PHP - Registration Validation.
I'm using an open source registration and login validation system. I've got it working well, apart from I've discovered when adding check if username is taken, it has broken the script and allows duplicate usernames and email addresses:
Code: [Select] <?php include ('database_connection.php'); if (isset($_POST['formsubmitted'])) { $error = array();//Declare An Array to store any error message if (empty($_POST['name'])) {//if no name has been supplied $error[] = 'Please Enter a name ';//add to array "error" } else { $name = $_POST['name'];//else assign it a variable } if (empty($_POST['e-mail'])) { $error[] = 'Please Enter your Email '; } else { if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['e-mail'])) { //regular expression for email validation $Email = $_POST['e-mail']; } else { $error[] = 'Your EMail Address is invalid '; } } if (empty($_POST['Password'])) { $error[] = 'Please Enter Your Password '; } else { $Password = $_POST['Password']; } if (empty($error)) //send to Database if there's no error ' { // If everything's OK... // Make sure the email address is available: $query_verify_email = "SELECT * FROM members WHERE Email ='$Email'"; $result_verify_email = mysqli_query($dbc, $query_verify_email); if (!$result_verify_email) {//if the Query Failed ,similar to if($result_verify_email==false) echo ' Database Error Occured '; } if (mysqli_num_rows($result_verify_email) == 0) { // IF no previous user is using this email . // Make sure the user is available: $query_verify_user = "SELECT * FROM members WHERE Username ='$name'"; $result_verify_user = mysqli_query($dbc, $query_verify_user); if (!$result_verify_user) { echo ' Database Error Occured '; } } if (mysqli_num_rows($result_verify_user) == 0) { // IF no previous user is using this user . // Create a unique activation code: $activation = md5(uniqid(rand(), true)); $query_insert_user = "INSERT INTO `members` ( `Username`, `Email`, `Password`, `Activation`, `res1`, `res2`, `ounit1`, `dunit1`) VALUES ( '$name', '$Email', '$Password', '$activation', '50000', '50000', '100', '100')"; $result_insert_user = mysqli_query($dbc, $query_insert_user); if (!$result_insert_user) { echo 'Query Failed '; } if (mysqli_affected_rows($dbc) == 1) { //If the Insert Query was successfull. // Send the email: $message = " To activate your account, please click on this link:\n\n"; $message .= WEBSITE_URL . '/activate.php?email=' . urlencode($Email) . "&key=$activation"; mail($Email, 'Registration Confirmation', $message, 'From: Admin@TheGameCo.Com'); // Flush the buffered output. // Finish the page: echo '<div class="success">Thank you for registering! A confirmation email has been sent to '.$Email.' Please click on the Activation Link to Activate your account </div>'; } else { // If it did not run OK. echo '<div class="errormsgbox">You could not be registered due to a system error. We apologize for any inconvenience.</div>'; } } else { // The email address is not available. echo '<div class="errormsgbox" >That email address or username has already been registered. </div>'; } } else {//If the "error" array contains error msg , display them echo '<div class="errormsgbox"> <ol>'; foreach ($error as $key => $values) { echo ' <li>'.$values.'</li>'; } echo '</ol></div>'; } mysqli_close($dbc);//Close the DB Connection } // End of the main Submit conditional. ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Game Name - Home</title> <link rel="stylesheet" type="text/css" href="style.css" /> </head> <body> <div id="container"> <div id="header"> <?php include("includes/header.php"); ?> </div> <div id="nav"> <?php include("includes/nav.php"); ?> </div> <div id="content"> <form action="index.php" method="post" class="registration_form"> <fieldset> <legend>Registration Form</legend> <p>Create A new Account<br />Already a member? <a href="login.php">Log in</a></p> <div class="elements"> <label for="name">Username:</label> <input type="text" id="name" name="name" size="25" /> </div> <div class="elements"> <label for="e-mail">E-mail:</label> <input type="text" id="e-mail" name="e-mail" size="25" /> </div> <div class="elements"> <label for="Password">Password:</label> <input type="password" id="Password" name="Password" size="25" /> </div> <div class="submit"> <input type="hidden" name="formsubmitted" value="TRUE" /> <input type="submit" value="Register" /> </div> </fieldset> </form> </div> <div id="footer"> <?php include("includes/footer.php"); ?> </div> </div> </body> </html> To add user verification I simply duplicated the email verification: Code: [Select] // Make sure the user is available: $query_verify_user = "SELECT * FROM members WHERE Username ='$name'"; $result_verify_user = mysqli_query($dbc, $query_verify_user); if (!$result_verify_user) { echo ' Database Error Occured '; } } if (mysqli_num_rows($result_verify_user) == 0) { // IF no previous user is using this user . Can anyone see where I've gone wrong? Similar TutorialsFeel free to move this post if it is in the incorrect category. I was using a validation method for usernames on my website but I would like to make some improvements on it. You typed in your name and it would search and pop-up whether it was available or not. I am looking for a method similar to the one used on this website and many others that checks when the field loses focus. The php code and easiest example I have found is he http://shawngo.com/wp/blog/gafyd/index.html Code: [Select] $username = $_POST['username']; // get the username $username = trim(htmlentities($username)); // strip some crap out of it $file = '/home/js4hire/public_html/gafyd/data.csv'; // Here's the file. Notice the full path. echo check_username($file,$username); // call the check_username function and echo the results. function check_username($file_in,$username){ $username=strtolower($username); $file = file($file_in); foreach ($file as $line_num => $line) { $line = explode(',',$line); $user = trim(str_replace('"','',$line[0])); if($username == strtolower($user)){ return '<span style="color:#f00">Username Unavailable</span>'; } } return '<span style="color:#0c0">Username Available</span>'; } That example uses a flat file CSV, but I would like to use my MySQL database instead. I have included a snippet from my previous that I believe would tie into this, I'm just not sure how exactly: Code: [Select] require_once dirname(__FILE__).'