|
PHP - New To Php, Need Help To Add A Registration Field In Code.
Hi everyone,
I wanted to let you know first that i am real new into this. I am trying to build a user management system and i can't seem to add a registration field. I got the free script uM Script and here's the code, please help me on this one: REGISTER.PHP Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB"> <head> <title>Member Registration</title> <meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf-8" /> <meta name="description" content="" /> <meta name="keywords" content="" /> <meta name="robots" content="index, follow" /> <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" /> <link rel="stylesheet" type="text/css" href="css/style.css" media="screen" /> <script type="text/javascript" src="js/jquery-1.6.2.js"></script> <script type="text/javascript" src="js/script.js"></script> <script type="text/javascript"> $(document).ready(function(){ $('#regForm').submit(function(e) { register(); e.preventDefault(); }); }); </script> </head> <body> <table align="center" width="100%" cellspacing="1" cellpadding="1" border="0"> <tr> <td align="left"><a href="index.php">Home</a> | <a href="login.php">Log in</a> | <a href="register.php">Register</a> | <a href="pass_reset.php">Reset Password</a> | <a href="contact_us.php">Contact Us</a></td><td align="right"><a href="admin/login.php">Admin Login</a></td> </tr> </table> <hr/> <p>Register</p> <p>Use the form below to register.</p> <hr/> <div class="done"><p>Registration successful! <a href="login.php">Click here</a> to login.</p></div><!--close done--> <div class="form"> <form id="regForm" action="reg_submit.php" method="post"> <table align="center" width="50%" cellspacing="1" cellpadding="1" border="0"> <tr> <td colspan="2" ></td> </tr> <tr> <td> <label for="username">Username:</label> </td> <td> <input onclick="this.value='';" name="username" type="text" size="25" maxlength="8" value="<?php if(isset($_POST['username'])){echo $_POST['username'];}?>"/> </td> </tr> <tr> <td> <label for="password">Password:</label> </td> <td> <input name="password" type="password" size="25" maxlength="15" /> </td> </tr> <tr> <td> <label for="email">Email:</label> </td> <td> <input onclick="this.value='';" name="email" type="text" size="25" maxlength="50" value="<?php if(isset($_POST['email'])){echo $_POST['email'];}?>"/> </td> </tr> <tr> <td><label for="phone"><label>Phone:</label></td><td><input type="text" name="phone" value="<?php if(isset($_POST['phone'])){echo $_POST['phone'];}?>"/></td> </tr> <td> </td> <td> <input type="submit" name="register" value="Register" /><img id="loading" src="images/loading.gif" alt="working.." /> </td> </tr> <tr> <td colspan="2"><div id="error"> </div></td> </tr> </table> </form> </div><!--close form--> </body> </html> REG.SUBMIT.PHP Code: [Select] <?php require_once('lib/connections/db.php'); include('lib/functions/functions.php'); $sitesettings = getSiteSettings(); $site_url = $sitesettings[0]['site_url']; //For registration // we check if everything is filled in and perform checks if(!$_POST['username']) { die(msg(0,"<p>Please enter a username.</p>")); } if(strlen($_POST['username'])<3 || strlen($_POST['username'])>15) { die(msg(0,"<p>Username must be between 3 and 15 characters.</p>")); } elseif(uniqueUser($_POST['username'])) { die(msg(0,"Username already taken.")); } elseif(!$_POST['password']) { die(msg(0,"<p>Please enter a password.</p>")); } elseif(strlen($_POST['password'])<5) { die(msg(0,"<p>Usernames must be atleast 5 characters.</p>")); } elseif(!$_POST['email']) { die(msg(0,"<p>Please enter an email address.</p>")); } /*elseif(validateEmail($_POST['email'])) { die(msg(0,"<p>Invalid email address.</p>")); }*/ elseif(uniqueEmail($_POST['email'])) { die(msg(0,"<p>Email taken. Please select another email address.</p>")); } elseif(!$_POST['phone']) { die(msg(0,"Phone numbers must be of numeric type only.")); } else { $res = addUser($_POST['username'],$_POST['password'],$_POST['email'], $_POST['phone'],$site_url); if ($res == 1){ die(msg(0,"Failed to send activation email. Please contact the site admin.")); } if ($res == 2){ die(msg(0,"There was an error registering your details. Please contact the site admin.")); } if ($res == 99){ die(msg(1,"<p>Registration successful! <a href='login.php'>Click here</a> to login.</p>")); } } function msg($status,$txt) { return '{"status":'.$status.',"txt":"'.$txt.'"}'; } ?> And the code of the function: Code: [Select] //----------Function for adding user's profile---------- function addUser($user,$pass,$email,$site_url) { $user = secureInput($user); $pass = secureInput($pass); $email = secureInput($email); $site_url = secureInput($site_url); //Encrypt password for database $salt = 's+(_a*'; $pass = md5($pass.$salt); $reg_date = date("l, M j, Y, g:i a"); $sql = "INSERT INTO users (username,password,email,active,level_access,reg_date) VALUES ('".$user."','".$pass."','".$email."',0,2,'".$reg_date."')"; $res = mysql_query($sql); if($res){ //build email to be sent $to = $email; $subject = $site_url; $subject .= ": Activate Your Account"; $message = " <html> <head> <title>Account Activation</title> </head> <body> <h3>Account Activation</h3> <p>Dear ".$user.", thank you for registering at ".