|
PHP - Once Member Register Creates Page
Hello Coddy Guys,im trying to do simple website creator
Maybe i don't have Disease Centres probably do not have the imagination to do or something else. I wan't to do. when member is registered and he got template that chosed in registration. how to create new folder with users template. Maybe you got it. Thanks. Similar TutorialsI'am trying to make the page show the errors in the same page under the register button, but it always disable all the forms and show the error by it self. my code: Quote <?php ob_start(); session_start(); include_once "functions.php"; connect(); if(!$_POST['submit']){ echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n"; echo "<form method=\"post\" action=\"register.php\">\n"; echo "<tr><td colspan=\"2\" align=\"center\">Registration Form</td></tr>\n"; echo "<tr><td>Username</td><td><input type=\"text\" name=\"name\" maxLength=14></td></tr>\n"; echo "<tr><td>Password</td><td><input type=\"password\" name=\"password\" maxLength=14></td></tr>\n"; echo "<tr><td>Confirm</td><td><input type=\"password\" name=\"passconf\" maxLength=14></td></tr>\n"; echo "<tr><td>E-Mail</td><td><input type=\"text\" name=\"email\" maxLength=24></td></tr>\n"; echo "<tr><td>Question</td><td><input type=\"text\" name=\"idnumber\" maxLength=14></td></tr>\n"; echo "<tr><td>Answer</td><td><input type=\"text\" name=\"phone\" maxLength=14></td></tr>\n"; echo "<form method=\"post\" action=\"captcha.php\">\n"; echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n"; echo "<tr><td>Type The Letters You See Below Into the Box</td></tr>\n"; echo "<tr><td align=\"center\"><img src=\"image.php\"></td></tr>\n"; echo "<tr><td align=\"center\"><input type=\"text\" name=\"image\"></td></tr>\n"; echo "<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"Register\"></td></tr>\n"; echo "</form></table>\n"; }else { $errors = array(); $name = protect($_POST['name']); $password = protect($_POST['password']); $confirm = protect($_POST['passconf']); $email = protect($_POST['email']); $phone = protect($_POST['idnumber']); $ownerReply = protect($_POST['phone']); $image = $_POST['image']; if($image == $_SESSION['string']){}else{ $errors[] = "Wrong Captcha!"; }ob_end_flush(); if(!$name){ $errors[] = "Username is not defined!"; } if(!$password){ $errors[] = "Password is not defined!"; } if($password){ if(!$confirm){ $errors[] = "Confirmation password is not defined!"; } } if(!$email){ $errors[] = "E-mail is not defined!"; } if(!$idnumber){ $errors[] = "Security Question is not defined!"; } if(!$phone){ $errors[] = "Security Answer is not defined!"; } if($name){ if(!ctype_alnum($name)){ $errors[] = "Username can only contain numbers and letters!"; } $range = range(8,14); if(!in_array(strlen($name),$range)){ $errors[] = "Username must be between 8 and 14 characters!"; } } if($password && $confirm){ if($password != $confirm){ $errors[] = "Passwords do not match!"; } $range = range(10,14); if(!in_array(strlen($password),$range)){ $errors[] = "Password must be between 10 and 14 characters!"; } } if($email){ $checkemail = "/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i"; if(!preg_match($checkemail, $email)){ $errors[] = "E-mail is not valid, must be name@server.tld!"; } } if($idnumber){ if(!ctype_alnum($phone)){ $errors[] = "Securty Question can only contain numbers and letters!"; } $range = range(8,14); if(!in_array(strlen($idnumber),$range)){ $errors[] = "Securty Question must be between 8 and 14 characters!"; } } if($phone){ if(!ctype_alnum($phone)){ $errors[] = "Securty Answer can only contain numbers and letters!"; } $range = range(8,14); if(!in_array(strlen($phone),$range)){ $errors[] = "Securty Answer must be between 8 and 14 characters!"; } } if($email){ $sql2 = "SELECT * FROM `account` WHERE `email`='".$email."'"; $res2 = mysql_query($sql2) or die(mysql_error()); if(mysql_num_rows($res2) > 0){ $errors[] = "The e-mail address you supplied is already in use of another user!"; } } if(count($errors) > 0){ foreach($errors AS $error){ echo $error . "<br>\n"; } }else { $sql4 = "INSERT INTO `account` (`name`,`password`,`email`,`idnumber`,`phone`) VALUES ('".$name."','".md5($password)."','".$email."','".$idnumber."','".$phone."')"; $res4 = mysql_query($sql4) or die(mysql_error()); echo "You have successfully registered with the username <b>".