $emc = str_replace(' ', '', $emc); // Registrsation Password Values $pass = strip_tags($_POST['reg_pass']); // Registration Password Confirmation Values $passc = strip_tags($_POST['reg_passc']); // Registration Date Values $date = date("m-d-Y"); // Here is where the browser keeps kicking back parse errors if ($em == $emc) { } else { echo "Email and Confirmation Email must match"; } if (filter_var($em, FILTER_VALIDATE_EMAIL)) { $em = filter_var($em, FILTER_VALIDATE_EMAIL) } else { echo "Invlaid Format"; } ?>
Ok im only new to PHP and Im trying to setup my own porfolio website using PHP,CSS,HTML5 and other bits. Iv downloaded WAMP and im tryin to get my website workin offline first. Well im just trying to get a section in my site in the top right corner for a login and register area similar to this website (membership section) iv bein following some online video tuts and completed them right but Im not sure how to integrate it into my existing home page,/ index.html page. I want to have it so that it says login or registered and it works through php. all the tuts I followed seem to have this done on one index.php page and im getting confused as to how I can have a small section on my home page just for registering if yano what I mean..... Maybe its a silly question....im still learning....Any help be gratefull Hey Guys! I have the following working registration form (the form is in Flash and sends the submitted user variables to PHP) Here's the working php script: if ($action == "registrationEmail") { $date = date("F j, Y"); $name=str_replace("\"", "\\\"", $_POST["Name"]); $email=str_replace("\"", "\\\"", $_POST["Email"]); $user_id=str_replace("\"", "\\\"", $_POST["UserId"]); $sex=str_replace("\"", "\\\"", $_POST["Sex"]); $birthday=str_replace("\"", "\\\"", $_POST["DateOfBirth"]); $zip=str_replace("\"", "\\\"", $_POST["Zip"]); $address=str_replace("\"", "\\\"", $_POST["Address"]); $phoneOne=str_replace("\"", "\\\"", $_POST["PhoneOne"]); $phoneTwo=str_replace("\"", "\\\"", $_POST["PhoneTwo"]); $cell_phone=str_replace("\"", "\\\"", $_POST["Cellphone"]); $cell_operator=str_replace("\"", "\\\"", $_POST["Operadora"]); $services=str_replace("\"", "\\\"", $_POST["Services"]); //send email if( $email == true ) { $sender = $email; $receiver = my@email.com"; $client_ip = $_SERVER['REMOTE_ADDR']; $email_body = "Email: $email \n\nIP: $client_ip \n\nName: $name \n\nUserId: $user_id \n\nSex: $sex \n\nDate Of Birth: $birthday \n\nZip: $zip \n\nAddress: $address \n\nPhone One: $phoneOne \n\nPhone Two: $phoneTwo \n\nCell Phone: $cell_phone \n\nCell Operator: $cell_operator \n\nServices: $services \n\nDate: $date"; $extra = "From: $sender\r\n" . "Reply-To: $sender \r\n" . "X-Mailer: PHP/" . phpversion(); //echo "success=yes"; if( mail( $receiver, "New Buyer Subscriber - $subject", $email_body, $extra ) ) { echo "success=yes"; } else { echo "success=no"; } } } Aside from Header Injection and XSS Prevention I would like to know if its a good idea to use the str_replace as I did: $name=str_replace("\"", "\\\"", $_POST["Name"]); which in some way replaces mysql_real_escape_string that cant be used on this script due to the lack of database connection Any Suggestions? Hey All! Well, here I am at PHP Freaks mercy again lol. I love this website and everyone here is always so helpful so let's get to my most recent issue. I am developing a pretty simple event registration form, which would be pretty easy in most respects. It will have the following pretty standard fields. Number of people attending: (drop down with 1-10) Name Address City State Zip Email Phone Alternate Phone There will be a few other fields but they aren't relevant. Basically the first field "Number of people attending (drop down 1-10)" will have to create a section with the following fields above for each person's information. If there are 3 people attending then it will need to have 3 sections of all those fields for each person. Making the page dynamically generate those sections on-the-fly when the user selects "3" for example is the first issue I am having. The other issue I am having is how would I handle the information dynamically within the PHP. If there was just one person it would be easy because I could just reference those fields. One solution I have for the second problem that I have some experience with is naming the fields name[] for example. But I still don't have a complete grasp on how to make that fix my problem. I've tried googling for hours but have had no luck, which may be because I'm not sure how to phrase the problem maybe. Any help! I need help with this ASAP!!! I pretty sure my boss will fire me if I can not figure this out tonight... PLEASE HELP! I am a graphic designer and not a programmer... PLEASE HELP ME!!! My form will not display the echoed message ("Please fill in all required (*) feilds", "Maximum length for username is 25 characters", etc.) when I hit submit... It