$site_url.".</p> <p>Please click on the link below to activate your account:</p> <a href='".$site_url."/confirm_user_reg.php?prsn=".$user."'>http://www.".$site_url."</a>. <p>If the above link does not work, copy and paste the below URL to your browser's address bar:</p> <p><i>http://www.".$site_url."/confirm_user_reg.php?prsn=".$user."</i></p><br/> <p>If you did not initiate this request, simply disregard this email, and we're sorry for bothering you.</p> <br/><br/> <p>Sincerely,</p> <p>The ".$site_url." Team.</p> </body> </html> "; // To send HTML mail, the Content-type header must be set $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/html; charset=iso-8859-1\r\n"; if($mail_send = mail($email, $subject, $message, $headers)) { } return 99; return 1; } else return 2; } I know i'm wrong somewhere because when i register a user the phone number won't post on the "phone" field on database. Similar TutorialsI'm building a php program that registers users onto a website. With the help of people from this thread http://www.phpfreaks.com/forums/index.php?topic=332260.15 I was able to accomplish the goal and now the signup works with conditions that check for a valid email, and if the password is strong enough. T he program correctly displays the the problem when a user does NOT enter a valid email, or a strong enough password, but the user has to re-enter the email and password everytime. I want to make it so that the fields remained populated with what the user entered previously, so he or she does not have to re-enter his or her email/password. Here is the code (its really ghetto) Code: [Select] <?php function check_email_address($email) { // First, we check that there's one @ symbol, and that the lengths are right if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) { // Email invalid because wrong number of characters in one section, or wrong number of @ symbols. return false; } // Split it into sections to make life easier $email_array = explode("@", $email); $local_array = explode(".", $email_array[0]); for ($i = 0; $i < sizeof($local_array); $i++) { if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) { return false; } } if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) { // Check if domain is IP. If not, it should be valid domain name $domain_array = explode(".", $email_array[1]); if (sizeof($domain_array) < 2) { return false; // Not enough parts to domain } for ($i = 0; $i < sizeof($domain_array); $i++) { if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) { return false; } } } return true; } define('DB_NAME', 'catch'); define('DB_USER', 'username'); define('DB_PASS', 'password'); define('DB_HOST', 'page.sqlserver.com'); // contact to database $connect = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die('Error , check your server connection.'); mysql_select_db(DB_NAME); //Get data in local variable $v_name=$_POST['name']; $v_email=$_POST['email']; $v_msg=$_POST['msg']; if ( check_email_address($_POST['name']) == false) { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> You must enter a valid email. <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } if( $v_name == "" || $v_msg == "" ) // if name is empty or if pass is empty { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> You must enter an email and password. <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } if( strcspn( $_REQUEST['msg'], '0123456789' ) == strlen( $_REQUEST['msg'] ) ) // the above statement says if pass does not contain a number { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> <div style="color:red;">Your password must contain a number.</div> <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } if( strlen($_POST['msg']) < 8 ) // the above statement says if pass is not 8 characters long { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> <div style="color:red;">Your password must be at least 8 characters long.</div> <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } if ( $_POST['msg'] == strtolower($_POST['msg']) ) // the above statement says if pass is all lowercase { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> <div style="color:red;">Your password must have at least one capital letter.</div> <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } if ( preg_replace("/[^a-zA-Z0-9\s]/", "", $_POST['msg']) == $_POST['msg'] ) // the above statement says if pass contains no special characters { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> <div style="color:red;">Your password must have at least one special character.</div> <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } else echo <<<EOD <B>GO FUCK YOURSELF</B> EOD; ?> Hello, I am currently coding a site from scratch. I know i can use templates and everything else but i want the experience. The HTML I've had down for years but it seems PHP is getting a little elusive for me. I'm trying to create a registration form and when i test my site i keep getting parse errors and syntax errors... mainly regarding the use of {} and if/else. Any help would be appreciated. Most of the code is still incomplete, I have to go back and fill in some areas I've left blank for now, but i have commented using // Where the browser is kicking back my errors.