$name."</b> and the password of <b>".$password."</b>!"; } } ?> Direct link to the register page in case you didn't understand what i mean. http://hebrithco.com/server/bew/ Hi nothing seems to work! No error messages appear and no data enters my database! Can people please help me please! Needs to be solved by today! Thanks <?php //connect to db $connect = mysql_connect("l", "", ""); mysql_select_db("", $connect); //if submit button gets pressed if(isset($_POST['submit'])){ //Grab data from the form $username = preg_replace('#[^A-Za-z0-9]#i','', $_POST['username']); // filter everything but letters and numbers $firstname = preg_replace('#[^A-Za-z]#i', '', $_POST['firstname']); // filter everything but Letters $lastname = preg_replace('#[^A-Za-z]#i', '', $_POST['lastname']); // filter everything but Letters $phone = preg_replace('#[^0-9]#i', '', $_POST['phone']); // filter everything but numbers $address= preg_replace('#[^A-Za-z]#i', '', $_POST['address']); // filter everything but Letters $postcode= preg_replace('#[^A-Za-z]#i', '', $_POST['postcode']); // filter everything but Letters $town= preg_replace('#[^A-Za-z]#i', '', $_POST['town']); // filter everything but Letters $housenumber= preg_replace('#[^0-9]#i', '', $_POST['housenumber']); // filter everything but numbers $b_m = preg_replace('#[^0-9]#i', '', $_POST['birth_month']); // filter everything but numbers $b_d = preg_replace('#[^0-9]#i', '', $_POST['birth_day']); // filter everything but numbers $b_y = preg_replace('#[^0-9]#i', '', $_POST['birth_year']); // filter everything but numbers $email1 = mysql_real_escape_string (stripslahes (strip_tags($_POST['email1']))); $email2 = mysql_real_escape_string (stripslahes (strip_tags($_POST['email2']))); $pass1 = md5(mysql_real_escape_string (stripslahes (strip_tags($_POST['pass1'])))); $pass2 = stripslashes(strip_tags($_POST['pass2'])); $emailCHecker = mysql_real_escape_string($email1); $emailCHecker = str_replace("`", "", $emailCHecker); // Database duplicate username check setup for use below in the error handling if else conditionals $sql_uname_check = mysql_query("SELECT username FROM member WHERE username='$username'"); $uname_check = mysql_num_rows($sql_uname_check); // Database duplicate e-mail check setup for use below in the error handling if else conditionals $sql_email_check = mysql_query("SELECT email FROM member WHERE email='$emailCHecker'"); $email_check = mysql_num_rows($sql_email_check); // Convert Birthday to a DATE field type format(YYYY-MM-DD) out of the month, day, and year supplied $dateofbirth = "$b_y-$b_m-$b_d"; //If any errors have been found, DO NOT register the member, and instead, redisplay the form } if (!isset($username) || !isset($firstname) || !isset ($lastname) || !isset($address) || !isset($postcode) || !isset($town) || !isset($b_m) || !isset($b_d) || !isset($b_y) || !isset($email1) || !isset($email2) || !isset($pass1) || !isset($pass2)) { $errorMsg = 'ERROR: You did not submit the following required information:<br /><br />'; if(!isset($username)){ $errorMsg .= ' * User Name<br />'; } if(!isset($firstname)){ $errorMsg .= ' * First Name<br />'; } if(!isset($lastname)){ $errorMsg .= ' * Last Name<br />'; } if(!isset($address)){ $errorMsg .= ' * Address<br />'; } if(!isset($postcode)){ $errorMsg .= ' * postcode<br />'; } if(!isset($town)){ $errorMsg .= ' * town<br />'; } if(!isset($b_m)){ $errorMsg .= ' * Birth Month<br />'; } if(!isset($b_d)){ $errorMsg .= ' * Birth Day<br />'; } if(!isset($b_y)){ $errorMsg .= ' * Birth year<br />'; } if(!isset($email1)){ $errorMsg .= ' * Email Address<br />'; } if(!isset($email2)){ $errorMsg .= ' * Confirm Email Address<br />'; } if(!isset($pass1)){ $errorMsg .= ' * Login Password<br />'; } if(!isset($pass2)){ $errorMsg .= ' * Confirm Login Password<br />'; } if ($email1!= $email2){ $errorMsg.='ERROR: Your email fields below do not match<br />'; } if ($pass1!= $pass2){ $errorMsg.='ERROR: Your password fields below do not match<br />'; } if(strlen($username)<6){ $errorMsg.="<u>ERROR:</u><br/>Your User Name is too short. 6-20 characters please. <br/>"; } if(strlen($username)>20){ $errorMsg.="<u>ERROR:</u><br/>Your User Name is too long. 6-20 characters please. <br/>"; } if($username_check>0){ $errorMsg.="<u>ERROR:</u><br/> Your User Name is already in use inside of our system. Please try another.