|
PHP - Register Script Problem
Hey, so this is my register script
<?php
error_reporting(E_ALL | E_NOTICE);
ini_set('display_errors', 1);
require 'connect.php';
echo "<title> Register </title>";
if(isset($_POST['register'])) {
$username = trim($_POST['username']);
$username = mysqli_real_escape_string($con, $_POST['username']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$password = hash('sha512', $_POST['password']);
if(!$_POST['username'] OR !$_POST['password']) {
die("You must enter a username and password!");
}
$stmt = $con->prepare("INSERT INTO usrs_usr (username, password) VALUES (?, ?)");
$stmt->bind_param("ss", $username, $password);
$stmt->get_result();
var_dump($stmt);
$stmt->execute();
echo "New user has been created successfully";
$stmt->close();
$conn->close();
}
?>
Now the problem is i have done a variable dump which outputs nothing, and the only error i am getting is
Fatal error: Call to a member function bind_param() on a non-object Similar TutorialsI'm sorry this code is a mess, this is my attempt at a online youtube tutorial http://www.youtube.com/user/phpacademy#p/c/9CC58D1B2A2D83D6/9/cBJZZlLrXGo The script runs with no parse errors but it does not the following: - present error messages when input is incorrect - enter correct input into the database - retain the user input in the form so the user does not need to re enter the information. I would just use another script but this is the 2nd part of a tutorial that will really help me learn so I need this to work . Any help appreciated. 1. 2. <?php 3. include("design/header.php"); 4. require("connect.php"); 5. 6. //register code 7. 8. 9. if(isset($POST['submit'])) 10. { 11. //grab submitted data 12. $firstname = $_POST['firstname']; 13. $lastname = $_POST['lastname']; 14. $username = $_POST['username']; 15. $password = $_POST['password']; 16. $password_repeat = $_POST['password_repeat']; 17. 18. $dob_year = $_POST['dob_year']; 19. $dob_month = $_POST['dob_month']; 20. $dob_day = $_POST['dob_day']; 21. 22. $gender = $_POST['gender']; 23. 24. if ( 25. $firstname&& 26. $lastname&& 27. $username&& 28. $password&& 29. $password_repeat&& 30. $dob_year&& 31. $dob_month&& 32. $dob_day&& 33. $gender 34. ) 35. { 36. 37. //validation 38. if(strlen($firstname)>25 || strlen($lastname)>25 || strlen($username)>25) 39. echo "Firstname, lastname and username must be no more than 25 characters."; 40. 41. 42. else 43. { 44. if (strlen($password)>25 || strlen($password)<6) 45. echo "Password must be between 6 and 25 characters."; 46. 47. else 48. { 49. if (is_numberic($dob_year)&&is_numberic($dob_month)&&is_numberic($dob_day)) 50. { 51. 52. if (strlen($dob_year)>4||strlen($dob_year)>2||strlen($dob_year)>2) 53. echo "Date of birth must be 4 characters, month and must be 2."; 54. else 55. { 56. if ($gender=="Male"||$gender=="Female") 57. { 58. //compare pass 59. if ($password==$password_repeat) 60. { 61. //check dob limits for month and day 62. if ($dob_month>12||$dob_day>31) 63. echo "Date of birth month or day is bigger than expected!"; 64. else{ 65. //check for existing user 66. $query =mysql_query("SELECT * FROM users WHERE username='$username'"); 67. if (mysql_num_rows($query)>=1) 68. echo "That username is already taken."; 69. else { 70. //success!! 71. $dob_db = "$dob_year-$dob_month-$dob_day"; 72. $password_db = md5($password); 73. 74. switch ($gender) 75. { 76. case "Male": 77. $gender_db = "M"; 78. break; 79. case "Female": 80. $gender_db = "F"; 81. break; 82. $register = mysql_query("INSERT INTO user VALUES ('','$firstname','$lastname','$username','$password_db','$dob_db','$gender_db')"); 83. echo "success!"; 84. } 85. } 86. } 87. } 88. else 89. {echo "Passwords must match"; 90. } 91. } 92. else 93. echo "Gender must be Male or Female."; 94. } 95. } 96. else 97. echo "Date of birth must be in number form. For example 1993/05/30"; 98. } 99. } 100. }else{ 101. echo "Please enter your details and click Register!"; 102. } 103. } 104. 105. ?> 106. 107. <p> 108. <form action='register.php' method='POST'> 109. 110. <table width='60%'> 111. <tr> 112. <td width='40%' align='right'> 113. <font size='2' face='arial'>Firstname: 114. </td> 115. <td> 116. <input type='text' value='<?php echo $firstname; ?>' name='firstname' maxlength='25'> 117. </td> 118. </tr> 119. <tr> 120. <td width='40%' align='right'> 121. <font size='2' face='arial'>Lastname: 122. </td> 123. <td> 124. <input type='text' value='<?php echo $lastname; ?>' name='lastname' maxlength='25'> 125. </td> 126. </tr> 127. <tr> 128. <td width='40%' align='right'> 129. <font size='2' face='arial'>Username: 130. </td> 131. <td> 132. <input type='text' value='<?php echo $username; ?>' name='username' maxlength='25'> 133. </td> 134. </tr> 135. <tr> 136. <td width='40%' align='right'> 137. <font size='2' face='arial'>Password: 138. </td> 139. <td> 140. <input type='password' name='password' maxlength='25'> 141. </td> 142. </tr> 143. <tr> 144. <td width='40%' align='right'> 145. <font size='2' face='arial'>Repeat Password: 146. </td> 147. <td> 148. <input type='password' name='password_repeat' maxlength='25'> 149. </td> 150. </tr> 151. <tr> 152. <td width='40%' align='right'> 153. <font size='2' face='arial'>Date of birth: 154. </td> 155. <td> 156. <input type='text' name='dob_year' maxlength='4' size='3' value='<?php if ($dob_year) echo $dob_year; else echo "YYYY";?>'> /<input type='text' name='dob_month' maxlength='2' size='1' value='<?php if ($dob_month) echo $dob_month; else echo "MM";?>'> / <input type='text' name='dob_day' maxlength='2' size='1' value='<?php if ($dob_day) echo $dob_day; else echo "DD";?>'> 157. </td> 158. </tr> 159. <tr> 160. <td width='40%' align='right'> 161. <font size='2' face='arial'>Gender: 162. </td> 163. <td> 164. <select name='gender'> 165. <option>Female</option> 166. <option>Male</option> 167. </select> 168. </td> 169. </tr> 170. 171. </table> 172. <div align='right'><input type='submit' name='submit' value='Register'> 173. </form> 174. 175. 176. <?php 177. include("design/footer.php"); 178. 179. ?> 180. The error is on line 101. Help please. Code: [Select] <?php //begin register script $submit = $_POST['submit']; //form data $username= strip_tags ($_POST['username']); $email= strip_tags($_POST['email']); $pwd= strip_tags($_POST['pwd']); $confirmpwd= strip_tags($_POST['confirmpwd']); $date = date("Y-m-d"); if ($submit) { //check for required form data if($username&&$pwd&&$confirmpwd&&$email) { //encrypt password $pwd = md5($pwd); $confirmpwd =md5($pwd); //check if passwords match if ($pwd==$confirmpwd) { //check length of username if (strlen($username)>25||strlen($username)>25) { echo "length of username is too long"; } else { //check password length if(strlen($pwd)>25||strlen($pwd)<6) { echo"password must be between 6 and 25 characters"; } else { //register the user } else echo "your passwords do not match"; } else echo "please fill in all fields"; } ?> Hi, I have taken the step of writing my site in MySQLi instead of MYSQL as advised. However, I had a script that I got off the internet, the original file works great and registers the user to the database. However the edited version of the script, where I have added more information such as the users address etc, no longer works. I have compared the two files and can't seem to find the problem. When the script is run, it skips all the registration part and jumps to the last error in the script saying 'You Could Not Be Registered Because Of Missing Data.'. All the variables match the column names in the database.