- “Any sufficiently advanced technology is indistinguishable from magic” (Arthur C. Clark, 1962)
<?php
$con = Mysqli_connect("'', '', ''");
if (Mysqli_connect_errno()) {
echo "Failed to connect to DB. Please check your connection info." . Mysqli_connect_errno;
// Only if there is an error.
}
//Declaring Variable for Registration form
$fname = "";
$lname = "";
$em = "";
$emc = "";
$pass = "";
$passc = "";
$date = "";
$error_array = "";
if (insert($_POST['register_button'])) {
// To handle the registration form
// First Name Values
$fname = strip_tags($_POST['reg_fname']);
$fname = str_replace(' ', '', $fname);
$fname = ucfirst(strtolower($fname));
// Last Name Values
$lname = strip_tags($_POST['reg_lname']);
$lname = str_replace(' ', '', $lname);
$lname = ucfirst(strtolower($lname));
// Registration Email Values
$em = strip_tags($_POST['reg_email']);
$em = str_replace(' ', '', $em);
// Confirm Registration Email Values
$emc = strip_tags($_POST['reg_emailc']);
$emc = str_replace(' ', '', $emc);
// Registrsation Password Values
$pass = strip_tags($_POST['reg_pass']);
// Registration Password Confirmation Values
$passc = strip_tags($_POST['reg_passc']);
// Registration Date Values
$date = date("m-d-Y");
// Here is where the browser keeps kicking back parse errors
if ($em == $emc) {
}
else {
echo "Email and Confirmation Email must match";
}
if (filter_var($em, FILTER_VALIDATE_EMAIL)) {
$em = filter_var($em, FILTER_VALIDATE_EMAIL)
}
else {
echo "Invlaid Format";
}
?>
below is the code for a registration form. It "works",I mean that the insert query is being performed, some error messages appear. the problem is, i don't understand how "root" is being automatically sent to the database as a username. when logging into phpmyadmin, the username root appears because it is on autofill. but, i don't get why it's filling the registration form with root. i don't see "root" entered on the form, but, after registering, it says "Congratulations root!". If i leave the form blank, i don't get the error message for blank username either. i've just started learning php,so i guess something might be wrong with the code. any help, please? Code: [Select] <html> <head> <link rel="stylesheet" type="text/css" href="reset.css" media="screen" /> <link rel="stylesheet" type="text/css" href="style.css" media="screen" /> <title>Register</title> </head> <body> <div id="layout_wrapper"> <div id="layout_container"> <div id="layout_content"> <div id="site_title"> <h1><a href="home.html">WEBSITE</a></h1> <h2>WEBSITE DESCRI</h2> </div> <div id="header_image"></div> <div class="clearer"> </div> </div> <div id="main"> <div class="post"> <div class="post_top"> <div class="post_title"><h2>REGISTER</h2></div> </div> <div class="post_body"> <?php $error_stat=0; $errorMsg=''; if (isset ($_POST['submit'])){ $username = $_POST['username']; $gender = preg_replace('#[^a-z]#i', '', $_POST['gender']); $b_m = preg_replace('#[^0-9]#i', '', $_POST['birth_month']); $b_d = preg_replace('#[^0-9]#i', '', $_POST['birth_day']); $b_y = preg_replace('#[^0-9]#i', '', $_POST['birth_year']); $email1 = $_POST['email1']; $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; $email1 = stripslashes($email1); $pass1 = stripslashes($pass1); $email2 = stripslashes($email2); $pass2 = stripslashes($pass2); $email1 = strip_tags($email1); $pass1 = strip_tags($pass1); $email2 = strip_tags($email2); $pass2 = strip_tags($pass2); include_once "../scripts/connect_to_mysql.php"; $emailCHecker = mysql_real_escape_string($email1); $emailCHecker = str_replace("`", "", $emailCHecker); $sql_uname_check = mysql_query("SELECT user_name FROM tbl_user WHERE user_name='$username'"); $uname_check = mysql_num_rows($sql_uname_check); $sql_email_check = mysql_query("SELECT email FROM tbl_user WHERE email='$emailCHecker'"); $email_check = mysql_num_rows($sql_email_check); if ((!$username) || (!$gender) || (!$b_m) || (!$b_d) || (!$b_y) || (!$email1) || (!$pass1) || (!$pass2)) { $error_stat=1; $errorMsg = 'ERROR: You did not submit the following required information:<br /><br />'; if(!$username){ $errorMsg .= ' * User Name<br />'; } if(!$gender){ $errorMsg .= ' * Sex <br />'; } if(!$b_m){ $errorMsg .= ' * Birth Month<br />'; } if(!$b_d){ $errorMsg .= ' * Birth Day<br />'; } if(!$b_y){ $errorMsg .= ' * Birth year<br />'; } if(!