/../includes/common.inc.php'; require_once dirname(__FILE__).'/../includes/user_functions.inc.php'; $output=''; if (!empty($_POST['user'])) { $user=sanitize_and_format($_POST['user'],TYPE_STRING,$__field2format[FIELD_TEXTFIELD]); if (get_userid_by_user($user) || $user=='guest') { $output=1; } } echo $output; That common.inc.php calls for the database connection in session.inc.php: Code: [Select] $josh_dblink=db_connect(_DBHOST_,_DBUSER_,_DBPASS_,_DBNAME_); if (!defined('NO_SESSION')) { require _BASEPATH_.'/includes/sessions.inc.php'; } I don't want to have to call the db connection again in that file but I need to get the relevant information and pass it through the php. Any help would be appreciated! Hi, I'm not too sure if this needs to be in the PHP or javascript section, because I'm not sure what the problem is. Basically, I have a register form, but right now I'm working with one field: Username. I have a "Continue" button that takes you to the next step of the registration. The continue button should be disabled until the username textfield has more than 3 characters, less than 15 characters, and the username cannot be taken(this is where i'm having trouble). The problem is that the button enables even when the username is already taken. It works fine with the min/max chars. All of this is dynamic, I will give the HTML, PHP, and javascript code below. HTML Code: [Select] <span class='title'>Character:</span> <input type='text' id='username' name='username' onkeyup="check();"><span id=error1></span> <span id=error2></span> PHP Code: [Select] <?php $user_name='Example'; if ($user_name=='Example') { echo "no"; } else { echo "yes"; } ?> Javascript Code: [Select] <script> err=0; function check() { $step1 = $('#step1'); var trigger = true; var username = document.getElementById('username'); username2 = document.getElementById('username').value; if (username.value.length <= 3) { err=1; document.getElementById('error1').innerHTML = '<img src=views/images/cross.png></img> Username is too short(4 characters min)'; }else if (username.value.length >= 16) { err=1; document.getElementById('error1').innerHTML = '<img src=views/images/cross.png></img> Username is too long(15 characters max)'; }else{ ------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------ THE PROBLEM IS BELOW, THE FUNCTION ISN'T CALLING THE "err" variable ------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------ $.post("[my domain was here]",{username:$(username).val() } ,function(data) { if(data=='no') { err=1; document.getElementById('error1').innerHTML = '<img src=views/images/cross.png></img> Chracter name has already been taken'; } else { err=0; document.getElementById('error1').innerHTML = '<img src=views/images/tick.png></img>'; } }); } if (err==0) { trigger=false; } trigger ? $step1.attr('disabled', true) : $step1.removeAttr('disabled'); } </script> Everything works fine. The problem, I think, is at the bottom of my javascript code. You can see exactly whats its doing at www.digitaldesignersmall.com/reg/register.php Stuff just isnt working and even when i purposely try to make a error occur its not going to the right place Code: [Select] <?php include('connection.php'); $test1=$_POST['firstname']; $test2=$_POST['lastname']; $test3=$_POST['username']; if (!eregi("([^A-Za-z0-9])",$test1)){ if (!eregi("([^A-Za-z])",$test2)){ if (!eregi("([^A-Za-z])",$test3)){ $query="SELECT * FROM merchants WHERE username = '$_POST(username)'"; $result=mysql_query($query); $num=mysql_num_rows($result); if ($num == 0) { $query1="SELECT * FROM merchants WHERE email = '$_POST(email)'"; $result1=mysql_query($query1); $num1=mysql_num_rows($result1); if ($num1 == 0) { if (($_POST['password']==$_POST['password1'])&&($_POST['email']==$_POST['email1'])) { $name=strip_tags($_POST['username']); $first=strip_tags($_POST['firstname']); $last=strip_tags($_POST['lastname']); $pass=strip_tags($_POST['password']); $country=strip_tags($_POST['country']); $address=strip_tags($_POST['address']); $email=strip_tags($_POST['email']); $city=strip_tags($_POST['city']); $zip=strip_tags($_POST['zipcode']); $state=strip_tags($_POST['state']); $phone=strip_tags($_POST['phonenumber']); $aql="INSERT INTO merchants SET username='$name', firstname='$first', lastname='$last', email='$email', Country='$country', zipcode='$zip', password='$pass', city='$city', state='$state', phonenumber='$phone', address='$address'"; $result=mysql_query($sql); if ($result){ header("location:http://www.digitaldesignersmall.com/ffx.html"); } else { header("location:http://www.digitaldesignersmall.com/fff.html"); } } else{ header("location:http://www.digitaldesingersmall.com/afx.html"); } } else { header("location:http://www.digitaldesingersmall.com/afx.html"); } } else{ header("location:http://www.digitaldesignersmall.com/cxs.html"); } } else{ header("location:http://www.digitaldesignersmall.com/cxs.html"); } } else{ header("location:http://www.digitaldesignersmall.com/cxs.html"); } } ?