Here is the original working script
<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
// some error checking
/*
if($_POST['reg']){
echo "form submitted";
}else{ echo "form not submitted"; }
*/
if( isset( $_POST['user'] ) && isset( $_POST['pass'] ) && isset( $_POST['email'] ) ){
// echo $_POST['user']." - ".$_POST['pass']." - ".$_POST['email'];
if( strlen( $_POST['user'] ) < 5 )
{
include('header.inc');
echo "Username Must Be 5 or More Characters.";
include('footer.inc');
}
elseif( strlen( $_POST['pass'] ) < 5 )
{
include('header.inc');
echo "Password Must Be 5 or More Characters.";
include('footer.inc');
}
elseif( $_POST['pass'] == $_POST['user'] )
{
include('header.inc');
echo "Username And Password Can Not Be The Same.";
include('footer.inc');
}
elseif( $_POST['email'] == "" )
{
//More secure to use a regular expression to check that the user is entering a valid email
// versus just checking to see if the field is empty
include('header.inc');
echo "Email must be valid.";
include('footer.inc');
}
else
{
require( 'database.php' );
$username = mysqli_real_escape_string($con, $_POST['user']);
//Remove md5() function if not using encryption i.e. $password = $_POST['pass'];
$password = mysqli_real_escape_string($con, md5( $_POST['pass']));
$email = mysqli_real_escape_string($con, $_POST['email'] );
$sqlCheckForDuplicate = "SELECT username FROM user WHERE username = '". $username ."'";
//echo "$sqlCheckForDuplicate<br/>";
$result = mysqli_query($con, $sqlCheckForDuplicate);
if(mysqli_num_rows($result) == 0){
//echo "No Duplicates<br/>";
$sqlRegUser = "INSERT INTO user( username, password, email ) VALUES (
'". $username ."',
'". $password ."',
'". $email."'
)";
//echo "$sqlRegUser<br/>";
if( !mysqli_query($con, $sqlRegUser ) )
{
include('header.inc');
echo "You Could Not Register Because Of An Unexpected Error.";
include('footer.inc');
}
else
{
/* Note: When using the header function, you cannot send output to the browser
* before the header function is called. IF you want to echo a message to the
* user before going back to your login page then you should use the HTML
* Meta Refresh tag. */
//echo "You Are Registered And Can Now Login";
//echo " $username"; //this is for error checking
header ('location: login.php');
// if using echo then use meta refresh
/*
*?>
*<meta http-equiv="refresh" content="2;url= login.php/">
*<?
*/
}
mysqli_free_result($result);
}
else
{
include('header.inc');
echo "The Username You Have Chosen Is Already Being Used By Another User. Please Try Another One.";
//echo " $username;" //this is for error checking
include('footer.inc');
}
/* close connection */
mysqli_close($con);
}
}
else
{
include('header.inc');
echo "You Could Not Be Registered Because Of Missing Data.";
include('footer.inc');
}
?>
and here is my version
<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
if( isset( $_POST['user'] ) && isset( $_POST['pass'] ) && isset( $_POST['pass_again'] ) && isset( $_POST['firstname'] ) && isset( $_POST['lastname'] ) && isset( $_POST['email'] ) && isset( $_POST['email_again'] ) && isset( $_POST['address1'] ) && isset( $_POST['address2'] ) && isset( $_POST['town'] ) && isset( $_POST['county'] ) && isset( $_POST['postcode'] ) && isset( $_POST['business'] ) && isset( $_POST['vat_registered'] ) && isset( $_POST['vat_number'] )) {
if( strlen( $_POST['user'] ) < 5 )
{
include('includes/overall/header.php');
echo "Username Must Be 5 or More Characters.";
include('includes/overall/footer.php');
}
elseif( strlen( $_POST['pass'] ) < 5 )
{
include('includes/overall/header.php');
echo "Password Must Be 5 or More Characters.";
include('includes/overall/footer.php');
}
elseif( $_POST['pass'] == $_POST['user'] )
{
include('includes/overall/header.php');
echo "Username And Password Can Not Be The Same.";
include('includes/overall/footer.php');
}
elseif( $_POST['pass_again'] == "" )
{
include('includes/overall/header.php');
echo "Passwords must match";
include('includes/overall/footer.php');
}
// CREATE BETTER EMAIL CHECK
elseif( $_POST['email'] == "" )
{
include('includes/overall/header.php');
echo "Email must be valid.";
include('includes/overall/footer.php');
}
elseif( $_POST['email_again'] == "" )
{
include('includes/overall/header.php');
echo "Emails must match.";
include('includes/overall/footer.php');
}
elseif( $_POST['address_1'] == "" )
{
include('includes/overall/header.php');
echo "Address cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['address_2'] == "" )
{
include('includes/overall/header.php');
echo "Address cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['town'] == "" )
{
include('includes/overall/header.php');
echo "Town cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['county'] == "" )
{
include('includes/overall/header.php');
echo "County cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['postcode'] == "" )
{
include('includes/overall/header.php');
echo "Postcode cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['business'] == "" )
{
include('includes/overall/header.php');
echo "Business cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['vat_registered'] == "" )
{
include('includes/overall/header.php');
echo "VAT Registered cannot be empty";
include('includes/overall/footer.php');
}
elseif( $_POST['vat_number'] == "" )
{
include('includes/overall/header.php');
echo "VAT number cannot be empty, please enter N/A if not VAT registered.";
include('includes/overall/footer.php');
}
else
{
require( 'database.php' );
$username = mysqli_real_escape_string($con, $_POST['user']);
//Remove md5() function if not using encryption i.e. $password = $_POST['pass'];
$password = mysqli_real_escape_string($con, md5( $_POST['pass']));
$password_again = mysqli_real_escape_string($con, md5( $_POST['pass_again']));
$firstname = mysqli_real_escape_string($con, $_POST['firstname']);
$lastname = mysqli_real_escape_string($con, $_POST['lastname']);
$email = mysqli_real_escape_string($con, $_POST['email'] );
$email_again = mysqli_real_escape_string($con, $_POST['email_again']);
$address_1 = mysqli_real_escape_string($con, $_POST['address_1']);
$address_2 = mysqli_real_escape_string($con, $_POST['address_2']);
$town = mysqli_real_escape_string($con, $_POST['town']);
$county = mysqli_real_escape_string($con, $_POST['county']);
$postcode = mysqli_real_escape_string($con, $_POST['postcode']);
$business = mysqli_real_escape_string($con, $_POST['business']);
$vat_registered = mysqli_real_escape_string($con, $_POST['vat_registered']);
$vat_number = mysqli_real_escape_string($con, $_POST['vat_number']);
$sqlCheckForDuplicate = "SELECT username FROM user WHERE username = '". $username ."'";
//echo "$sqlCheckForDuplicate<br/>";
$result = mysqli_query($con, $sqlCheckForDuplicate);
if(mysqli_num_rows($result) == 0){
//echo "No Duplicates<br/>";
$sqlRegUser = "INSERT INTO user( username, password, password_again, firstname, lastname, email, email_again, address_1, address_2, town, county, postcode, business, vat_registered, vat_number ) VALUES (
'". $username ."',
'". $password ."',
'". $password_again ."',
'". $firstname ."',
'". $lastname ."',
'". $email ."',
'". $email_again ."',
'". $address_1 ."',
'". $address_2 ."',
'". $town ."',
'". $county ."',
'". $postcode ."',
'". $business ."',
'". $vat_registered ."',
'". $vat_number."'