$email1){ $errorMsg .= ' * Email Address<br />'; } if(!$pass1){ $errorMsg .= ' * Login Password<br />'; } if(!$pass2){ $errorMsg .= ' * Confirm Login Password<br />'; } } else if ($pass1 != $pass2) { $errorMsg = 'ERROR: Your Password fields below do not match<br />'; } else if (strlen($username) < 4) { $errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 4 - 20 characters please.<br />"; } else if (strlen($username) > 20) { $errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 4 - 20 characters please.<br />"; } else if ($uname_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside of our system. Please try another.<br />"; } else if ($email_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside of our system. Please use another.<br />"; } else { $email1 = mysql_real_escape_string($email1); $pass1 = mysql_real_escape_string($pass1); $full_birthday = "$b_y-$b_m-$b_d"; $sql = mysql_query("INSERT INTO tbl_user (user_name, sex, dob, date_joined,email, password) VALUES('$username','$gender','$full_birthday', now(),'$email1', '$pass1')") or die (mysql_error()); $id = mysql_insert_id(); echo "<h2>Registration Successful!</h2>"; echo "<p>Congratulations <b>$username</b>, your registration was successful. Your account has now been created with the following details:</p>"; echo "<p><b>Username:</b> $username</p>"; echo "<p><b>Password:</b> $pass1</p>"; echo "<p><b>Sex:</b> $gender</p>"; echo "<p><b>Email:</b> $email1</p>"; echo "<p><b>DOB:</b> $full_birthday</p>"; echo "<p>You may now login.</p>"; } // Close else after duplication checks } if (!isset($_POST['submit']) || $error_stat==1) { ?> <?php echo $errorMsg;?> <form method="POST" action=""> <table> <tr> <td width="114" bgcolor="#FFFFFF">User Name: *</span></td> <td width="452" bgcolor="#FFFFFF"><input name="username" type="text" id="username " size="32" maxlength="20" /> <span id="nameresponse">Alphanumeric Characters Only</span></td> </tr> <tr> <td bgcolor="#EFEFEF">Sex:*</span></td> <td bgcolor="#EFEFEF"><label> <input name="gender" type="radio" id="gender" value="m" checked="checked" />Male <input type="radio" name="gender" id="gender" value="f" />Female </label></td> </tr> <tr> <td bgcolor="#FFFFFF">Date of Birth:*</span></td> <td bgcolor="#FFFFFF"> <select name="birth_month" id="birth_month"> <option value="01">January</option> <option value="02">February</option> <option value="03">March</option> <option value="04">April</option> <option value="05">May</option> <option value="06">June</option> <option value="07">July</option> <option value="08">August</option> <option value="09">September</option> <option value="10">October</option> <option value="11">November</option> <option value="12">December</option> </select> <select name="birth_day" id="birth_day"> <option value="01">1</option> <option value="02">2</option> <option value="03">3</option> <option value="04">4</option> <option value="05">5</option> <option value="06">6</option> <option value="07">7</option> <option value="08">8</option> <option value="09">9</option> <option value="10">10</option> <option value="11">11</option> <option value="12">12</option> <option value="13">13</option> <option value="14">14</option> <option value="15">15</option> <option value="16">16</option> <option value="17">17</option> <option value="18">18</option> <option value="19">19</option> <option value="20">20</option> <option value="21">21</option> <option value="22">22</option> <option value="23">23</option> <option value="24">24</option> <option value="25">25</option> <option value="26">26</option> <option value="27">27</option> <option value="28">28</option> <option value="29">29</option> <option value="30">30</option> <option value="31">31</option> </select> <select name="birth_year" id="birth_year"> <option value="2010">2010</option> <option value="2009">2009</option> <option value="2008">2008</option> <option value="2007">2007</option> <option value="2006">2006</option> <option value="2005">2005</option> <option value="2004">2004</option> <option value="2003">2003</option> <option value="2002">2002</option> <option value="2001">2001</option> <option value="2000">2000</option> <option value="1999">1999</option> <option value="1998">1998</option> <option value="1997">1997</option> <option value="1996">1996</option> <option