<br/>"; } if($email_check >0){ $errorMsg.="<u>ERROR:</u><br/>Your Email address is already in use inside of our system. Please use another.<br/>"; } } else{ mysql_query("INSERT INTO member (username, firstname, lastname, email, password, dateofbirth, phone, lastlogin) VALUES('$username','$firstname','$lastname','$email1','$password', '$dateofbirth','$phone', now())") or die (mysql_error()); $sql = mysql_query("INSERT INTO address (address, postcode, town, housenumber) VALUES('$adress','$postcode,'$town','$housenumber'") or die (mysql_error()); mysql_close(); Echo "Welcome to my site, $username! You may now <a href=\"index.php\">login</a>."; } ?> I installed phpbb to my site; however i didn't like it so i deleted it. Now my register.php (which hasn't been changed and worked before the phpbb install) will not post data to my database. If someone can help me fix this problem id be most thankful. Hi, I'm very new to php/mysql, but for a project I'm working on I need to create users that are admins, and normal users. The admins would be able to post news stories, and delete user accounts. Whereas the users would just be able to comment on the news stories. I'm just wondering how I would create a normal 'register' page for both, which has the same fields, but somehow creates some people as admins, and others as normal users... with the ability to limit who can become an admin, so not everyone can register as one. I'm not sure how I would achieve this, or even know how to do it. Does anyone know any tutorials or code on how to achieve this? Your help is greatly appreciated, Thanks. hi! i dont know if the query below from mysql is slowing down the page or i have not written it properly: It is very slow, even when you limit the results to 100 . Thanks in advance.. Code: [Select] SELECT `tbl_business`.`appformno`, " _ & "`tbl_business`.`pobox`, `tbl_business`.`plotno`, `tbl_business`.`postalcode`, " _ & "`tbl_business`.`zonecode`, `tbl_business`.`ne`, `tbl_activities`.`act_code`, " _ & "`tbl_activity_codes`.`approved_fee`, `tbl_payment_status`.`status`, " _ & "`tbl_business`.`company`, `tbl_activity_codes`.`description` " _ & "FROM (`citycouncil`.`tbl_activity_codes` `tbl_activity_codes` " _ & "LEFT JOIN (`citycouncil`.`tbl_business` `tbl_business` " _ & "LEFT JOIN `citycouncil`.`tbl_activities` `tbl_activities` " _ & "ON `tbl_business`.`appformno`=`tbl_activities`.`appformno`) " _ & "ON `tbl_activity_codes`.`act_code`=`tbl_activities`.`act_code`) " _ & "LEFT JOIN `citycouncil`.`tbl_payment_status` `tbl_payment_status` " _ & "ON `tbl_activities`.`id`=`tbl_payment_status`.`activity_id` " _ & "WHERE tbl_business.appformno LIKE '%" & strFormNo & "%' " _ & "AND tbl_business.bid LIKE '%" & strBizIdNo & "%'" _ & " AND `tbl_business`.`contperson` LIKE '%" & strContPerson & "%' " _ & "AND `tbl_business`.`zonecode` LIKE '%" & strZoneCode & "%' " _ & " AND `tbl_activities`.`act_code` LIKE '%" & strBizActCode & "%' " _ & "AND `tbl_business`.`roadstreet` LIKE '%" & strStreet & "%' " _ & " AND `tbl_business`.`company` LIKE '%" & strBizName & "%' " _ & "AND `tbl_business`.`building` LIKE '%" & strBuilding & "%' " _ & "ORDER BY `tbl_business`.`appformno` hi i need help an idea how can i separate members from admins since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 ) (its session login form only that i made it work other tutorials wre too old or something) how what i want to do is separate members and admins because admin need more rights to do now i have idea but dont know will it work like that what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work? and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag? the problem is that when I add an item to be displayed in the blog, shows three instead, which two are empty. It should not create three entries when I just add one entry. How can I fix this? <?PHP /* define the blog content file name */ $filename = "myBlogContent.txt"; ?> <?php /* check to see if the file exists */ if (!file_exists($filename)) { echo "The Blog Is Empty"; }else{ /* get the file lines into an array */ $BlogArray = file($filename); /* count the number of blog entries */ $count = count($BlogArray); $i=0; while($i<$count) { $new_array = explode("|", $BlogArray[$i]); echo "Posted by: " . $new_array[1] . "<br>"; echo "Posted on: " . date("m/d/y h:iA", time($new_array[0])) . "<br>" echo "Title: " . $new_array[2] . "<br>"; echo $new_array[3] . "<hr>"; $i ++; } } ?