)";
//echo "$sqlRegUser<br/>";
if( !mysqli_query($con, $sqlRegUser ) )
{
include('includes/overall/header.php');
echo "You Could Not Register Because Of An Unexpected Error.";
include('includes/overall/footer.php');
}
else
{
header ('location: login.php');
}
mysqli_free_result($result);
}
else
{
include('includes/overall/header.php');
echo "The Username You Have Chosen Is Already Being Used By Another User. Please Try Another One.";
//echo " $username;" //this is for error checking
include('includes/overall/footer.php');
}
/* close connection */
mysqli_close($con);
}
}
else
{
include('includes/overall/header.php');
echo "You Could Not Be Registered Because Of Missing Data.";
include('includes/overall/footer.php');
}
?>
Error reporting is switched on, I just cant see the problem. Any help is much appreciated :)
Hey I would just like to release a simple login/register script that will work just fine and has some nice systems in it. The Login. (I will post the code then below tell you what you need to do to get it to work with MYSQL DATABASE) Create a file and call it login with the suffix .php so if you have file extensions showing on your computer it will look like "login.php" then put this code inside of it. Code: [Select] <?php session_start(); ?> <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_SESSION['user_id'])){ redirect_to("staff.php"); } ?> <?php if (isset($_POST['submit'])){ $errors = array(); // Perform validations on the form $required_fields = array('username', 'password'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); if (empty($errors)){ // Checks database to see if username and password exist their $query = "SELECT id, username FROM users WHERE username='$username' AND hashed_password='$hashed_password' LIMIT 1"; $result_set = mysql_query($query, $connection); if(!$result_set){ die("Database Query Failed: " . mysql_error()); } if (mysql_num_rows($result_set) == 1) { // The Username and Password have been found in the database and the user is verified // Only 1 Match $found_user = mysql_fetch_array($result_set); $_SESSION['user_id'] = $found_user['id']; $_SESSION['username'] = $found_user['username']; redirect_to("staff.php"); }else{ // Username and Password was not found in the database. $message = "Username/Password Combination Incorrect.<br/>Please make sure your caps lock key is off and try again."; echo $message; } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ // The Form Has Not Been Submitted if(isset($_GET['logout']) && $_GET['logout'] == 1){ echo "You Are Now Logged Out"; } if(isset($_GET['nowlogged']) && $_GET['nowlogged'] == 1){ echo "You Need to Login to reach this page."; } $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="login.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /><br /> <input type="submit" name="submit" value="Login" /><br /> </form> <p>Haven't got an account? register <a href="register.php">here!</a></p> </body> </html> Now once you have a file called "login.php" with the above code inside of it you will need to goto your mysql database and create a database with a table that has 3 fields in the following format. - id - int(11) - Auto increment - username - varchar(50) - hashed_password - varchar(40) Now search for this in the login.php code Code: [Select] define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); And This: Code: [Select] $db_select = mysql_select_db("bcooperz", $connection); And change these to your settings. Once you have done all this create a new file called register with the suffix .php as well so if you have file extensions turned on it will look like "register.php" And add this code inside it: Code: [Select] <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } ?> <?php define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","maxcooper"); define("DB_NAME","bcooperz"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_POST['submit'])){ $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); $confirmpass=$_POST['confirmpass']; $query2 = "SELECT * FROM users WHERE username='$username'"; $result2 = mysql_query($query2); $counted=mysql_num_rows($result2); $errors = array(); // Perform validations on the form $required_fields = array('username', 'password', 'confirmpass'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } if($confirmpass!=$_POST['password']){ $errors[] = "passdifference"; } if($counted > 0){ $errors[] = "User Already Created"; } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } /* The Form Has Been Submitted */ if (empty($errors)){ $query = "INSERT INTO users (username,hashed_password) VALUES ('{$username}', '{$hashed_password}')"; $result = mysql_query($query, $connection); if($result){ echo "User Successfully Created"; }else{ echo "The User Could Not Be Created" . "<br />"; echo mysql_error(); } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ /* The Form Has Not Yet Been Submitted */ $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="register.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /> Confirm Password: <input type="password" name="confirmpass" maxlength="30" value="" /><br /><br /> <input type="submit" name="submit" value="Register" /><br /> </form> <p>Already have a account? login here <a href="login.php">here!</a></p> </body> </html> Once you have done that and you have a file called "register.php" you will need to perform the final step which will be changing the database details once again on the second file ("register.php"). Thanks, Bcooperz. Please tell me if this works here is my code: Code: [Select] function registerUser() { mysql_connect('localhost', 'user', 'password', 'table'); $rsPostCode = $_POST['rsPostCode']; $rsGender = $_POST['rsGender']; $rsUser = $_POST['rsUser']; $rsPass = $_POST['rsPass']; $rsEmail = $_POST['rsEmail']; $rsMobile = $_POST['rsMobile']; $rsAge = $_POST['rsAge']; $sql = "INSERT INTO members_copy (rsPostCode, rsGender, rsUser, rsPass, rsEmail, rsMobile, rsAge) VALUES ($rsPostCode, $rsGender, $rsUser, $rsPass, $rsEmail, $rsMobile, $rsAge);"; //echo $sql; mysql_query($sql); } When I write out my SQL this is the output: INSERT INTO members_copy (rsPostCode, rsGender, rsUser, rsPass, rsEmail, rsMobile, rsAge) VALUES (BN11, Male, jarv, mypassword, john@email.com, 07998989999, 08/11/1978); here is my register page: http://www.retroandvintage.co.uk/register.php This is my registering script: <?php include('connectvars.php'); $user_email = strip_tags(trim($_POST['email'])); $firstname = strip_tags(trim($_POST['firstname'])); $lastname = strip_tags(trim($_POST['lastname'])); $nickname = strip_tags(trim($_POST['nickname'])); $password = strip_tags($_POST['password']); $repassword = strip_tags($_POST['repassword']); $dob = $_POST['dob']; $find_us_question = strip_tags(trim($_POST['find_us_question'])); if (isset($_POST['submit_signup'])) { if ((empty($user_email)) || (empty($firstname)) || (empty($lastname)) || (empty($nickname)) || (empty($password)) || (empty($dob))) { echo "Please fill out all the fields!"; } else { // check char length