value="1995">1995</option> <option value="1994">1994</option> <option value="1993">1993</option> <option value="1992">1992</option> <option value="1991">1991</option> <option value="1990">1990</option> <option value="1989">1989</option> <option value="1988">1988</option> <option value="1987">1987</option> <option value="1986">1986</option> <option value="1985">1985</option> <option value="1984">1984</option> <option value="1983">1983</option> <option value="1982">1982</option> <option value="1981">1981</option> <option value="1980">1980</option> <option value="1979">1979</option> <option value="1978">1978</option> <option value="1977">1977</option> <option value="1976">1976</option> <option value="1975">1975</option> <option value="1974">1974</option> <option value="1973">1973</option> <option value="1972">1972</option> <option value="1971">1971</option> <option value="1970">1970</option> <option value="1969">1969</option> <option value="1968">1968</option> <option value="1967">1967</option> <option value="1966">1966</option> <option value="1965">1965</option> <option value="1964">1964</option> <option value="1963">1963</option> <option value="1962">1962</option> <option value="1961">1961</option> <option value="1960">1960</option> <option value="1959">1959</option> <option value="1958">1958</option> <option value="1957">1957</option> <option value="1956">1956</option> <option value="1955">1955</option> <option value="1954">1954</option> <option value="1953">1953</option> <option value="1952">1952</option> <option value="1951">1951</option> <option value="1950">1950</option> <option value="1949">1949</option> <option value="1948">1948</option> <option value="1947">1947</option> <option value="1946">1946</option> <option value="1945">1945</option> <option value="1944">1944</option> <option value="1943">1943</option> <option value="1942">1942</option> <option value="1941">1941</option> <option value="1940">1940</option> <option value="1939">1939</option> <option value="1938">1938</option> <option value="1937">1937</option> <option value="1936">1936</option> <option value="1935">1935</option> <option value="1934">1934</option> <option value="1933">1933</option> <option value="1932">1932</option> <option value="1931">1931</option> <option value="1930">1930</option> <option value="1929">1929</option> <option value="1928">1928</option> <option value="1927">1927</option> <option value="1926">1926</option> <option value="1925">1925</option> <option value="1924">1924</option> <option value="1923">1923</option> <option value="1922">1922</option> <option value="1921">1921</option> <option value="1920">1920</option> <option value="1919">1919</option> <option value="1918">1918</option> <option value="1917">1917</option> <option value="1916">1916</option> <option value="1915">1915</option> <option value="1914">1914</option> <option value="1913">1913</option> <option value="1912">1912</option> <option value="1911">1911</option> <option value="1910">1910</option> <option value="1909">1909</option> <option value="1908">1908</option> <option value="1907">1907</option> <option value="1906">1906</option> <option value="1905">1905</option> <option value="1904">1904</option> <option value="1903">1903</option> <option value="1902">1902</option> <option value="1901">1901</option> <option value="1900">1900</option> </select> </td> </tr> <tr> <td bgcolor="#EFEFEF">Email Address:*</span></td> <td bgcolor="#EFEFEF"><input name="email1" type="text" id="email1" size="32" maxlength="48" /></td> </tr> <tr> <td bgcolor="#FFFFFF">Create Password:*</span></td> <td bgcolor="#FFFFFF"><input name="pass1" type="password" id="pass1" size="32" maxlength="16" /> <span>Alphanumeric Characters Only</span></td> </tr> <tr> <td bgcolor="#EFEFEF">Confirm Password: *</span></td> <td bgcolor="#EFEFEF"><input name="pass2" type="password" id="pass2" size="32" maxlength="16" /> <span>Alphanumeric Characters Only</span></td> </tr> <tr> <td><input type="submit" name="submit" value="Sign Up!" /></td> </tr> </table> </form> <?php } ?> </div> <div id="footer"> <div class="left">© 2011</div> <div class="right"><a href="#">....</a><a href="#">....