> MOD EDIT: [code] . . . [/code] tags added. i am trying to set up a website for a school function. i have the register page up and running but i would like to make it so only people with a school email address may register. i.e name@school.edu I have looked through a lot of forms, but have yet to find the answer. Everything that i have found doesn't work. Thanks Hi guys, I have this registration form, for some reasons it just gives me "please all fields" on registration, can u help me see where im wrong please? thanks in advance code is attached below: Code: [Select] <?php //php form registration starts here if(isset($_POST['register'])){ $title=strip_tags($_POST ['title']); $firstname=strip_tags($_POST['firstname']); $surname=strip_tags($_POST['surname']); $email=strip_tags($_POST ['email']); $reemail=strip_tags($_POST ['reemail']); $password=strip_tags($_POST ['password']); $repassword=strip_tags($_POST ['repassword']); $street=strip_tags($_POST ['street']); $city=strip_tags($_POST ['city']); $postcode=strip_tags($_POST ['postocde']); $telephone=strip_tags($_POST ['telephone']); if($title && $firstname && $surname && $email && $reemail && $password && $repassword && $street && $city && $postcode && $telephone) { $getemails=mysql_query("SELECT * FROM member WHERE email='$email'"); $row=mysql_fetch_assoc($getemails); if(mysql_num_rows($getemails) > 0) { echo "This email is already registered in our database"; } else { if($email!=$reemail) echo "Your Emails do not match"; } if($password!=$repassword) { echo "Passwords do not match"; } else { $confirmedpass=md5($password); $submitusers= mysql_query("INSERT INTO members (title,Firstname,Surname,Street,City,Postcode,EmailAddress,Password, TelephoneNo,Credit) VALUES ('$title','$firstname','$surname','$street','$city','$postcode','$email','$confirmedpass','$telephone','0')"); } } else {echo "Please fill All required fields";} } ?> Hi, Im currently working on a website for a friend. The whole system works but registration is a bit dodgy. most of the time I have to add users via the backend as it throws up error messages. Can some one please look through my code and tell me what im doing wrong. Code: [Select] <?php session_start(); $page_title = 'Register'; include("includes/header.php");?> <!--main Nav--> <?php include('includes/mainNav.php'); ?> <!--Section Title--> <h1><?php echo $page_title; ?></h1> <!--primary Content--> <div id="primaryContent"> <h2><span class="RedGbColor">Subscribe Now</span></h2> <p><br /> Register here and create your profile and to attend an event of your choice (link please).<br /> </p> </div> <!--Main Content--> <div id="mainContent"> <?php $username = $_SESSION['cre_email']; $idg = $_GET['id']; $ids = $idg; $_SESSION['id'] = $ids; //grabs the variables $title = $_POST['title']; $gender = $_POST['gender']; $fname = $_POST['fname']; $lname = $_POST['lname']; $mobile = $_POST['mobile']; $email = $_POST['email']; $password = $_POST['password']; $cpassword = $_POST['cpassword']; $add1 = $_POST['add1']; $add2 = $_POST['add2']; $add3 = $_POST['add3']; $add4 = $_POST['add4']; $pcode = $_POST['pcode']; $dd = $_POST['day']; $mm = $_POST['month']; $yyyy = $_POST['year']; $news = $_POST['newsopt']; $market = $_POST['market']; $today = date(mdY); $tmp = explode(':', $title); $cust_gender = $tmp[0]; $cust_title = $tmp[1]; $male_status = $_POST[male_status]; $female_status = $_POST[female_status]; //debug info //error_reporting(E_ALL); //print_r($_GET); //print_r($_POST); //print_r($_SESSION); if ($_SESSION['loggedin'] == 1) { // logged in echo "<script language=\"JavaScript\">window.location='index.php'</script>"; exit(); } else { $month = array( array("01","Jan"), array("02","Feb"), array("03","Mar"), array("04","Apr"), array("05","May"), array("06","Jun"), array("07","Jul"), array("08","Aug"), array("09","Sep"), array("10","Oct"), array("11","Nov"), array("12","Dec") ); echo (' <h2><span class=\"RedGbColor\">Please take a few minutes to register.</span></h2> <div id=\"form1\"> <form action='validFormRegister.php?id=$idg' method=\"post\" enctype=\"multipart/form-data\"> <table width=\"380\"> <tr class=\"formText\"> <td width=\"152\" valign='bottom' style='padding-top:4px;'><label class=\"small\" for='gender'>Gender:</label><em>*</em></td> <td width=\"222\" class='small' style='padding-top:4px;'><input type='radio' name='gender' value='m' $male_status tabindex=\"1\">male <input type='radio' name='gender' value='f' $female_status>female </td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for='fname'>First Name:</label><em>*</em></td> <td><input name=\"fname\" size=\"25\" tabindex=\"2\" maxlength=\"25\" class=\"txtbx\" value=\"$fname\"></td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for='lname'>Last Name:</label><em>*</em></td><td><input name=\"lname\" value='$lname' size=\"30\" maxlength=\"30\" tabindex=\"3\" class=\"txtbx\"> </td> <tr> <td height=\"29\" colspan=\"2\"><hr /></td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for='mobile'>Mobile/Phone:</label><em>*</em></td><td><input name=\"mobile\" value='$mobile' size=\"12\" tabindex=\"4\" maxlength=\"12\" class=\"txtbx\"></td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for=\"email\">Email Address:</label><em>*</em> </td> <td><input name=\"email\" size=\"25\" tabindex=\"5\" value='$email' maxlength=\"100\" class=\"txtbx\"> </td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"password\">Password:</label><em>*</em></td><td><input type=\"password\" name=\"password\" size=\"12\" maxlength=\"14\" tabindex=\"6\" class=\"txtbx\"> <a href=\"javascript:alert('Your password must be between 4 and 14 characters long.')