of input data if (($nickname > 30) || ($firstname > 30) || ($lastname > 30) || ($user_email > 50)) { echo "Your nickname, first- and/or lastname seem to be too long, please make sure you have them below the maximum allowed length of 30 characters!"; } else { // check password char length if (($password > 25) || ($password < 6)) { echo "Your password must be between 6 and 25 characters!"; } else { // encrypt password $password = sha1($password); $repassword = sha1($repassword); if ($password != $repassword) { echo "Please make sure your passwords are matching!"; } else { $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $query = sprintf("INSERT INTO user (firstname, lastname, nickname, password, email, dob, doj) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', now())", mysqli_real_escape_string($dbc, $firstname), mysqli_real_escape_string($dbc, $lastname), mysqli_real_escape_string($dbc, $nickname), mysqli_real_escape_string($dbc, $password), mysqli_real_escape_string($dbc, $user_email), $dob); mysqli_query($dbc, $query); mysqli_close($dbc); echo "You have been successfully registered!"; } } } } } ?> A bunch of nested if statements, the read-ability gets worse after a while, I'm new to programming so I don't know if there's a better more read-able solution. Anyway, every time I try to sign up it's printing out the echo message: "Your password must be between 6 and 25 characters!" Which derives from: // check password char length if (($password > 25) || ($password < 6)) { echo "Your password must be between 6 and 25 characters!"; } else { EVEN if I stay between 6 and 25 characters it's still printing out this error message, let's say I have a password of 8 characters, and I've entered everything else correctly, it's still giving me all the time this error message, and I can not figure out why. Hello, I changed my register table and it seems to have made it stop working, All's i changed is the layout of the 'Username, Email' etc so it looks better, nothing else, but the register button aint working!! Old Code: Code: [Select] <table width="700" height="900" background="registerpic.jpg"> <tr valign="middle"> <td align="center"> <br> <div align="center" class="style4"> <? echo REGIS ?></div> <table width="28%" border="0" align="center" cellpadding="0" cellspacing="0"> <form action="" method="post"> <tr> <td><div align="right" class="style6 style1"><strong><? echo USEE ?></strong></div></td> <td width="9">:</td> <td width="192"><div align="left"> <input name="reg_username" type="text" class="input" id="reg_username" value="" size="32" maxlength="64"> </div></td> </tr> <tr> <td><div align="right" class="style6 style1"><strong><? echo PASSS ?></strong></div></td> <td><span class="style6 style1"><strong>:</strong></span></td> <td><div align="left"> <input name="reg_password" type="password" class="input" id="reg_password" value="" size="32" maxlength="40"> </div></td> </tr> <tr> <td><div align="right" class="style6 style1"><strong><? echo CONPASS ?></strong></div></td> <td><span class="style6 style1"><strong>:</strong></span></td> <td><div align="left"> <input name="reg_password2" type="password" class="input" id="reg_password2" value="" size="32" maxlength="40"> </div></td> </tr> <tr> <td><div align="right" class="style6 style1"><strong><? echo EM ?></strong></div></td> <td><span class="style6 style1"><strong>:</strong></span></td> <td><div align="left"> <input name="email" type="text" class="input" id="username3" value="" size="32" maxlength="150" > </div></td> </tr> <tr> <td><div align="right" class="style6 style1"><strong><? echo GENDER ?></strong></div></td> <td><span class="style6 style1"><strong>:</strong></span></td> <td><div align="left"> <select name="gender" class="input" id="starting" > <option value="Male"><? echo MALE ?></option> <option value="Female"><? echo FEMALE ?></option> </select> </div></td> </tr> <tr> <td><div align="right" class="style6 style1"><strong><? echo LANGU ?></strong></div></td> <td><span class="style6 style1"><strong>:</strong></span></td> <td><div align="left"> <select name="lang" class="input" id="starting" > <option value="English"><? echo ENG ?></option> <option value="Turkish"><? echo TR ?></option> </select> </div></td> </tr> <tr> <td><div align="right" class="style5"><? echo START ?></div></td> <td><span class="style6 style1"><strong>:</strong></span></td> <td><div align="left"> <select name="location" class="input" id="starting" > <option value="England" selected>England</option> <option value="Japan">Japan</option> <option value="Colombia">Colombia</option> <option value="Usa">Usa </option> <option value="Russia">Russia </option> <option value="Italy">Italy</option> <option value="Turkey">Turkey</option> </select> <input type="hidden" name="ref" value="<?php echo "$_GET[ref]"; ?>"> </div></td> </tr> <tr> <td colspan="3"><div align="center"> <p style="display: inline"> </p> <p style="display: inline"><em><strong> <? echo SEC ?> </strong></em></p> </div></td> </tr><tr> <td colspan="2" class="TableArea"><img src="eng/CaptchaSecurityImages.php" width="171" height="50" /></td> <td class="TableArea" valign="top"><fieldset> <legend><font color="#6F6F6F"><b><? echo SECC ?></b>:</font></legend> <span class="tablearea"> <input id="security_code" class="button" name="security_code" size="20" type="text"/> </span> <span style="display: inline"> <input name=Submit type=submit value= <? echo REGGG ?> > </span> </fieldset></td> </tr> <tr> <td colspan="3"><div align="center"></div></td> </tr> </table> <center><p><b><font color= "ffffff"><? echo "$message"; ?></font></p> <p> </p></td> <a href='register.php'><font size="1" color="#CCCCCC"><b><a href='index.php'>Home</a> - <a href='lost2.php'>Lost Password</a> - <a href='screens.php'>Screenshots</a></b></i></font> <td align="center" width="238"></form> </table> New Code: Code: [Select] <div id="main"> <img src="images/register(1).jpg"> <form action="" method="post"> <div id="register_table"> <div class="row"> <div class="title_column">Username</div> <div class="space_column">~</div> <div class="input_column"><input type="text" name="reg_username" id="reg_username" value="" class="text" /></div> </div> <div class="row"> <div class="title_column">Email</div> <div class="space_column">~</div> <div class="input_column"><input type="text" name="username3" id="username3" value="" class="text" /></div> </div> <div class="row"> <div class="title_column">Password</div> <div class="space_column">~</div> <div class="input_column"><input type="text" name="reg_password" id="reg_password" value="" class="text" /></div> </div> <div class="row"> <div class="title_column">Retype Pass</div> <div class="space_column">~</div> <div class="input_column"><input type="text" name="reg_password2" id="reg_password2" value="" class="text" /></div> </div> <div class="row"> <div class="title_column">Gender</div> <div class="space_column">~</div> <div class="input_column"><select name="gender" style="font-size:9px;font-family:Tahoma;width:130px;"><option value="Male">Male</option><option value="Female">Female</option></select></div> </div> <div class="row"> <div class="title_column">Location</div> <div class="space_column">~</div> <div class="input_column"><select name="starting" style="font-size:9px;font-family:Tahoma;width:130px;"><option value="England">England</option><option value="Japan">Japan</option><option value="Colombia">Colombia</option><option value="USA">USA</option><option value="Russia">Russia</option><option value="Italy">Italy</option><option value="Turkey">Turkey</option></select></div> </div> <div class="row"> <div class="title_column" style="padding-top: 2px; margin-top: 2px;"><img src="eng/CaptchaSecurityImages.php" alt="Verify" /></div> <div class="space_column">~</div> <div class="input_column"><input type="text" name="security_code" id="security_code" value="" class="text" /></div> </div> <br /> <div style="text-align:center;"><input type="submit" name="submit" value="<? echo Register ?