</a></div> <div class="clearer"> </div> </div> </div> </div> </div> </body> </html> This Works But for Some reason when you Register an Account and try to login it says "Incorrect Username/Password" It is also Allowing Multiple Accounts to be Created Under the Same Username and Password: DB.php <?php session_start(); mysql_connect("localhost", "USERNAME", "PASSWORD"); mysql_select_db("DATABASE_USER"); function user_login ($username, $password) { //take the username and prevent SQL injections $username = mysql_real_escape_string($username); //begin the query $sql = mysql_query("SELECT * FROM usersystem WHERE username = 'username' AND password = 'password' LIMIT 1"); //check to see how many rows were returned $rows = mysql_num_rows($sql); if ($rows<=0 ) { echo "Incorrect username/password"; } else { //have them logged in $_SESSION['sername'] = $username; } } ?> Register.php <?php include("db.php"); if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['email'])) { //Prevent SQL injections $username = mysql_real_escape_string($_POST['username']); $email = mysql_real_escape_string($_POST['email']); //Get MD5 hash of password $password = md5($_POST['password']); //Check to see if username exists $sql = mysql_query("SELECT username FROM usersystem WHERE username = 'username'"); if(mysql_num_rows($sql) > 0) { die ("Username taken."); } mysql_query("INSERT INTO usersystem (username, password, email) VALUES ( '$username', '$password', '$email')") or die (mysql_error()); echo "Account created."; } ?> <form action="register.php" method="post"> Username: <input name="username" type="text" /><br> Password: <input type="password" name="password" /><br> Email: <input name="email" type="text" /><br> <input type="submit" value="Submit" /> </form> Login.php <?php include("db.php"); if (isset($_POST['username']) && isset($_POST['password'])) { user_login($_POST['username'], $_POST['password']); } ?> <form action="login.php" method="post"> Username: <input name="username" type="text" /><br> Password: <input type="password" name="password" /><br> <button type="submit">Submit</button><br> </form> Could Anyone Help Please? Hello,
I hope it's ok to ask this question here. I have a registration script, but I'm not sure how to handle it efficiently and I have some questions about it. This is used in the page 'signup.php'. The class is called 'User'. I haven't noticed any errors or bugs. It would be very useful for me to be aware of my mistakes.
public function regUser($uname,$upass,$upassverify)
{
$new_password = password_hash($upass, PASSWORD_DEFAULT);
if(!password_verify($upassverify, $new_password)) {
// passwords are not the same (I thought it would be better to do this after hashing, but maybe it doesn't matter or it's worse. I'm not sure about it)
$info = 'pass_err';
}
$stmt1 = $this->db->prepare("SELECT * FROM users WHERE username=:uname");
$stmt1->execute(array(':uname'=>$uname));
if($stmt1->rowCount() > 0) {
// this username has already been used
$info = 'user_err';
}
if (!$info) {
$stmt2 = $this->db->prepare("INSERT INTO users(username,password)
VALUES(:uname, :upass)");
$stmt2->bindparam(":uname", $uname);
$stmt2->bindparam(":upass", $new_password);
$stmt2->execute();
// succesfully made an account
$info = "success";
}
header("Location:/signup.php?status=".$info);
exit();
}
Am I using the prepared statements as how I should be using them?
Is this a safe way of handling my data or do you see vulnerabilities?
I'm using PRG to prevent resubmission but I want to show a 'everything is fine' or 'oh no, something went wrong' to the one who is signinup. If I now go to signup.php?status=success, i see 'eveything is fine', without actually signing up, is there a better way to do this or can I somehow prevent everyone being able to see this?
As you might have noticed in my last post, my English is not very good, sorry about that. Thanks, Fabian Edited September 17, 2019 by FabelI have this working code except I can't redirect to a thank you page when a new user registers. When they login it works without issue. I just don't know where or what to put for the registration part.
Here is my Code. Any help would be much appreciated.
<?php Hi
I have a MySql database and wondered if there is a code to search a table field with a given string and display the number of unique occurrences.
The table is asterisk_cdr and would like to know how many calls received daily on a perticular channel.