> <?PHP /* obtain the form data */ $who = $_POST['who']; $title = $_POST['title']; $content = $_POST['content']; $content = str_replace(array("\r\n", "\r", "\n"), "<br>", $content); /* create timestamp variable for current date and time */ $when_ts = time(); /* define the blog content file name */ $filename = "myBlogContent.txt"; /* prepare the variables for adding to the file */ $new_line_content = $when_ts . "|" . $who . "|" . $title . "|" . $content . "\n"; /* open the file in the APPEND MODE */ $fh = fopen($filename, 'a+') or die("can't open file"); /* add the new content */ fwrite($fh, $new_line_content); /* close the file */ fclose($fh); //exit; // Closes further script execution . ?> Hi everyone I am trying to secure some of my code using a sanitize function function sanitize($data) { $cdata = strip_tags(addslashes($data)); $cdata = mysql_real_escape_string($cdata); return $cdata; } If I post a form value such as Code: [Select] 'Apple iPod' to a SQL INSERT QUERY using `title` = sanitize($_POST['title']); then my database value looks like Code: [Select] \\\'the ipod\\\' this is odd because there is 3 slashes if I then print that value on a PHP page using print stripslashes($row['title']); it outputs Code: [Select] \'the ipod\' Why can I not get rid of the slashes and why would it be outputting 3 slashes? I have tried all the magic quote ideas and suggestions, but still cannot sort this out. Thanks John I'm trying to conditionally add a table to a select query using the join, but I always get an "no such table" error. I'm not at all sure if the syntax is correct, so I decided to ask.
I'm using the sqlite C API interface and my tables and query were constructed using sprintf, so please ignore any %d, %s that may appear
CREATE TABLE IF NOT EXISTS tbl_master ( id INTEGER PRIMARY KEY AUTOINCREMENT, volume TEXT(16) UNIQUE NOT NULL DEFAULT '', note TEXT(%d) NOT NULL DEFAULT '', items INTEGER NOT NULL DEFAULT 0 ); CREATE TABLE IF NOT EXISTS tbl_file ( id INTEGER PRIMARY KEY AUTOINCREMENT, volume_key TEXT(16) NOT NULL DEFAULT '', name TEXT(%d), size TEXT(20), type TEXT(4), path TEXT(%d), file_id INTEGER ); CREATE TABLE IF NOT EXISTS tbl_hash ( id INTEGER PRIMARY KEY AUTOINCREMENT, hash TEXT(33) NOT NULL DEFAULT '', volume_key TEXT(16) NOT NULL DEFAULT '', file_key INTEGER NOT NULL DEFAULT 0 ); CREATE TABLE IF NOT EXISTS tbl_media ( id INTEGER PRIMARY KEY AUTOINCREMENT, runtime TEXT(10) NOT NULL DEFAULT '', frame TEXT(12) NOT NULL DEFAULT '', type_key TEXT(4) NOT NULL DEFAULT '', hash_key TEXT(33) NOT NULL DEFAULT '', volume_key TEXT(16) NOT NULL DEFAULT '', file_key INTEGER NOT NULL DEFAULT 0 );I milled over a few JOIN tutorials, but I'm still unclear on the exact usage of JOIN; I'm trying to add the media table if the file type is a vid, snd, or pix, but I need file information regardless. I've tried various flavors of the following query, but each time I get the table doesn't exist error. Selects, deletes, updates, inserts work on all tables, so I'm guessing my syntax is wrong with the JOIN. SELECT tbl_file.*, tbl_hash.hash FROM tbl_file AS f, tbl_hash AS h LEFT OUTER JOIN tbl_media AS m ON ((f.type='VID' OR f.type='SND' OR f.type='PIX') AND m.file_key=f.file_id) WHERE ((f.volume_key=tbl_master.volume AND (h.volume_key=tbl_master.volume AND h.file_key=f.file_id))) ORDER BY f.path ASC;Any ideas on how to pull off what I'm trying to do would be greatly appreciated. Thank you for your time. I have a php script on a server writing to an html file on a remote server. I'm using the following combination of fopen and fputs. The problem is that once out of maybe every 10 or 15 writes to the file, the file that is written is blank with nothing in it. Has anyone here had experience with this before? The file is fixed the next time it writes to it. this code is within a loop that runs every 10 seconds. Code: [Select] // Allows overwriting of existing files on the remote FTP server $stream_options = array('ftp' => array('overwrite' => true)); // Creates a stream context resource with the defined options $stream_context = stream_context_create($stream_options); // Opens the file for writing and truncates it to zero length if ($fh = fopen($ftp_path, 'w',0, $stream_context)) { if ( $change > 0 ) fputs($fh, "the contents of the html file is here"); //the case if change is positive else fputs($fh, "the contents of the html file is here"); //the case if change is negative // Closes the file handle fclose($fh); } else { die('Could not open file.'); } I came across the PHP clone method. Does this clone first level fields and methods or does it also do deep copying e.g. copying references to those fields. For example, a field may be an array. Does it make a copy of the actual array or does it refer to the same array position in memory, so if the original changes, then the copy's changes as well?