>" class="submit" /> </div> <? echo "$message"; ?> </form></div> Thanks Guys! Ok so im working on this register script and trying to implement a select value field along with a email field and password field. At the moment i have given it my best shot and typed in most of the code, although im still not satisfied with the outcome. For example: When i type in a correct email with a legit password, and i DONT select one of the drop down options, i want it to say the error: "Please type in all fields.". This would be vise versa for each other field also! If the user again types in a legit email and password, and selects a value from the dropdown menu, but is already registered in the database, i would want another error message saying: "This club has already been registered to the database". I given it my best shot but simply not getting the above result. <?php include"database.php";?> <html><head><title>Register</title></head><body><h1>Register</h1><form name="register" action="register.php" method="post">Email: <input type="text" name="email"><br>Password: <input type="password" name="password"><br>Club: <select name="club"> <option value="">Select...</option> <option value="npob">Old Boys</option> <option value="tukupa">Tukupa</option> <option value="coastal">Coastal</option> <option value="inglewood">Inglewood</option> <option value="clifton">Clifton</option> <option value="stratford">Stratford</option> <option value="hawera">Hawera</option> </select><br><input type='submit' name='submit' value='Submit'></form> <?php if (isset($_POST['submit'])) { if (empty($_POST['email']) && empty($_POST['password']) && empty($_POST['club'])) { $errors[] = "Please fill out all fields."; } $email = addslashes(strip_tags($_POST['email'])); $password = addslashes(strip_tags($_POST['password'])); $club = addslashes(strip_tags($_POST['club'])); if (!empty($email)) { if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $errors[] = "This email address is not valid."; } } if (!empty($password)){ if (strlen($password)>25 || strlen($password)<6) { $errors[] = "Password must be betwen 6 and 25 characters.<br>"; } } if (!empty($club)){ $errors[] = "Please select a Club.<br>"; } $check = mysql_query("SELECT * FROM users WHERE email='".$email."'"); if (mysql_num_rows($check)>=1) { $errors[] = "Email is already taken!"; } $check = mysql_query("SELECT * FROM users WHERE club='".$club."'"); if (mysql_num_rows($check)>=1) { $errors[] = "Sorry this club has already been registered with the NZRU."; } if (empty($errors)) { $register = mysql_query("INSERT INTO users (email, password, club, level) VALUES ('".$email."', '".md5($password)."', '".$club."', '')"); echo "You have succesfully registered!"; } else { foreach($errors as $nErrors){ echo $nErrors . "<br>"; } } } ?>() Thankyou. Hi everyone, im working on a e comm site as a project. I have a register.php page, and its supposed to check for the presence of posted data, and if data is not posted show a form block,and if posted data is present insert it into a database. However its not working,i get an unexpected } on line 114, where there is a }else{ . I've only been working with php a few days, but from what i've read the braces seem where they should be,can someone please tell me where the problem is? <script language="JavaScript" type="text/javascript" src="library/checkout.js"></script> <?php //set up a couple of functions function doDB() { global $mysqli; //connect to server and select database; you may need it $mysqli = mysqli_connect("localhost", "root", "", "onlinestore"); } //determine if they need to see the form or not if (!$_POST) { //they need to see the form, so create form block $display_block = " <form name=\"register\" method=\"post\"action=\"index.php?r=1\"\ id=\"register\"> <table width=\"550\" border=\"0\" align=\"center\" cellpadding=\"5\" cellspacing=\"1\" class=\"entryTable\"> <tr class=\"entryTableHeader\"> <td colspan=\"2\">Login Details</td> </tr> <tr> <td width=\"150\" class=\"label\">Email</td> <td class=\"content\"><input name\=\"txtEmail\" type=\"text\" class=\"box\" id=\"txtEmail\" size=\"30\" maxlength=\"50\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Password</td> <td class=\"content\"><input name=\"txtPassword\" type=\"password\" class=\"box\" id=\"txtPassword\" size=\"30\" maxlength=\"50\"></td> </tr> </table> <p> </p> <table width=\"550\" border=\"0\" align=\"center\" cellpadding=\"5\" cellspacing=\"1\" class=\"entryTable\"> <tr class=\"entryTableHeader\"> <td colspan=\"2\">Shipping Information</td> </tr> <tr> <td width=\"150\" class=\"label\">First Name</td> <td class=\"content\"><input name=\"txtShippingFirstName\" type=\"text\" class=\"box\" id=\"txtShippingFirstName\" size=\"30\" maxlength=\"50\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Last Name</td> <td class=\"content\"><input name=\"txtShippingLastName\" type=\"text\" class=\"box\" id=\"txtShippingLastName\" size=\"30\" maxlength=\"50\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Address1</td> <td class=\"content\"><input name=\"txtShippingAddress1\" type=\"text\" class=\"box\" id=\"txtShippingAddress1\" size=\"50\" maxlength=\"100\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Address2</td> <td class=\"content\"><input name=\"txtShippingAddress2\" type=\"text\" class=\"box\" id=\"txtShippingAddress2\" size=\"50\" maxlength=\"100\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Phone Number</td> <td class=\"content\"><input name=\"txtShippingPhone\" type=\"text\" class=\"box\" id=\"txtShippingPhone\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Area</td> <td class=\"content\"><input name=\"txtShippingState\" type=\"text\" class=\"box\" id=\"txtShippingState\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">City</td> <td class=\"content\"><input name=\"txtShippingCity\" type=\"text\" class=\"box\" id=\"txtShippingCity\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Post Code</td> <td class=\"content\"><input name=\"txtShippingPostalCode\" type=\"text\" class=\"box\" id=\"txtShippingPostalCode\" size=\"10\" maxlength=\"10\"></td> </tr> </table> <p> </p> <table