Thanks
shmideo
This is kind of hard to explain, but I will try my best. I have a script that is attempting to display information in a MySQL database by month fields that are chosen by the user. For instance, they can choose for the start date to start in January, and pick the end date which in this example will be April. The script then puts the required field that match the specific dates into a column for each month. For the most part it outputs fine as: Jan: 15, Feb: 14, Mar: 9, Apr: 2. However, sometimes there is nothing in the database for certain months. This causes the script to display wrong so instead I get: Jan 3, Feb: , Mar: , Apr: . In the above example, the Jan: 3 might be wrong, because the field might have been for Mar instead. I need it to display like this when there is no fields in the database: Jan: 0, Feb: 0, Mar: 3, Apr: 0. How would I go about doing this? Hi all, been asked to add a search by model number facility to this website click here for website As you can see the main search facility works just fine and is handled by process.php, but, and for the life of me I can't see why not, I can't get the specific 'search by no.' to work! Any advice appreciated, source code can be provided Thanks Iain I have a code to sum up a field called quantityHand in MySQL, in my example below, the value always return 40 as a positive number instead of 40.00- 0.00 0.00 40.00- I have used intval() or floatval() function to convert the type of variable from string to int/float but still not working. Any help please? Here is the code Code: [Select] $sql = mysql_query("SELECT DISTINCT itemNumber, itemDesc, quantityHand, SUM(quantityHand) AS quantityHand FROM inventory where itemNumber like '%$term%' GROUP BY `itemNumber` ORDER BY `itemNumber`"); while ($row = mysql_fetch_array($sql)){ echo "<b>"; echo "</td><td style=\"text-align: center;\"><b>"; echo $row['itemNumber']; echo "</td><td style=\"text-align: center;\"><b>"; echo $row['itemDesc']; //echo "</td><td style=\"text-align: right;\">"; echo "</td><td style=\"text-align: center;\"><b>"; echo $row ['quantityHand']; echo "</td></tr>"; echo "</b>"; Hi FYI I'm a n00b in this particular forum & php n00b really but I'm having a problem & cant find a solution anywhere! I need to be able to send an email from a form. Within the form is a dropdown field for different regions. When a region is selected it sets the email address for that region into an input/text field. I need to pickup that value and send the email to that address but not sure how. Have been told to use echo$email & that perhaps my variable is empty but I haven't got a clue where to put it or what that means. Help please?! my code: include ('maketable.php'); include ('mailbot.php'); include ('auditFile.php'); $office = $_REQUEST["office"]; $callername = $_REQUEST["callername"]; $callerphone = $_REQUEST["callerphone"]; $callaction = $_REQUEST["callaction"]; $callerInfo = "Callers Name=".$callername; $commentInfo = "Callers Phone No=".$callerphone; $callDetail = "Action Taken=".$callaction; $title = "DOC Call Results"; $stylesheet = "stylesheet.css"; $logo = "tcclogo.jpg"; $display = makeHeader($title,$stylesheet,$logo); $display .= makeTable("Caller Details",$callerInfo,1); $display .= makeTable("",$commentInfo,1); $display .= makeTable("",$callDetail,1); $display .= '</body></html>'; $info = $callerInfo."; ".$commentInfo."; ".$callDetail; auditFile($title, $info); echo $email; mailbot($title,$display,"email","info@tcc.co.nz","ThankYou.html"); Hi Guys What code would you use to check that a form field does not exceed 100 characters? Thanks for any help. I have a search function in php where the text characters are matched to characters in a tables field--- works perfectly.... I need to make the input box have a droplist of words from database, this is also easy for me to do. the problem here is there is no definitive value! the options list always outputs a blank in the url--- its supposed to search a matching value and then output the matching value to url... Here is the droplist code: $output['RATESTITLE']='<input class="inputbox" type="text" size="24px" name="ratestitle" value="'.$sch->filter['ratestitle'].'" onfocus="if (this.value ==\''.$output['LANGUAGE_SEARCH_RATESTITLE'].'\') {this.value = \'\'}" />'; this outputs a input text box--- i want to have a droplist of options to populate this text box... If you must know this is the third day im at it... Can anyone provide a snip of code that I could insert into the "coupon code" field on a formmail form which has the following effect: on submit form, user goes to the normal payment page (this is already implemented) if coupon code field is filled out with correct code, user is taken to alternate payment page on form submit. Either this or another approach which has the same result is OK. I am a novice coder working in a wysiwyg - I don't REALLY know php at all - I just need a snip I can insert and a clear instruction. Thanks so much for any help. This is my first real jump into PHP, I created a small script a few years ago but have not touched it since (or any other programming for that matter), so I'm not sure how to start this. I need a script that I can run once a day through cron and take the date from one table/filed and insert it into a different table/field, converting the human readable date to a Unix date. Table Name: Ads Field: endtime_value (human readable date) to Table Name: Node Field: auto_expire (Converted to Unix time) Both use a field named "nid" as the key field, so the fields should match each nid field from one table to the next. Following a tutorial I have been able to insert into a field certain data, but I don't know how to do