I have a simple register script and some weird things are happening. If i leave blank password or repeat_password then code is still executed. Why? I can't seem to find any mistakes in the code. (only when username is empty then i get "You need to fill everything"). Code: [Select] <?php $submit = $_POST['submit']; $username = strip_tags($_POST['username']); $password = md5(strip_tags($_POST['password'])); $repeat_password = md5(strip_tags($_POST['repeat_password'])); require("connect.php"); if ($submit) { if (!empty($username) && !empty($password) && !empty($repeat_password)) { mysql_query("INSERT INTO users2 VALUES ('', '$username', '$password', '1000', '0', '0','', '', '')"); echo "You are registered <br />Your username is "."<b>$username</b>"."<br /> You may now <a href='index.php'> login </a>"; } else { echo "You have not filled everything."; } } ?> Hi, I'm looking to change my 'Dead' page on my Mafia game to enable users to register a new account as soon as they log in to their dead one. I would like them to be able to just enter a new Username and then the email, password etc stay the same. Is this possible? Just ask for any parts of the register code you guys need. Thanks in advance,. Hello everyone, I want to make a re-register script that enables a user to re-register once killed.... BUT keep the same email, same profile pic, same profile quote, same friends and a few other things.... BUT register new username etc. Any help would be great. Okay, I downloaded a PHP Script called RadiPanel which is a User System type thing and uploaded and installed it to my website. Now The problem with RadiPanel is, I have to add users/members to it as there is no registration process. So within the Admin page on RadiPanel I have taken the script out, now when I try view it as a "non logged in" user it just shows a white blank page, I was wondering if anyone here could determine just from the code below what I have to take out/delete in order for the public to view the page fully? Thanks guys Code: [Select] <?php if( !preg_match( "/index.php/i", $_SERVER['PHP_SELF'] ) ) { die(); } if( $_GET['id'] ) { $id = $core->clean( $_GET['id'] ); $query = $db->query( "SELECT * FROM users WHERE id = '{$id}'" ); $data = $db->assoc( $query ); $data['ugroups'] = explode( ",", $data['usergroups'] ); $editid = $data['id']; } ?> <form action="" method="post" id="addUser"> </div> <?php if( $_POST['submit'] ) { try { $username = $core->clean( $_POST['username'] ); $password = $core->clean( $_POST['password'] ); $email = $core->clean( $_POST['email'] ); $habbo = $core->clean( $_POST['habbo'] ); $dgroup = $core->clean( $_POST['dgroup'] ); $query = $db->query( "SELECT * FROM usergroups" ); while( $array = $db->assoc( $query ) ) { if( $_POST['ugroup-' . $array['id']] ) { $ugroups .= $array['id'] . ","; } } $password_enc = $core->encrypt( $password ); if( !$username or ( !$password and !$editid ) or !$dgroup or !$ugroups ) { throw new Exception( "All fields are required." ); } else { if( $editid ) { if( $password ) { $password = ", password = '{$password_enc}'"; } else { unset( $password ); } $db->query( "UPDATE users SET username = '{$username}'{$password}, email = '{$email}', habbo = '{$habbo}', displaygroup = '{$dgroup}', usergroups = '{$ugroups}' WHERE id = '{$editid}'" ); } else { $db->query( "INSERT INTO users VALUES (NULL, '{$username}', '{$password_enc}', '{$email}', '{$habbo}', '{$dgroup}', '{$ugroups}');" ); } echo "<div class=\"square good\">"; echo "<strong>Success</strong>"; echo "<br />"; echo "User added!"; echo "</div>"; } } catch( Exception $e ) { echo "<div class=\"square bad\">"; echo "<strong>Error</strong>"; echo "<br />"; echo $e->getMessage(); echo "</div>"; } } ?