\"><small>HELP</small></a> </td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"cpassword\">Confirm Password:</label><em>*</em></td><td><input type=\"password\" name=\"cpassword\" size=\"12\" maxlength=\"14\" tabindex=\"7\" class=\"txtbx\"> <a href=\"javascript:alert('Your password must be between 4 and 14 characters long.')\"><small>HELP</small></a> </td> </tr> <tr> <td height=\"29\" colspan=\"2\"><hr /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add1\">House Name:</label> </td> <td><input name=\"add1\" type=\"text\" tabindex=\"8\" class=\"txtbx\" value='$add1' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add2\">Street Address:</label> </td> <td><input name=\"add2\" type=\"text\" tabindex=\"9\" class=\"txtbx\" value='$add2' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add3\">Town:</label> </td> <td><input name=\"add3\" type=\"text\" tabindex=\"10\" class=\"txtbx\" value='$add3' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add4\">County:</label> </td> <td><input name=\"add4\" type=\"text\" tabindex=\"11\" class=\"txtbx\" value='$add4' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"pcode\">Post Code:</label> </td> <td><input name=\"pcode\" type=\"text\" tabindex=\"12\" class=\"txtbx\" value='$pcode' /></td> </tr> <tr> <td height=\"29\" colspan=\"2\"><hr /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"market\">How did you hear of us?</label> </td> <td><select name=\"market\" id=\"market\" tabindex=\"13\"> <option value='$market' selected>$market</option> <option value='internet'>Internet search</option> <option value='friend'>Friend recommended</option> <option value='dating site'>Dating site</option> <option value='Gay press'>Gay press</option> <option value='Time Out'>Time Out</option> <option value='Flyer'>Flyer</option> <option value='previous customer'>Previous attendance</option> <option value='other'>Other</option> </select></td> <td> </td> </tr> <tr class=\"formText\"><td><label class=\"small\" for=\"day\">Date </label><label class=\"small\" for=\"Month\"> of </label><label class=\"small\" for=\"Year\"> Birth:</label></td> <td> <select name=\"day\" id=\"day\" tabindex=\"14\"> <option value='$dd'>$dd</option> "); for($i=1; $i<32; $i++) { echo "<option value=\"".$i."\">".$i."\n"; } echo (" </select> <select name=\"month\" id=\"month\" tabindex=\"15\"> <option value='$mm'>$mm</option> "); for($i=0; $i<12; $i++) { echo "<option value=\"".$month[$i][0]."\">".$month[$i][1]."\n"; } echo (" </select> <select name=\"year\" id=\"year\" tabindex=\"16\"> <option value='$yyyy'>$yyyy</option> "); for($i=1944; $i<1991; $i++) { echo "<option value=\"".$i."\">".$i."\n"; } echo (" </select> </td> <td> </td> </tr> <tr class=\"formText\"> <td><label for=\"photo\">Upload a photo</label></td> <td><input name=\"photo\" type=\"file\" tabindex=\"17\"></td> <tr> <td></td> <td>MAX FILE SIZE : 1MB <a href=\"javascript:alert('Please upload a photo of yourself. Optimum size is 640 pixels wide by 480 pixels high. Maximum file size of 1MB.')\"><small>HELP</small></a><br /><br /> </td> <tr class=\"formText\"> <td><label for=\"newsopt\">I wish to receive newsletters</label> </td> <td> <input name=\"newsopt\" type=\"checkbox\" tabindex=\"18\" id=\"newsOpt\" value='1' checked /> </td> <td> </td> </tr> <tr> <td> </td> <td> <input type=\"submit\" tabindex=\"19\" value=\"Continue\" class=\"btn_sm_left\" id=\"submitBtn\" onclick='this.disabled=true;this.value=\"Please Wait\";document.forms[1].submit();' style='width:120px;'/> <input type=\"reset\" value=\"Reset\" class=\"btn_sm_left\" /></td> <td> </td> </tr> </table> </form> <p class='pink2'><strong>Note</strong>: Fields marked with an <em>asterix (*)</em> are required.</p> '); } ?> </div> </div> <!--primary Content--> <div id="primaryContent"> <!--Login--> <?php include('includes/login.php'); ?> </div> <!--Footer--> <?php include('includes/footer.php'); ?> </div> </div> </body> </html> Hi, I wonder whether someone may be able to help me please. I'm fairly new to PHP so please bear with me. I'm trying to put together a script which bascially creates a hierarchical tree of folders upon a new account being created by a user. I would like to take the 'username' that the user registers with to use as the name for the first folder, then, create a folder at the second level called 'images' and then finally, a folder within that called 'thumbs'. From the research that I've done, I believe that I need to use the 'mkdir' command, but I can't find a very straight forward tutorial. I just wondered whether someone could perhaps please help me out with this, so that I at least have a good solid starting point. This is related to my post http://www.phpfreaks.com/forums/index.php/topic,307907.msg1455208.html#msg1455208 I have never programmed using OOP, and I am unsure where to start. All of the tutorials and books I have read use stupid examples that don't seem to help you "in the real world"?! So I want to write my first bit of PHP OOP to register Customers for my website. I think having a "Registration" class makes sense, but I'm not sure how to tie that to my website. If I write an HTML webpage and on it I have a Form where users can enter registration info, then how do I tie that "static" and/or "procedural" code to my OOP? I was thinking of having it so that when a user clicks the "Register" button that I call a PHP file that has my Registration class and I first instantiate it so that the user has his/her own "Registration object". From there, maybe I could call a method in Registration that actually registers the user. (Or maybe I can just do that during instantiation?!) Can someone help me out here? TomTees Hello i have this registration script.