it so the nid's match and how to convert the human readable date to Unix time. Thanks in advance!. Hi: I'm going crazy trying to do the following: I'm making a job registration process where the user registers on one php page to the website, must acknowlege and email receipt using an activate php page, then is directed to upload their C.V. (resume) based on the email address they enter in the active page output. I then run an upload page to store the resume in teh MySQL db based on the users email address in the same record. If I isolate the process of the user registering to the db, it works perfectly. If I isolate the file upload process into the db, it works perfect. I simply cannot upload teh file to the existing record based on teh email form field matching the user_email field in the db. With the processes together, teh user is activated, but teh file is not uploaded. Maybe I've simply been at this too long today, but am compeled to get through it by end day. If anyone can help sugest a better way or help me fix this, I will soo greatly appreciate it. My code is as follows for the 2 pages. ---------activate.php------- <?php session_start(); include ('reg_dbc.php'); if (!isset($_GET['usr']) && !isset($_GET['code']) ) { $msg = "ERROR: The code does not match.."; exit(); } $rsCode = mysql_query("SELECT activation_code from subscribers where user_email='$_GET[usr]'") or die(mysql_error()); list($acode) = mysql_fetch_array($rsCode); if ($_GET['code'] == $acode) { mysql_query("update subscribers set user_activated=1 where user_email='$_GET[usr]'") or die(mysql_error()); echo "<h3><center>Thank You! This is step 2 of 3. </h3>Your email is confirmed. Please upload your C.V. now to complete step 3.</center>"; } else { echo "ERROR: Incorrect activation code... not valid"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type" /> <title>Job application activation</title> </head> <body> <center> <br/><br/><br/> <p align="center"> <form name="form1" method="post" action="upload.php" style="padding:5px;"> <p>Re-enter you Email : <input name="email" type="text" id="email"/></p></form> <form enctype="multipart/form-data" action="upload.php" method="POST"> <input type="hidden" name="MAX_FILE_SIZE" value="4000000"> Upload your C.V.: <input name="userfile" type="file" id="userfile"> <input name="upload" type="submit" id="upload" value="Upload your C.V."/></form> </p> </center> </body> </html> --------upload.php---------- <?php session_start(); if (!isset($_GET['usr']) && !isset($_GET['code']) ) { $msg = "ERROR: The code does not match.."; exit(); } if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) { $fileName = $_FILES['userfile']['name']; $tmpName = $_FILES['userfile']['tmp_name']; $fileSize = $_FILES['userfile']['size']; $fileType = $_FILES['userfile']['type']; $email = $_POST['email']['user_email']; $fp = fopen($tmpName, 'r'); $content = fread($fp, filesize($tmpName)); $content = addslashes($content); fclose($fp); if(!get_magic_quotes_gpc()) { $fileName = addslashes($fileName); } include 'reg_dbc.php'; $query = "UPDATE subscribers WHERE $email = user_email (name, size, type, content ) ". "VALUES ('$fileName', '$fileSize', '$fileType', '$content')"; mysql_query($query) or die('Error, query failed'); mysql_close($dbname); } ?> <center> <br/> <br/> <br/> <br/> Thank you for uploading your <?php echo "$fileName"; ?> file, completing your registration, and providing us your C.V. for this position. <br/> <br/> <br/> We will contact you if your canditature qualifies. </center> Code: [Select] $new_array2=array_diff($my_array,$itemIds); $updatedb = mysql_query("UPDATE content_type_ads SET field_expire_value = '666' WHERE $new_array2 = field_item_id_value"); "$new_array2" has only 12 digit numbers for each item in the array, and I want to match them to the "field_item_id_value" field in the table, updating the "field_expire_value" field for the record where they match. I know I am close because the UPDATE code works before I add the WHERE statement (it of course adds '666' to EVERY field, but for a noobie it's a start!). (Another quite newbie...) I have already an online booking form. The Form works fine now and I would like to add on one more issue, but the code ignores what I want to check. I have 4 fields: arrival, departure, no. of persons and comments to check. Scenario 1: All field mentioned above are emtpty: Workes fine and message appears: "You have not provided any booking details". Scenario 2: If arrival (date_start) and departure (date_end) is entered, there should be at least an entry either in the field "comment", or in the field "pax". If not, there should be a message: "You have not provided sufficient booking details". INSTEAD: The booking request is sent, which should not be the case. The code is currently: # all fields empty : arrival, departure, pax and comments - error if(empty($data_start) && empty($data_end) && empty($pax)&& empty($comment)){ exit("You have not specified any booking details to submit to us. <br>Please use your browser to go back to the form. <br>If you experience problems with this Form, please e-mail us"); exit; } #If arrival and departure date is entered, there should be at least an entry either in the field "comment", or in the field "pax". if(!isset($data_start) && !isset($data_end) && empty($pax) && empty($comment)){ exit("You have not provided sufficient booking details. <br>Please use your browser to go back to the form. <br>If you experience problems with this Form, please e-mail us"); exit; } The form can be tested at http://www.phuket-beachvillas.com/contact-own/contact-it.php Can someone please check and tell me what's wrong with the code ? Thanks to anyone for any hint. |
|||||||