> <table width="100%" cellpadding="3" cellspacing="0"> <?php $query = $db->query( "SELECT * FROM usergroups" ); while( $array = $db->assoc( $query ) ) { if( in_array( $array['id'], $data['ugroups'] ) ) { $groups[$array['id'] . '_active'] = $array['name']; } else { $groups[$array['id']] = $array['name']; } if( $array['id'] == $data['displaygroup'] ) { $dgroups[$array['id'] . '_active'] = $array['name']; } else { $dgroups[$array['id']] = $array['name']; } } echo $core->buildField( "text", "required", "username", "Username", "The new username.", $data['username'] ); echo $core->buildField( "password", "<?php if( !$editid ) { ?>required<?php } ?>", "password", "Password", "The new password." ); echo $core->buildField( "text", "", "email", "Email", "The new email (optional).", $data['email'] ); echo $core->buildField( "text", "", "habbo", "Habbo name", "The new Habbo name (optional).", $data['habbo'] ); echo $core->buildField( "select", "required", "dgroup", "Display group", "The user's display group.", $dgroups ); echo $core->buildField( "checkbox", "required", "ugroup", "Active usergroups", "The user's active groups.", $groups ); ?> </table> </div> <div class="box" align="right"> <input class="button" type="submit" name="submit" value="Submit" /> </div> </form> <?php echo $core->buildFormJS('addUser'); ?> Hi, I created a previous thread but the problems were too confusing so I've started this thread again. I have a register form and it's supposed to validate if fields are empty. If fields are not empty, it should enter data on submit, into the table. The problem: The form is able to submit without validation and the data does not enter the table. The code: Code: [Select] <?php require_once('./includes/connectvars.php'); // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if (isset($_POST['submit'])) { // Grab the profile data from the POST $username = mysqli_real_escape_string($dbc, trim($_POST['username'])); $password1 = mysqli_real_escape_string($dbc, trim($_POST['password1'])); $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2'])); $firstname = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); $lastname = mysqli_real_escape_string($dbc, trim($_POST['last_name'])); if (!empty($username) && !empty($password1) && !empty($password2) && ($password1 == $password2) && !empty($firstname) && !empty($lastname)) { // Make sure someone isn't already registered using this username $query = "SELECT * FROM cuser WHERE username = '$username'"; $data = mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 0) { // The username is unique, so insert the data into the database $query = "INSERT INTO cuser (username, password, join_date, first_name, last_name) VALUES ('$username', SHA('$password1'), NOW(), '$firstname', '$lastname')"; mysqli_query($dbc, $query); // Confirm success with the user echo '<p>Your new account has been successfully created. You\'re now ready to <a href="login.php">log in</a>.</p>'; mysqli_close($dbc); exit(); } else { // An account already exists for this username, so display an error message echo '<p class="error">An account already exists for this username. Please use a different address.</p>'; $username = ""; } } else { echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>'; } } mysqli_close($dbc); ?> <p>Please enter your username and desired password to sign up to Mismatch.</p> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <legend>Registration Info</legend> <label for="username">Username:</label> <input type="text" id="username" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br /> <label for="password1">Password:</label> <input type="password" id="password1" name="password1" /><br /> <label for="password2">Password (retype):</label> <input type="password" id="password2" name="password2" /><br /> <label for="first_name">first name:</label> <input type="text" id="first_name" name="first_name" /><br /> <label for="last_name">last name:</label> <input type="text" id="last_name" name="last_name" /><br /> <input type="submit" value="Sign Up" name="submit" /> </form> </body> </html> Any ideas on what the problem is? I've sent my sessions in another file. Hi there, There's something wrong with this register form, it's submitting without validation. Code: [Select] <?php