width=\"550\" border=\"0\" align=\"center\" cellpadding=\"5\" cellspacing=\"1\" class=\"entryTable\"> <tr class=\"entryTableHeader\"> <td width=\"150\">Payment Information</td> <td><input type=\"checkbox\" name=\"chkSame\" id=\"chkSame\" value=\"checkbox\" onClick=\"setPaymentInfo(this.checked);\"> <label for=\"chkSame\" style=\"cursor:pointer\">Same as shipping information</label></td> </tr> <tr> <td width=\"150\" class=\"label\">First Name</td> <td class=\"content\"><input name=\"txtPaymentFirstName\" type=\"text\" class=\"box\" id=\"txtPaymentFirstName\" size=\"30\" maxlength=\"50\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Last Name</td> <td class=\"content\"><input name=\"txtPaymentLastName\" type=\"text\" class=\"box\" id=\"txtPaymentLastName\" size=\"30\" maxlength=\"50\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Address1</td> <td class=\"content\"><input name=\"txtPaymentAddress1\" type=\"text\" class=\"box\" id=\"txtPaymentAddress1\" size=\"50\" maxlength=\"100\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Address2</td> <td class=\"content\"><input name=\"txtPaymentAddress2\" type=\"text\" class=\"box\" id=\"txtPaymentAddress2\" size=\"50\" maxlength=\"100\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Phone Number</td> <td class=\"content\"><input name=\"txtPaymentPhone\" type=\"text\" class=\"box\" id=\"txtPaymentPhone\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Area</td> <td class=\"content\"><input name=\"txtPaymentState\" type=\"text\" class=\"box\" id=\"txtPaymentState\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">City</td> <td class=\"content\"><input name=\"txtPaymentCity\" type=\"text\" class=\"box\" id=\"txtPaymentCity\" size=\"30\" maxlength=\"32\"></td> </tr> <tr> <td width=\"150\" class=\"label\">Post Code</td> <td class=\"content\"><input name=\"txtPaymentPostalCode\" type=\"text\" class=\"box\" id=\"txtPaymentPostalCode\" size=\"10\" maxlength=\"10\"></td> </tr> </table> <p> </p> <p> </p> <p align=\"center\"> <input class=\"box\" name=\"btnStep1\" type=\"submit\" id=\"btnStep1\" value=\"Proceed >>\"> </p> </form>" } else { //connect to database doDB(); //add records $add_sql = "INSERT INTO tbl_customer (email) VALUES('".$_POST["txtEmail"]."')"; $add_sql = "INSERT INTO tbl_customer (password) VALUES('".$_POST["txtPassword"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_first_name) VALUES('".$_POST["txtShippingFirstName"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_last_name) VALUES('".$_POST["txtShippingLastName"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_address1) VALUES('".$_POST["txtShippingAddress1"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_address2) VALUES('".$_POST["txtShippingPhone"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_phone) VALUES('".$_POST["txtShippingState"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_city) VALUES('".$_POST["txtShippingCity"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_state) VALUES('".$_POST["txtShippingState"]."')"; $add_sql = "INSERT INTO tbl_customer (od_shipping_postal_code) VALUES('".$_POST["txtShippingPostalCode"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_first_name) VALUES('".$_POST["txtPaymentFirstName"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_last_name) VALUES('".$_POST["txtPaymentLastName"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_address1) VALUES('".$_POST["txtPaymentAddress1"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_address2) VALUES('".$_POST["txtPaymentPhone"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_phone) VALUES('".$_POST["txtPaymentState"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_city) VALUES('".$_POST["txtPaymentCity"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_state) VALUES('".$_POST["txtPaymentState"]."')"; $add_sql = "INSERT INTO tbl_customer (od_payment_postal_code) VALUES('".$_POST["txtPaymentPostalCode"]."')"; $add_res = mysqli_query($mysqli, $add_sql) or die(mysqli_error($mysqli)); $display_block = "<p>Thanks for signing up!</p>"; } ?> Hi can someone pls help, im tryin a tutorial but keep getting errors, this is the first one i get after registering. You Are Registered And Can Now Login Warning: Cannot modify header information - headers already sent by (output started at /home/aretheyh/public_html/nealeweb.com/regcheck.php:43) in /home/aretheyh/public_html/nealeweb.com/regcheck.php on line 46 I have a simple register script and some weird things are happening. If i leave blank password or repeat_password then code is still executed. Why? I can't seem to find any mistakes in the code. (only when username is empty then i get "You need to fill everything"). Code: [Select] <?php $submit = $_POST['submit']; $username = strip_tags($_POST['username']); $password = md5(strip_tags($_POST['password'])); $repeat_password = md5(strip_tags($_POST['repeat_password'])); require("connect.php"); if ($submit) { if (!empty($username) && !empty($password) && !empty($repeat_password)) { mysql_query("INSERT INTO users2 VALUES ('', '$username', '$password', '1000', '0', '0','', '', '')"); echo "You are registered <br />Your username is "."<b>$username</b>"."<br /> You may now <a href='index.php'> login </a>"; } else { echo "You have not filled everything."; } } ?> Hi, I'm looking to change my 'Dead' page on my Mafia game to enable users to register a new account as soon as they log in to their dead one. I would like them to be able to just enter a new Username and then the email, password etc stay the same. Is this possible? Just ask for any parts of the register code you guys need. Thanks in advance,. Hello everyone, I want to make a re-register script that enables a user to re-register once killed.... BUT keep the same email, same profile pic, same profile quote, same friends and a few other things.... BUT register new username etc. Any help would be great. Hi, I created a previous thread but the problems were too confusing so I've started this thread again. I have a register form and it's supposed to validate if fields are empty. If fields are not empty, it should enter data on submit, into the table. The problem: The form is able to submit without validation and the data does not enter the table. The code: Code: [Select] <?php require_once('./includes/connectvars.php'); // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if (isset($_POST['submit'])) { // Grab the profile data from the POST $username = mysqli_real_escape_string($dbc, trim($_POST['username'])); $password1 = mysqli_real_escape_string($dbc, trim($_POST['password1'])); $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2'])); $firstname = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); $lastname = mysqli_real_escape_string($dbc, trim($_POST['last_name'])); if (!empty($username) && !empty($password1) && !empty($password2) && ($password1 == $password2) && !empty($firstname) && !empty($lastname)) { // Make sure someone isn't already registered using this username $query = "SELECT * FROM cuser WHERE username = '$username'"; $data = mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 0) { // The username is unique, so insert the data into the database $query = "INSERT INTO cuser (username, password, join_date, first_name, last_name) VALUES ('$username', SHA('$password1'), NOW(), '$firstname', '$lastname')"; mysqli_query($dbc, $query); // Confirm success with the user echo '<p>Your new account has been successfully created. You\'re now ready to <a href="login.php">log in</a>.