I need help adding mybb forum user check to here. That script checks your insterted user and pw is it correct.
Script attached.
Attached Files
rega.php 9.52KB
2 downloads I'm making a registration form and i want to add a user when i click the registration button, but the user can not already be in the database, i set the user to be unique inside of the database and when i try to add a new user it gives an error message, but instead of that error message i would like to input please enter another user-name or user already exist something like that the error message says duplicate entry 'username' inside of db basically... can someone help me with this ? Hi Guys, This is really stumping me here lol i have set my registration page code to email me when a user signs up (once its entered in the database) code: Code: [Select] <?php if (isset($_POST['submitSignUp'])) { // Errors array() $errors = array(); // POST vars $fName = mysql_real_escape_string($_POST['fname']); $lName = mysql_real_escape_string($_POST['lname']); $email = mysql_real_escape_string($_POST['email']); $pass1 = mysql_real_escape_string($_POST['pass1']); $pass2 = mysql_real_escape_string($_POST['pass2']); $cntry = mysql_real_escape_string($_POST['cntry']); // Does passwords match if ($pass1 != $pass2) { $errors[] = "Your passwords don't match."; } // Potential errors // Empty fields if (empty($fName) || empty($lName) || empty($email) || empty($pass1) || empty($pass2)) { $errors[] = "You never filled in all the fields."; } else { // Does user exist? $result = mysql_query("SELECT * FROM `dig_customers` WHERE `email`='$email' LIMIT 1"); if (mysql_num_rows($result) > 0) { $errors[] = "The e-mail address <b>$email</b> has already been registered."; } else { // Empty for now... } } // display errors if any exist if (count($errors) > 0) { print "<div id=\"errorMsg\"><h3>Ooops! There was error(s)</h3><ol>"; foreach($errors as $error) { print "<li>$error</li>"; } print "</ol></div>"; } else { print "<div id=\"okMsg\"><p>All done :) you can now sign in.</p></div>"; // Encrypt the password before insertion $encPass = md5($pass1); // Insert into the database $q = mysql_query("INSERT INTO `dig_customers` (`id`, `password`, `password_unencrypted`, `gender`, `title`, `first_name`, `last_name`, `address`, `city`, `state_county`, `post_zip_code`, `country`, `email`, `home_number`, `mobile_number`, `news_letter`, `special_offers`, `admin_level`, `registered`) VALUES ('', '$encPass', '$pass1', 'NULL', 'NULL', '$fName', '$lName', 'NULL', 'NULL', 'NULL', 'NULL', '$cntry', '$email', 'NULL', 'NULL', 'NULL', 'NULL', 'N', NOW())"); if ($q) { // Alert on signup send_graham_email("User Has Signed Up!"); } } } ?> When i do a test signup on: http://www.digicures.com/sign-up.php everything works great i get an email and the entry is saved in the database, over the paste week or so i have had about 8 emails saying people have signed up but when i check the database there nothing there! i can't understand it, only when the insert query is true should it send me the mail eh? can anyone see any problems with the code at all? cheers guys Graham Im trying to build mysql php user registration. For some reason i cannot insert values into my database. Code: [Select] <?php $submit = $_POST['submit']; $fullname = strip_tags($_POST['fullname']); $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); // Connect the database $connection = mysql_connect("bla", "bla", "bla") or die ("Could not connect"); mysql_select_db("my_db", $connection); // mysql query $query = "INSERT INTO users VALUES (''. 'fullname', 'username', 'password')"; mysql_query($query); echo "You have successfully registered"; ?> Any help spotting the error would be appreciated! I have a page for event registration and I have subevents that will have a check mark by them. how do i make it so that a check mark only appears if a subevent is present? Hey guys!
I'm sorry if this wrong section to post this, but this one was the most reasonable to ask.
So I'm looking for a guy who could program a system for my website. It's gonna be a site where people can register and join the raffles.
The raffles will work on a ticket system where you have to buy a ticket to join a competition. The registration has to be safe and same as raffle without any bugs etc..
Will give more info when you write me down!
If you are intrested you can add me on skype: mikinjsh95
Or send an email on: miks.silins@outlook.com
I will pay for the code, no doubt! Will pay half money and when the script is done will pay the rest!