wouldn't even show the variables when I tried to just have the form only echo the various strings... nothing appeared... the only way I could get the string values to appear was through a array like this: if(is_array($_POST)){ echo '<pre>'; print_r($_POST); echo '</pre>'; } ^^This returned the data fine... but when I try to echo on particular string and not using the array, nothing appears... This is crucial as this is how the custom error messages are displayed... Here is my PHP code: <?php $submit = $_POST['submit']; //form data $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); $passwordrepeat = strip_tags($_POST['passwordrepeat']); $email = strip_tags($_POST['email']); $emailrepeat = strip_tags($_POST['emailrepeat']); $career_status = strip_tags($_POST['career_status']); $name_title = strip_tags($_POST['name_title']); $first_name = strip_tags($_POST['first_name']); $middle_name = strip_tags($_POST['middle_name']); $last_name = strip_tags($_POST['last_name']); $suffix = strip_tags($_POST['suffix']); $current_address1 = strip_tags($_POST['current_address1']); $current_address2 = strip_tags($_POST['current_address2']); $current_city = strip_tags($_POST['current_city']); $current_state = strip_tags($_POST['current_state']); $current_zip = strip_tags($_POST['current_zip']); $phone_home = strip_tags($_POST['phone_home']); $phone_mobile = strip_tags($_POST['phone_mobile']); $preferred_contact = strip_tags($_POST['preferred_contact']); $school_name = strip_tags($_POST['school_name']); $school_city = strip_tags($_POST['school_city']); $school_state = strip_tags($_POST['school_state']); $school_gradYear = strip_tags($_POST['school_gradYear']); $med_school_debt = strip_tags($_POST['med_school_debt']); $monthly_debt_payment = strip_tags($_POST['monthly_debt_payment']); $credit_score = strip_tags($_POST['credit_score']); $marital_status = strip_tags($_POST['marital_status']); $current_employer_name = strip_tags($_POST['current_employer_name']); $current_employer_city = strip_tags($_POST['current_employer_city']); $current_employer_state = strip_tags($_POST['current_employer_state']); $current_position = strip_tags($_POST['current_position']); $current_specialty = strip_tags($_POST['current_specialty']); $current_employer_startDate_mm = strip_tags($_POST['current_employer_startDate_mm']); $current_employer_startDate_yyyy = strip_tags($_POST['current_employer_startDate_yyyy']); $changing_employer = strip_tags($_POST['changing_employer']); $current_employer_endDate_mm = strip_tags($_POST['current_employer_endDate_mm']); $current_employer_endDate_yyyy = strip_tags($_POST['current_employer_endDate_yyyy']); $future_employer_name = strip_tags($_POST['future_employer_name']); $future_employer_city = strip_tags($_POST['future_employer_city']); $future_employer_state = strip_tags($_POST['future_employer_state']); $future_position = strip_tags($_POST['future_position']); $future_specialty = strip_tags($_POST['future_specialty']); $future_employer_startDate_mm = strip_tags($_POST['future_employer_startDate_mm']); $future_employer_startDate_yyyy = strip_tags($_POST['future_employer_startDate_yyyy']); $destination_city = strip_tags($_POST['destination_city']); $destination_state = strip_tags($_POST['destination_state']); $move_date_mm = strip_tags($_POST['move_date_mm']); $move_date_yyyy = strip_tags($_POST['move_date_yyyy']); $prop_single_family = strip_tags($_POST['prop_single_family']); $prop_townhouse = strip_tags($_POST['prop_townhouse']); $prop_condo = strip_tags($_POST['prop_condo']); $prop_co_op = strip_tags($_POST['prop_co_op']); $prop_duplex = strip_tags($_POST['prop_duplex']); $prop_mobile = strip_tags($_POST['prop_mobile']); $prop_other = strip_tags($_POST['prop_other']); $num_bedrooms = strip_tags($_POST['num_bedrooms']); $num_bath = strip_tags($_POST['num_bath']); $price_low = strip_tags($_POST['price_low']); $price_high = strip_tags($_POST['price_high']); $prop_purpose = strip_tags($_POST['prop_purpose']); $need_realtor = strip_tags($_POST['need_realtor']); $need_lender = strip_tags($_POST['need_lender']); $need_refinance_NoCash = strip_tags($_POST['need_refinance_NoCash']); $need_refinance_TakeCash = strip_tags($_POST['need_refinance_TakeCash']); $need_home_equity = strip_tags($_POST['need_home_equity']); $need_commercial = strip_tags($_POST['need_commercial']); $need_practice = strip_tags($_POST['need_practice']); $mortgage_needs = strip_tags($_POST['mortgage_needs']); $most_important = strip_tags($_POST['most_important']); $keep_property_time = strip_tags($_POST['keep_property_time']); $keep_mortgage_time = strip_tags($_POST['keep_mortgage_time']); $program_foundHome_lowDown_NoPMI = strip_tags($_POST['program_foundHome_lowDown_NoPMI']); $program_foundHome_20down_bestRate = strip_tags($_POST['program_foundHome_20down_bestRate']); $program_foundHome_20down_specializedLender = strip_tags($_POST['program_foundHome_20down_specializedLender']); $program_preapproved_physLoan = strip_tags($_POST['program_preapproved_physLoan']); $program_preapproved_coventionalLoan = strip_tags($_POST['program_preapproved_coventionalLoan']); $program_lenderBailed = strip_tags($_POST['program_lenderBailed']); $program_poorCredit = strip_tags($_POST['program_poorCredit']); $referral_source = strip_tags($_POST['referral_source']); $registration_date = date("Y-m-d"); if ($submit) { //check that required fields are completed if ($username&&$password&&$passwordrepeat&&$email&&$emailrepeat&&$career_status&&$first_name&&$last_name) { //encrypt password $password = md5($password); $passwordrepeat = md5($passwordrepeat); if ($password==$passwordrepeat) { //check character length of username and if (strlen($username)>25) { echo "Maximum length for username is 25 characters."; } else { //check password length if (strlen($password)>25||(strlen($password)<6)) { echo "Password must be between 6 and 25 characters in length."; } else { //register the user echo "Success!"; } } } else echo "Your passwords do not match. Please re-enter and hit submit again."; } else echo "Please fill in all required (*) feilds."; } ?> Here is my form: http://www.doctorbrownshoes.com/testPHP/registration.php Hi I'm new here, also I'm new in php. What I need to do is to write registration form with drop down menu. Actually, I need to have drop down menu which would write data into database when someone fill registration form. Also I need when someone choose one of the city name in drop down menu, to display certain image in specific php page. Can anyone help me. Here is my code for registration form : register.php <?PHP //Database Information $dbhost = ""; $dbname = ""; $dbuser = ""; $dbpass = ""; //Connect to database mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error()); mysql_select_db($dbname) or die(mysql_error()); $name = $_POST['name']; $email = $_POST['email']; $username = $_POST['username']; $password = md5($_POST['password']); $grad = $_POST['grad']; // lets check to see if the username already exists $checkuser = mysql_query("SELECT username FROM users WHERE username='$username'"); $username_exist = mysql_num_rows($checkuser); if($username_exist > 0){ echo "I'm sorry but the username you specified has already been taken. Please pick another one."; unset($username); include 'register.html'; exit(); } $checkemail = mysql_query("SELECT email FROM users WHERE email='$email'"); $email_exist = mysql_num_rows($checkemail); if($email_exist > 0){ echo "Email koji ste izabrali vec postoji."; unset($email); include 'register.html'; exit(); } $checkname = mysql_query("SELECT name FROM users WHERE name='$name'"); $name_exist = mysql_num_rows($checkname); if($name_exist > 0){ echo "Ime koje ste izabrali vec postoji."; unset($name); include 'register.html'; exit(); } // lf no errors present with the username // use a query to insert the data into the database. $query = "INSERT INTO users (name, email, username, password, grad) VALUES('$name', '$email', '$username', '$password','$grad')"; mysql_query($query) or die(mysql_error()); mysql_close(); if(empty($name) || empty($email) || empty($username)) { echo "Nisu uneseni svi podaci."; } /*else if(empty(($password))) //ovaj uslov ne prolazi !!! { echo "Niste uneli lozinku."; }*/ else { echo "Uspesno ste se registrovali"; } ?> and for form : register.html <form name="login" method="post" action="register.php"> <table border="0" width="225" align="center"> <tr> <td width="219" bgcolor="#ff6600"> <p align="center"><font color="white"><span style="font-size:14pt;"><b>Registration</b></span></font></p> </td> </tr> <tr> <td width="555"> <table border="0" width="555" align="center"> <tr> <td width="116"><span style="font-size:12pt;">Name:</span></td> <td width="156"><input type="text" name="name" maxlength="100"></td> <td width="200"><p align="left"><span style="font-size:11pt;"><i>*Ukucajte vase puno ime i prezime*</i></span></p></td> </tr> <tr> <td width="116"><span style="font-size:12pt;">Email:</span></td> <td width="156"><input type="text" name="email" maxlength="100"></td><br/> </tr> <tr> <td width="116"><span style="font-size:12pt;">Username:</span></td> <td width="156"><input type="text" name="username"></td><br/> </tr> <tr> <td width="116"><span style="font-size:12pt;">Password:</span></td> <td width="156"><input type="password" name="password"></td><br/> </tr> <tr> <td width="116"> </td> <td width="156"> <p align="right"><input type="submit" name="submit" value="Submit"></p> </td> </tr> <tr> <td> <select name = "dropdown" value="options"> <option value "register.php">Izaberi grad</option> <option value = "Beograd">Beograd</option> <option value = "Nis">Nis</option> <option value = "Novi Sad">Novi Sad</option> </select> </td> </tr> </table> </td> </tr> <tr> <td width="219" bgcolor="#ff6600"> </td> </tr> </table> </form> This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=342885.0 |