</p>'; mysqli_close($dbc); exit(); } else { // An account already exists for this username, so display an error message echo '<p class="error">An account already exists for this username. Please use a different address.</p>'; $username = ""; } } else { echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>'; } } mysqli_close($dbc); ?> <p>Please enter your username and desired password to sign up to Mismatch.</p> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <legend>Registration Info</legend> <label for="username">Username:</label> <input type="text" id="username" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br /> <label for="password1">Password:</label> <input type="password" id="password1" name="password1" /><br /> <label for="password2">Password (retype):</label> <input type="password" id="password2" name="password2" /><br /> <label for="first_name">first name:</label> <input type="text" id="first_name" name="first_name" /><br /> <label for="last_name">last name:</label> <input type="text" id="last_name" name="last_name" /><br /> <input type="submit" value="Sign Up" name="submit" /> </form> </body> </html> Any ideas on what the problem is? I've sent my sessions in another file. Hi there, There's something wrong with this register form, it's submitting without validation. Code: [Select] <?php require_once('./includes/connectvars.php'); // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if (isset($_POST['submit'])) { // Grab the profile data from the POST $username = mysqli_real_escape_string($dbc, trim($_POST['username'])); $password1 = mysqli_real_escape_string($dbc, trim($_POST['password1'])); $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2'])); $firstname = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); $lastname = mysqli_real_escape_string($dbc, trim($_POST['last_name'])); if (!empty($username) && !empty($password1) && !empty($password2) && ($password1 == $password2) && !empty($firstname) && !empty($lastname)) { // Make sure someone isn't already registered using this username $query = "SELECT * FROM users WHERE username = '$username'"; $data = mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 0) { // The username is unique, so insert the data into the database $query = "INSERT INTO users (username, password, join_date, first_name, last_name) VALUES ('$username', SHA('$password1'), NOW(), '$firstname', '$lastname')"; mysqli_query($dbc, $query); // Confirm success with the user echo '<p>Your new account has been successfully created. You\'re now ready to <a href="login.php">log in</a>.</p>'; mysqli_close($dbc); exit(); } else { // An account already exists for this username, so display an error message echo '<p class="error">An account already exists for this username. Please use a different address.</p>'; $username = ""; } } else { echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>'; } } mysqli_close($dbc); ?> <p>Please enter your username and desired password to sign up to Mismatch.</p> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <legend>Registration Info</legend> <label for="username">Username:</label> <input type="text" id="username" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br /> <label for="password1">Password:</label> <input type="password" id="password1" name="password1" /><br /> <label for="password2">Password (retype):</label> <input type="password" id="password2" name="password2" /><br /> <label for="first_name">first name:</label> <input type="text" id="first_name" name="first_name" /><br /> <label for="last_name">last name:</label> <input type="text" id="last_name" name="last_name" /><br /> <input type="submit" value="Sign Up" name="submit" /> </form> </body> </html> I've had this problem for a while now and can't figure it out, any suggestions are appreciated. Thank you. Okay, I downloaded a PHP Script called RadiPanel which is a User System type thing and uploaded and installed it to my website. Now The problem with RadiPanel is, I have to add users/members to it as there is no registration process. So within the Admin page on RadiPanel I have taken the script out, now when I try view it as a "non logged in" user it just shows a white blank page, I was wondering if anyone here could determine just from the code below what I have to take out/delete in order for the public to view the page fully? Thanks guys Code: [Select] <?php if( !preg_match( "/index.php/i", $_SERVER['PHP_SELF'] ) ) { die(); } if( $_GET['id'] ) { $id = $core->clean( $_GET['id'] ); $query = $db->query( "SELECT * FROM users WHERE id = '{$id}'" ); $data = $db->assoc( $query ); $data['ugroups'] = explode( ",", $data['usergroups'] ); $editid = $data['id']; } ?> <form action="" method="post" id="addUser"> </div> <?php if( $_POST['submit'] ) { try { $username = $core->clean( $_POST['username'] ); $password = $core->clean( $_POST['password'] ); $email = $core->clean( $_POST['email'] ); $habbo = $core->clean( $_POST['habbo'] ); $dgroup = $core->clean( $_POST['dgroup'] ); $query = $db->query( "SELECT * FROM usergroups" ); while( $array = $db->assoc( $query ) ) { if( $_POST['ugroup-' . $array['id']] ) { $ugroups .= $array['id'] . ","; } } $password_enc = $core->encrypt( $password ); if( !$username or ( !$password and !$editid ) or !$dgroup or !$ugroups ) { throw new Exception( "All fields are required." ); } else { if( $editid ) { if( $password ) { $password = ", password = '{$password_enc}'"; } else { unset( $password ); } $db->query( "UPDATE users SET username = '{$username}'{$password}, email = '{$email}', habbo = '{$habbo}', displaygroup = '{$dgroup}', usergroups = '{$ugroups}' WHERE id = '{$editid}'" ); } else { $db->query( "INSERT INTO users VALUES (NULL, '{$username}', '{$password_enc}', '{$email}', '{$habbo}', '{$dgroup}', '{$ugroups}');" ); } echo "<div class=\"square good\">"; echo "<strong>Success</strong>"; echo "<br />"; echo "User added!"; echo "</div>"; } } catch( Exception $e ) { echo "<div class=\"square bad\">"; echo "<strong>Error</strong>"; echo "<br />"; echo $e->getMessage(); echo "</div>"; } } ?> <table width="100%" cellpadding="3" cellspacing="0"> <?php $query = $db->query( "SELECT * FROM usergroups" ); while( $array = $db->assoc( $query ) ) { if( in_array( $array['id'], $data['ugroups'] ) ) { $groups[$array['id'] . '_active'] = $array['name']; } else { $groups[$array['id']] = $array['name']; } if( $array['id'] == $data['displaygroup'] ) { $dgroups[$array['id'] . '_active'] = $array['name']; } else { $dgroups[$array['id']] = $array['name']; } } echo $core->buildField( "text", "required", "username", "Username", "The new username.", $data['username'] ); echo $core->buildField( "password", "<?php if( !