I've only modified the code below for the query, I just removed that to make it shorter, the query works fine. I've added human verification to the script and it displays the image and numbers fine, I also echo'd out the variables and they match using SHA1(). My captcha script is displaying the image properly and sets the $_SESSION['pass_phrase'] variable fine. It isn't throwing any errors or creating the account. As of right now I have a headache and figured I could use some help here. Let me know if you spot the error. <?php error_reporting(E_ALL); require_once('cons.php'); // Get the variable sent by AJAX script if it is typed in // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if (isset($_REQUEST['username'])) { $ok = 'okay'; $den = 'denied'; // Secure the information $passname = mysqli_real_escape_string($dbc, trim($_REQUEST['username'])); // Lookup the username in the database $query = "SELECT username FROM info WHERE username = '$passname'"; $data = mysqli_query($dbc, $query); // Allow some time to get the response sleep(3); // If 1 is returned that name exsists, if 0 then we can move forward if (mysqli_num_rows($data) == 0) { // Send okay back to the ajax script so it knows to stop bothering the user echo $ok; return $ok; } else { // Send denied back to the ajax script so the user knows that name is taken echo $den; return $den; } // Close If / Else statement } // Close (isset($_REQUEST['username'])) { // Start of Main Submit Function Script session_start(); require_once('aprs.php'); if (isset($_POST['submit'])) { // Grab the profile data from the POST and secure it $avatar = mysqli_real_escape_string($dbc, trim($_POST['avatar'])); $usern = mysqli_real_escape_string($dbc, trim($_POST['username1'])); $password1 = mysqli_real_escape_string($dbc, trim($_POST['password1'])); $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2'])); $email = mysqli_real_escape_string($dbc, trim($_POST['email'])); $side = mysqli_real_escape_string($dbc, trim($_POST['side'])); $class = mysqli_real_escape_string($dbc, trim($_POST['class'])); $vercap = mysqli_real_escape_string($dbc, trim($_POST['verify'])); // convert username to all lowercase $userna = strtolower($usern); $username = stripslashes($userna); // Check the CAPTCHA pass-phrase for verification $phrase = SHA1($vercap); if ($_SESSION['pass_phrase'] == $phrase) { // Expression for validating the username is properly formatted. if (preg_match('/[^0-9A-Za-z]/',$username)) { // Expression for validating the e-mail is properly formatted. if (preg_match('/^[^@]+@[a-zA-Z0-9._-]+\.[a-zA-Z]+$/', $email)){ // Check to make sure all the form fields are filled in if (!empty($avatar) && !empty($username1) && !empty($password1) && !empty($password2) && ($password1 == $password2) && !empty($email) && !empty($side) && !empty($class)) { // If all the fields are filled in correctly then we can check the username to see if it's registered // Make sure someone isn't already registered using this username $query = "SELECT * FROM info WHERE username = '$username'"; $data = mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 0) { // The username is unique, so insert the data into the database $hash = md5( rand(0,1000) ); $query = "INSERT INTO"; mysqli_query($dbc, $query); // Confirm success with the user echo '<div id="signconf">'; echo '<p>Your new account has been successfully created. Please check your Email for the final verification.'; echo '</div>'; // Send the registration e-mail so the user can activate thier account $to = $email; // Send email to our user $subject = 'Signup | Verification'; // Give the email a subject $message = ' Thanks for signing up! Your account has been created, you can login with the following credentials after you have activated your account by clicking the url below. ------------------------ Username: '.$username.' Password: '.$password1.' ------------------------ Please click this link to activate your account: http://www.mydomain.com/verify.php?email='.$email.'&hash='.$hash.' '; // Our message above including the link $headers = 'From:me@mydomain.com' . "\r\n"; // Set from headers mail($to, $subject, $message, $headers); // Send our email mysqli_close($dbc); exit(); // If there was an issue with the username already taken, display an error } else { echo '<div id="signconf">'; echo '<p class="error">An account already exists for this username. Please use a different address.</p>'; echo '</div>'; $username = ""; } // End the if(mysqli_num_rows($data) == 0) { check // If there was an issue with the user not filling in the form correctly we post an error } else { echo '<div id="signconf">'; echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>'; echo '</div>'; } // End the if(mysqli_num_rows($data) == 0) { check // If there was an error with the e-mail address entered we need to post an error } else { echo '<div id="signconf">'; echo 'The email you have entered is invalid, please try again.'; echo '</div>'; } // End the if(mysqli_num_rows($data) == 0) { check // If there was an error with the format of the username we need to post an error } else { echo '<div id="signconf">'; echo 'The email you have entered is invalid, please try again.'; echo '</div>'; } // End the if(mysqli_num_rows($data) == 0) { check // If there was an error with the captcha not matching we post an error } else { echo '<div id="signconf">'; echo "The verification text didn't match the picture."; echo '</div>'; } // End else for Captcha check } // End the if(mysqli_num_rows($data) == 0) { check // Connection to the database is no longer needed so we can close it mysqli_close($dbc); // We no longer need php so let's close that and start the submit form ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title> Registration</title> <link type="text/css" rel="stylesheet" href="tlstyle.css" /> <script src="scripts/utils.js" type ="text/javascript"></script> <script src="scripts/validation.js" type="text/javascript"></script> </head> <body> <div id="csignup"> <div id="signform"> <p>Please enter all the information below to sign up.