require_once('./includes/connectvars.php'); // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if (isset($_POST['submit'])) { // Grab the profile data from the POST $username = mysqli_real_escape_string($dbc, trim($_POST['username'])); $password1 = mysqli_real_escape_string($dbc, trim($_POST['password1'])); $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2'])); $firstname = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); $lastname = mysqli_real_escape_string($dbc, trim($_POST['last_name'])); if (!empty($username) && !empty($password1) && !empty($password2) && ($password1 == $password2) && !empty($firstname) && !empty($lastname)) { // Make sure someone isn't already registered using this username $query = "SELECT * FROM users WHERE username = '$username'"; $data = mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 0) { // The username is unique, so insert the data into the database $query = "INSERT INTO users (username, password, join_date, first_name, last_name) VALUES ('$username', SHA('$password1'), NOW(), '$firstname', '$lastname')"; mysqli_query($dbc, $query); // Confirm success with the user echo '<p>Your new account has been successfully created. You\'re now ready to <a href="login.php">log in</a>.</p>'; mysqli_close($dbc); exit(); } else { // An account already exists for this username, so display an error message echo '<p class="error">An account already exists for this username. Please use a different address.</p>'; $username = ""; } } else { echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>'; } } mysqli_close($dbc); ?> <p>Please enter your username and desired password to sign up to Mismatch.</p> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <legend>Registration Info</legend> <label for="username">Username:</label> <input type="text" id="username" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br /> <label for="password1">Password:</label> <input type="password" id="password1" name="password1" /><br /> <label for="password2">Password (retype):</label> <input type="password" id="password2" name="password2" /><br /> <label for="first_name">first name:</label> <input type="text" id="first_name" name="first_name" /><br /> <label for="last_name">last name:</label> <input type="text" id="last_name" name="last_name" /><br /> <input type="submit" value="Sign Up" name="submit" /> </form> </body> </html> I've had this problem for a while now and can't figure it out, any suggestions are appreciated. Thank you. My issue is that I cannot get my user information to (1) upload to the database, and (2) if I manually put information in the data base I cannot retrive it when trying to log in.. I assume its a connection issue, but I cannot seem to find it. Thanks in advance for the help! This is my "init.inc.php" script... Code: [Select] <?php session_start(); $exceptions = array('register','login'); $page = substr(end(explode('/',$_SERVER['SCRIPT_NAME'])),0,-4); if(in_array($page, $exceptions) === false){ if(isset($SESSION['username']) === false){ header('Location: login.php'); die(); } } mysql_connect('localhost','root',''); mysql_select_db('newlogin'); $path = dirname(__FILE__); include("{$path}/inc/user.inc.php"); ?> This is my "user.inc.php" script... Code: [Select] <?php // check is the given username exisits in the table function user_exists($user){ $user = mysql_real_escape_string($user); $total = mysql_query("SELECT COUNT('user_id') FROM 'user_tbl' WHERE 'user_name' = '{$user}'"); return (mysql_result($total, 0) == '1') ? true : false; } // checks is the username and password are valid function valid_credentials($user, $pass){ $user = mysql_real_escape_string($user); $pass = sha1($pass); $total = mysql_query("SELECT COUNT('user_id') FROM 'user_tbl' WHERE 'user_name' = '{$user}' AND 'user_password' = '{$pass}'"); return (mysql_result($total, 0) == '1') ? true : false; } //adds user to the database function add_user($user, $pass){ $user = mysql_real_escape_string(htmlentities($user)); $pass = sha1($pass); mysql_query("INSERT INTO 'user_tbl' ('user_name', 'user_password') VALUES ('{$user}', '{$pass}')"); } ?> Finally this is my "register.php" Page... Code: [Select] <?php error_reporting(0); include('core/init.inc.php'); $errors = array(); if(isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])){ if(empty($_POST['username'])){ $errors[] = "The username field cannot be empty!"; } if(empty($_POST['password']) || empty($_POST['repeat_password'])){ $errors[] = "The password fields cannot be empty!"; } if($_POST['password'] !