$editid ) { ?>required<?php } ?>", "password", "Password", "The new password." ); echo $core->buildField( "text", "", "email", "Email", "The new email (optional).", $data['email'] ); echo $core->buildField( "text", "", "habbo", "Habbo name", "The new Habbo name (optional).", $data['habbo'] ); echo $core->buildField( "select", "required", "dgroup", "Display group", "The user's display group.", $dgroups ); echo $core->buildField( "checkbox", "required", "ugroup", "Active usergroups", "The user's active groups.", $groups ); ?> </table> </div> <div class="box" align="right"> <input class="button" type="submit" name="submit" value="Submit" /> </div> </form> <?php echo $core->buildFormJS('addUser'); ?> I'm trying to make my register script check the database's IP column and compare it with the user's IP. If the User's IP equals that in the DB column, it should say "Sorry, there is already an account registered with your IP Address. Please log in.", and if there's no IP match, it should allow them to continue with registering. I've been tinkering around with this for a while and I can't seem to figure it out. Any help would be appreciated if ($_SERVER['REMOTE_ADDR'] == mysql_query("SELECT ip FROM users")) { die('Sorry, there is already an account registered with your IP Address. Please <a href="/login.php>log in.</a>'); }else{ echo ''; } I think the problem is with the mySQL query... hi guys i need help i started a code of a page Register.php and i need to now what to do now and if this function is 100% ok with the php rules <?php // ---- session_start(); error_reporting(E_ALL); include_once("...\\config.php") //---------------------------------------------------- function getRegisteredBy($Reg); { switch($Reg){ case 0: return "AccountName"; case 1: return "AccountPassword"; case 2: return "AccountEmail"; } } $Reg = mssql_query("INSERT INTO MEMB_INFO (memb___id,memb__pwd,memb_mail,) VALUES ($AccountName,$AccountPassword,$AccountEmail)"); ?> thanks for the help and have a good day Hi nothing seems to work! No error messages appear and no data enters my database! Can people please help me please! Needs to be solved by today! Thanks <?php //connect to db $connect = mysql_connect("l", "", ""); mysql_select_db("", $connect); //if submit button gets pressed if(isset($_POST['submit'])){ //Grab data from the form $username = preg_replace('#[^A-Za-z0-9]#i','', $_POST['username']); // filter everything but letters and numbers $firstname = preg_replace('#[^A-Za-z]#i', '', $_POST['firstname']); // filter everything but Letters $lastname = preg_replace('#[^A-Za-z]#i', '', $_POST['lastname']); // filter everything but Letters $phone = preg_replace('#[^0-9]#i', '', $_POST['phone']); // filter everything but numbers $address= preg_replace('#[^A-Za-z]#i', '', $_POST['address']); // filter everything but Letters $postcode= preg_replace('#[^A-Za-z]#i', '', $_POST['postcode']); // filter everything but Letters $town= preg_replace('#[^A-Za-z]#i', '', $_POST['town']); // filter everything but Letters $housenumber= preg_replace('#[^0-9]#i', '', $_POST['housenumber']); // filter everything but numbers $b_m = preg_replace('#[^0-9]#i', '', $_POST['birth_month']); // filter everything but numbers $b_d = preg_replace('#[^0-9]#i', '', $_POST['birth_day']); // filter everything but numbers $b_y = preg_replace('#[^0-9]#i', '', $_POST['birth_year']); // filter everything but numbers $email1 = mysql_real_escape_string (stripslahes (strip_tags($_POST['email1']))); $email2 = mysql_real_escape_string (stripslahes (strip_tags($_POST['email2']))); $pass1 = md5(mysql_real_escape_string (stripslahes (strip_tags($_POST['pass1'])))); $pass2 = stripslashes(strip_tags($_POST['pass2'])); $emailCHecker = mysql_real_escape_string($email1); $emailCHecker = str_replace("`", "", $emailCHecker); // Database duplicate username check setup for use below in the error handling if else conditionals $sql_uname_check = mysql_query("SELECT username FROM member WHERE username='$username'"); $uname_check = mysql_num_rows($sql_uname_check); // Database duplicate e-mail check setup for use below in the error handling if else conditionals $sql_email_check = mysql_query("SELECT email FROM member WHERE email='$emailCHecker'"); $email_check = mysql_num_rows($sql_email_check); // Convert Birthday to a DATE field type format(YYYY-MM-DD) out of the month, day, and year supplied $dateofbirth = "$b_y-$b_m-$b_d"; //If any errors have been found, DO NOT register the member, and instead, redisplay the form } if (!isset($username) || !isset($firstname) || !isset ($lastname) || !isset($address) || !isset($postcode) || !isset($town) || !isset($b_m) || !isset($b_d) || !isset($b_y) || !isset($email1) || !isset($email2) || !isset($pass1) || !isset($pass2)) { $errorMsg = 'ERROR: You did not submit the following required information:<br /><br />'; if(!isset($username)){ $errorMsg .= ' * User Name<br />'; } if(!isset($firstname)){ $errorMsg .= ' * First Name<br />'; } if(!isset($lastname)){ $errorMsg .= ' * Last Name<br />'; } if(!isset($address)){ $errorMsg .= ' * Address<br />'; } if(!isset($postcode)){ $errorMsg .= ' * postcode<br />'; } if(!isset($town)){ $errorMsg .= ' * town<br />'; } if(!isset($b_m)){ $errorMsg .= ' * Birth Month<br />'; } if(!isset($b_d)){ $errorMsg .= ' * Birth Day<br />'; } if(!isset($b_y)){ $errorMsg .= ' * Birth year<br />'; } if(!isset($email1)){ $errorMsg .= ' * Email Address<br />'; } if(!isset($email2)){ $errorMsg .= ' * Confirm Email Address<br />'; } if(!isset($pass1)){ $errorMsg .= ' * Login Password<br />'; } if(!isset($pass2)){ $errorMsg .= ' * Confirm Login Password<br />'; } if ($email1!= $email2){ $errorMsg.='ERROR: Your email fields below do not match<br />'; } if ($pass1!= $pass2){ $errorMsg.='ERROR: Your password fields below do not match<br />'; } if(strlen($username)<6){ $errorMsg.="<u>ERROR:</u><br/>Your User Name is too short. 6-20 characters please. <br/>"; } if(strlen($username)>20){ $errorMsg.="<u>ERROR:</u><br/>Your User Name is too long. 6-20 characters please. <br/>"; } if($username_check>0){ $errorMsg.="<u>ERROR:</u><br/> Your User Name is already in use inside of our system. Please try another.<br/>"; } if($email_check >0){ $errorMsg.="<u>ERROR:</u><br/>Your Email address is already in use inside of our system. Please use another.<br/>"; } } else{ mysql_query("INSERT INTO member (username, firstname, lastname, email, password, dateofbirth, phone, lastlogin) VALUES('$username','$firstname','$lastname','$email1','$password', '$dateofbirth','$phone', now())") or die (mysql_error()); $sql = mysql_query("INSERT INTO address (address, postcode, town, housenumber) VALUES('$adress','$postcode,'$town','$housenumber'") or die (mysql_error()); mysql_close(); Echo "Welcome to my site, $username! You may now <a href=\"index.php\">login</a>."; } ?> |
|||||||