</p> <form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <label for="username1">Username:</label> <input type="text" id="username1" name="username1" value="<?php if (!empty($username1)) echo $username; ?>" maxlength = "7" /><br /> <label>Password:</label> <input type="password" id="password1" name="password1" value="<?php if (!empty($password1)) echo $password1; ?>" class="jcinput"/><br /> <label>Password (retype):</label> <input type="password" id="password2" name="password2" value="<?php if (!empty($password2)) echo $password2; ?>" class="jcinput"/><br /> <label>E-Mail Address:</label> <input type="text" id="email" name="email" value="<?php if (!empty($email)) echo $email; ?>" class="jcinput"/><br /> <label for="verify">Verification:</label> <img src="captcha.php" alt="Verification" /><br /> <label for="verify">Verification:</label> <input type="text" id="verify" name="verify" class="jcinput" /><br /> <label>Choose Your Avatar:</label> <input type="radio" name="avatar" value="/images/smile.png" /> <img src="/images/smile.png" alt="1" /> <input type="radio" name="avatar" value="/mages/smile.png" /> <img src="/images/smile.png" alt="1" /> <input type="radio" name="avatar" value="/mages/smile.png" /> <img src="/images/smile.png" alt="1" /> <input type="radio" name="avatar" value="/images/smile.png" /> <img src="/images/smile.png" alt="1" /><br /> <label>Choose Your Side:</label> <input type="radio" name="side" value="A" />A <input type="radio" name="side" value="B" />B <div id="signclassb"> <div id="signclass"> Choose a Class: <ul><li><input type="radio" name="class" value="A" /> A</li> <li><input type="radio" name="class" value="B" /> B</li> <li><input type="radio" name="class" value="C" /> C</li></ul> </div> </div> <input type="submit" value="Sign Up" name="register" class="signsub" /> </form> </div> </div> </body> </html> Hi Can anyone help with this problem it seems very simple, I am not an experienced PHP coder but keen to progress. I am trying to create a User Registration project but have a problem. every time I try to login using mysqli_fetch_assoc it drops through to my error Invalid Email /Password it seems that the mysqli code is not working correctly but I do not understand this function enough can anyone help. I have attached the coding if this helps. This is the function
function Login_Attempt($Email,$Password){
This is the code I am using Login.php
<?php require_once("Include/Session.php"); ?>
<br><input type="Submit" Name="Submit" value="Login"><br> Hope this Helps Ossieboy
Currently I'm trying to get a registration form to work adding a username and password into a database. That bit I understand and have managed to do aswell as getting the password to hash using the line below: $hashed = password_hash($password, PASSWORD_DEFAULT);
What I'm trying to do now is have the passwords check to see if they are the same, if so the user is able to register, if not they are sent back to the registration page(which was working before I started tampering with the next bit). I also want to checkto see if the username is taken, the following code is what I have so far: <?php session_start(); /* Attempt MySQL server connection. Assuming you are running MySQL server with default setting (user 'root' with no password) */ $link = mysqli_connect("localhost", "root", "", "rockinrochester"); // Check connection if($link === false){ die("ERROR: Could not connect. " . mysqli_connect_error()); } $sql= mysql_query("SELECT FROM register (username, password) WHERE username=$username"); if(mysql_num_rows($sql)>=1) { echo"name already exists"; } else { $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; $hashed = password_hash($password, PASSWORD_DEFAULT); if($password != $password2) { //checks to see if passwords match, if they don't it redirects person back to registration form header('Location: register.php'); echo "passwords didn't match"; } else { $sql = "INSERT INTO register (username, password) VALUES ( '$username','$hashed')"; // if passwords match inputs them into database } if(mysqli_query($link, $sql)){ header('Location: registered.php'); // if it works relocated person to registered.html } else{ echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); // if it fails it prints an error message } // Close connection mysqli_close($link); } ?> <?php session_start(); /* Attempt MySQL server connection. Assuming you are running MySQL server with default setting (user 'root' with no password) */ $link = mysqli_connect("localhost", "root", "", "rockinrochester"); // Check connection if($link === false){ die("ERROR: Could not connect. " . mysqli_connect_error()); } $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; $hashed = password_hash($password, PASSWORD_DEFAULT); $sql = mysql_query("SELECT FROM register(username, password, ) WHERE username=$username"); if(mysql_num_rows($sql)>=1) { echo"name already exists"; } else{ if($password != $password2) { //checks to see if passwords match, if they don't it redirects person back to registration form header('Location: register.php'); echo "passwords didn't match"; } else { $sql = "INSERT INTO register (username, password) VALUES ( '$username','$hashed')"; // if passwords match inputs them into database } if(mysqli_query($link, $sql)){ header('Location: registered.php'); // if it works relocated person to registered.html } else{ echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); // if it fails it prints an error message } // Close connection mysqli_close($link); } ?> at the minute It's throwing back the following error Quote