== $_POST['repeat_password']){ $errors[] = "Password verification failed !"; } if(user_exists($_POST['username'])){ $errors[] = "That username has already been taken!"; } if(empty($errors)){ add_user($_POST['username'], $_POST['password']); $_SESSION['username'] = htmlentities($_POST['username']); header('Location: protected.php'); die(); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <div> <?php if( empty($errors) === false){ ?> <ul> <?php foreach($errors as $error){ echo "<li>{$error}</li>"; } ?> </ul> <?php } ?> </div> <form action="" method="post"> <p> <label for="username"> Username:</label> <input type="text" name="username" id="username" value="<?php if(isset($_POST['username'])) echo htmlentities($_POST['username']); ?>" /> </p> <p> <label for="password"> Password:</label> <input type="password" name="password" id="password" /> </p> <p> <label for="repeat_password"> Repeat Password:</label> <input type="password" name="repeat_password" id="repeat_password" /> </p> <p> <input type="submit" value="Register" /> </p> </form> </body> </html> Sorry for many posts, trying to make my website
When I press the register button on my website it will just act as if the page is refreshing and not send any information to mysql
I believe I have connected everything up correctly, can anyone tell my what I have done wrong please?
If you want to check out the website to see what is going on check out www.jokestary.comli.com
<?php
//This function will display the registration form
function register_form(){
$date = date('D, M, Y');
echo "<form action='?act=register' method='post'>"
."Username: <input type='text' name='username' size='30'><br>"
."Password: <input type='password' name='password' size='30'><br>"
."Confirm your password: <input type='password' name='password_conf' size='30'><br>"
."Email: <input type='text' name='email' size='30'><br>"
."<input type='hidden' name='date' value='$date'>"
."<input type='submit' value='Register'>"
."</form>";
}
//This function will register users data
function register(){
//Connecting to database
include('connect.php');
if(!$connect){
die(mysql_error());
}
//Selecting database
$select_db = mysql_select_db("database", $connect);
if(!$select_db){
die(mysql_error());
}
//Collecting info
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$pass_conf = $_REQUEST['password_conf'];
$email = $_REQUEST['email'];
$date = $_REQUEST['date'];
//Here we will check do we have all inputs filled
if(empty($username)){
die("Please enter your username!<br>");
}
if(empty($password)){
die("Please enter your password!<br>");
}
if(empty($pass_conf)){
die("Please confirm your password!<br>");
}
if(empty($email)){
die("Please enter your email!");
}
//Let's check if this username is already in use
$user_check = mysql_query("SELECT username FROM users WHERE username='$username'");
$do_user_check = mysql_num_rows($user_check);
//Now if email is already in use
$email_check = mysql_query("SELECT email FROM users WHERE email='$email'");
$do_email_check = mysql_num_rows($email_check);
//Now display errors
if($do_user_check > 0){
die("Username is already in use!<br>");
}
if($do_email_check > 0){
die("Email is already in use!");
}
//Now let's check does passwords match
if($password != $pass_conf){
die("Passwords don't match!");
}
//If everything is okay let's register this user
$insert = mysql_query("INSERT INTO users (username, password, email) VALUES ('$username', '$password', '$email')");
if(!$insert){
die("There's little problem: ".mysql_error());
}
echo $username.", you are now registered. Thank you!<br><a href=login.php>Login</a> | <a href=index.php>Index</a>";
}
switch($act){
default;
register_form();
break;
case "register";
register();
break;
}
?>
Here is the connect.php code
<?php
$hostname="mysql6.000webhost.com"; //local server name default localhost
$username="a5347792_users"; //mysql username default is root.
$password=""; //blank if no password is set for mysql.
$database="a5347792_users"; //database name which you created
$con=mysql_connect($hostname,$username,$password);
if(! $con)
{
die('Connection Failed'.mysql_error());
}
mysql_select_db($database,$con);
?>
|
|||||||