Edited April 4, 2019 by dylfs changing code New to php and starting to feel way in over my head. Please help, point me in the right direction here. How do i create a new folder with a index.html like (www.mydomain.com/NEWUSER/index.html) when a user registers for my site and have it do live check for AVAILABILITY? I want to give my users a unique url for there profile. how then do i automate the creation of x.com/newuser/index.html and write it with the users input from my database at the same time? Hi everyone, I wanted to let you know first that i am real new into this. I am trying to build a user management system and i can't seem to add a registration field. I got the free script uM Script and here's the code, please help me on this one: REGISTER.PHP Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB"> <head> <title>Member Registration</title> <meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf-8" /> <meta name="description" content="" /> <meta name="keywords" content="" /> <meta name="robots" content="index, follow" /> <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" /> <link rel="stylesheet" type="text/css" href="css/style.css" media="screen" /> <script type="text/javascript" src="js/jquery-1.6.2.js"></script> <script type="text/javascript" src="js/script.js"></script> <script type="text/javascript"> $(document).ready(function(){ $('#regForm').submit(function(e) { register(); e.preventDefault(); }); }); </script> </head> <body> <table align="center" width="100%" cellspacing="1" cellpadding="1" border="0"> <tr> <td align="left"><a href="index.php">Home</a> | <a href="login.php">Log in</a> | <a href="register.php">Register</a> | <a href="pass_reset.php">Reset Password</a> | <a href="contact_us.php">Contact Us</a></td><td align="right"><a href="admin/login.php">Admin Login</a></td> </tr> </table> <hr/> <p>Register</p> <p>Use the form below to register.</p> <hr/> <div class="done"><p>Registration successful! <a href="login.php">Click here</a> to login.</p></div><!--close done--> <div class="form"> <form id="regForm" action="reg_submit.php" method="post"> <table align="center" width="50%" cellspacing="1" cellpadding="1" border="0"> <tr> <td colspan="2" ></td> </tr> <tr> <td> <label for="username">Username:</label> </td> <td> <input onclick="this.value='';" name="username" type="text" size="25" maxlength="8" value="<?php if(isset($_POST['username'])){echo $_POST['username'];}?>"/> </td> </tr> <tr> <td> <label for="password">Password:</label> </td> <td> <input name="password" type="password" size="25" maxlength="15" /> </td> </tr> <tr> <td> <label for="email">Email:</label> </td> <td> <input onclick="this.value='';" name="email" type="text" size="25" maxlength="50" value="<?php if(isset($_POST['email'])){echo $_POST['email'];}?>"/> </td> </tr> <tr> <td><label for="phone"><label>Phone:</label></td><td><input type="text" name="phone" value="<?php if(isset($_POST['phone'])){echo $_POST['phone'];}?>"/></td> </tr> <td> </td> <td> <input type="submit" name="register" value="Register" /><img id="loading" src="images/loading.gif" alt="working.." /> </td> </tr> <tr> <td colspan="2"><div id="error"> </div></td> </tr> </table> </form> </div><!--close form--> </body> </html> REG.SUBMIT.PHP Code: [Select] <?php require_once('lib/connections/db.php'); include('lib/functions/functions.php'); $sitesettings = getSiteSettings(); $site_url = $sitesettings[0]['site_url']; //For registration // we check if everything is filled in and perform checks if(!$_POST['username']) { die(msg(0,"<p>Please enter a username.</p>")); } if(strlen($_POST['username'])<3 || strlen($_POST['username'])>15) { die(msg(0,"<p>Username must be between 3 and 15 characters.</p>")); } elseif(uniqueUser($_POST['username'])) { die(msg(0,"Username already taken.")); } elseif(!$_POST['password']) { die(msg(0,"<p>Please enter a password.</p>")); } elseif(strlen($_POST['password'])<5) { die(msg(0,"<p>Usernames must be atleast 5 characters.</p>")); } elseif(!$_POST['email']) { die(msg(0,"<p>Please enter an email address.</p>")); } /*elseif(validateEmail($_POST['email'])) { die(msg(0,"<p>Invalid email address.</p>")); }*/ elseif(uniqueEmail($_POST['email'])) { die(msg(0,"<p>Email taken. Please select another email address.</p>")); } elseif(!$_POST['phone']) { die(msg(0,"Phone numbers must be of numeric type only.")); } else { $res = addUser($_POST['username'],$_POST['password'],$_POST['email'], $_POST['phone'],$site_url); if ($res == 1){ die(msg(0,"Failed to send activation email. Please contact the site admin.")); } if ($res == 2){ die(msg(0,"There was an error registering your details. Please contact the site admin.")); } if ($res == 99){ die(msg(1,"<p>Registration successful! <a href='login.php'>Click here</a> to login.</p>")); } } function msg($status,$txt) { return '{"status":'.$status.',"txt":"'.$txt.'"}'; } ?> And the code of the function: Code: [Select] //----------Function for adding user's profile---------- function addUser($user,$pass,$email,$site_url) { $user = secureInput($user); $pass = secureInput($pass); $email = secureInput($email); $site_url = secureInput($site_url); //Encrypt password for database $salt = 's+(_a*'; $pass = md5($pass.$salt); $reg_date = date("l, M j, Y, g:i a"); $sql = "INSERT INTO users (username,password,email,active,level_access,reg_date) VALUES ('".$user."','".$pass."','".$email."',0,2,'".$reg_date."')"; $res = mysql_query($sql); if($res){ //build email to be sent $to = $email; $subject = $site_url; $subject .= ": Activate Your Account"; $message = " <html> <head> <title>Account Activation</title> </head> <body> <h3>Account Activation</h3> <p>Dear ".$user.", thank you for registering at ".$site_url.".</p> <p>Please click on the link below to activate your account:</p> <a href='".$site_url."/confirm_user_reg.php?prsn=".$user."'>http://www.".$site_url."</a>. <p>If the above link does not work, copy and paste the below URL to your browser's address bar:</p> <p><i>http://www.".$site_url."/confirm_user_reg.php?prsn=".$user."</i></p><br/> <p>If you did not initiate this request, simply disregard this email, and we're sorry for bothering you.</p> <br/><br/> <p>Sincerely,</p> <p>The ".$site_url." Team.</p> </body> </html> "; // To send HTML mail, the Content-type header must be set $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/html; charset=iso-8859-1\r\n"; if($mail_send = mail($email, $subject, $message, $headers)) { } return 99; return 1; } else return 2; } I know i'm wrong somewhere because when i register a user the phone number won't post on the "phone" field on database. |