PHP - Let's Discuss About Registration Form. What's The Best Way To Validate Form?!
Is jquery/Ajax better than real/raw PHP for form validation ?! What if JavaScript is turned off on the browser?! why after someone refreshing a page on the browser, the variables used to echo error after invalid data is being submitted will return the undefined variables error?! And how to handle form validation including an empty form field, maximum amount of value entered and so on Similar TutorialsI'm making a registration form and i want to add a user when i click the registration button, but the user can not already be in the database, i set the user to be unique inside of the database and when i try to add a new user it gives an error message, but instead of that error message i would like to input please enter another user-name or user already exist something like that the error message says duplicate entry 'username' inside of db basically... can someone help me with this ? Hi Guys, This is really stumping me here lol i have set my registration page code to email me when a user signs up (once its entered in the database) code: Code: [Select] <?php if (isset($_POST['submitSignUp'])) { // Errors array() $errors = array(); // POST vars $fName = mysql_real_escape_string($_POST['fname']); $lName = mysql_real_escape_string($_POST['lname']); $email = mysql_real_escape_string($_POST['email']); $pass1 = mysql_real_escape_string($_POST['pass1']); $pass2 = mysql_real_escape_string($_POST['pass2']); $cntry = mysql_real_escape_string($_POST['cntry']); // Does passwords match if ($pass1 != $pass2) { $errors[] = "Your passwords don't match."; } // Potential errors // Empty fields if (empty($fName) || empty($lName) || empty($email) || empty($pass1) || empty($pass2)) { $errors[] = "You never filled in all the fields."; } else { // Does user exist? $result = mysql_query("SELECT * FROM `dig_customers` WHERE `email`='$email' LIMIT 1"); if (mysql_num_rows($result) > 0) { $errors[] = "The e-mail address <b>$email</b> has already been registered."; } else { // Empty for now... } } // display errors if any exist if (count($errors) > 0) { print "<div id=\"errorMsg\"><h3>Ooops! There was error(s)</h3><ol>"; foreach($errors as $error) { print "<li>$error</li>"; } print "</ol></div>"; } else { print "<div id=\"okMsg\"><p>All done :) you can now sign in.</p></div>"; // Encrypt the password before insertion $encPass = md5($pass1); // Insert into the database $q = mysql_query("INSERT INTO `dig_customers` (`id`, `password`, `password_unencrypted`, `gender`, `title`, `first_name`, `last_name`, `address`, `city`, `state_county`, `post_zip_code`, `country`, `email`, `home_number`, `mobile_number`, `news_letter`, `special_offers`, `admin_level`, `registered`) VALUES ('', '$encPass', '$pass1', 'NULL', 'NULL', '$fName', '$lName', 'NULL', 'NULL', 'NULL', 'NULL', '$cntry', '$email', 'NULL', 'NULL', 'NULL', 'NULL', 'N', NOW())"); if ($q) { // Alert on signup send_graham_email("User Has Signed Up!"); } } } ?> When i do a test signup on: http://www.digicures.com/sign-up.php everything works great i get an email and the entry is saved in the database, over the paste week or so i have had about 8 emails saying people have signed up but when i check the database there nothing there! i can't understand it, only when the insert query is true should it send me the mail eh? can anyone see any problems with the code at all? cheers guys Graham Currently I'm trying to get a registration form to work adding a username and password into a database. That bit I understand and have managed to do aswell as getting the password to hash using the line below: $hashed = password_hash($password, PASSWORD_DEFAULT);
What I'm trying to do now is have the passwords check to see if they are the same, if so the user is able to register, if not they are sent back to the registration page(which was working before I started tampering with the next bit). I also want to checkto see if the username is taken, the following code is what I have so far: <?php session_start(); /* Attempt MySQL server connection. Assuming you are running MySQL server with default setting (user 'root' with no password) */ $link = mysqli_connect("localhost", "root", "", "rockinrochester"); // Check connection if($link === false){ die("ERROR: Could not connect. " . mysqli_connect_error()); } $sql= mysql_query("SELECT FROM register (username, password) WHERE username=$username"); if(mysql_num_rows($sql)>=1) { echo"name already exists"; } else { $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; $hashed = password_hash($password, PASSWORD_DEFAULT); if($password != $password2) { //checks to see if passwords match, if they don't it redirects person back to registration form header('Location: register.php'); echo "passwords didn't match"; } else { $sql = "INSERT INTO register (username, password) VALUES ( '$username','$hashed')"; // if passwords match inputs them into database } if(mysqli_query($link, $sql)){ header('Location: registered.php'); // if it works relocated person to registered.html } else{ echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); // if it fails it prints an error message } // Close connection mysqli_close($link); } ?> <?php session_start(); /* Attempt MySQL server connection. Assuming you are running MySQL server with default setting (user 'root' with no password) */ $link = mysqli_connect("localhost", "root", "", "rockinrochester"); // Check connection if($link === false){ die("ERROR: Could not connect. " . mysqli_connect_error()); } $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; $hashed = password_hash($password, PASSWORD_DEFAULT); $sql = mysql_query("SELECT FROM register(username, password, ) WHERE username=$username"); if(mysql_num_rows($sql)>=1) { echo"name already exists"; } else{ if($password != $password2) { //checks to see if passwords match, if they don't it redirects person back to registration form header('Location: register.php'); echo "passwords didn't match"; } else { $sql = "INSERT INTO register (username, password) VALUES ( '$username','$hashed')"; // if passwords match inputs them into database } if(mysqli_query($link, $sql)){ header('Location: registered.php'); // if it works relocated person to registered.html } else{ echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); // if it fails it prints an error message } // Close connection mysqli_close($link); } ?> at the minute It's throwing back the following error Quote
Edited April 4, 2019 by dylfs changing code below is the code for a registration form. It "works",I mean that the insert query is being performed, some error messages appear. the problem is, i don't understand how "root" is being automatically sent to the database as a username. when logging into phpmyadmin, the username root appears because it is on autofill. but, i don't get why it's filling the registration form with root. i don't see "root" entered on the form, but, after registering, it says "Congratulations root!". If i leave the form blank, i don't get the error message for blank username either. i've just started learning php,so i guess something might be wrong with the code. any help, please? Code: [Select] <html> <head> <link rel="stylesheet" type="text/css" href="reset.css" media="screen" /> <link rel="stylesheet" type="text/css" href="style.css" media="screen" /> <title>Register</title> </head> <body> <div id="layout_wrapper"> <div id="layout_container"> <div id="layout_content"> <div id="site_title"> <h1><a href="home.html">WEBSITE</a></h1> <h2>WEBSITE DESCRI</h2> </div> <div id="header_image"></div> <div class="clearer"> </div> </div> <div id="main"> <div class="post"> <div class="post_top"> <div class="post_title"><h2>REGISTER</h2></div> </div> <div class="post_body"> <?php $error_stat=0; $errorMsg=''; if (isset ($_POST['submit'])){ $username = $_POST['username']; $gender = preg_replace('#[^a-z]#i', '', $_POST['gender']); $b_m = preg_replace('#[^0-9]#i', '', $_POST['birth_month']); $b_d = preg_replace('#[^0-9]#i', '', $_POST['birth_day']); $b_y = preg_replace('#[^0-9]#i', '', $_POST['birth_year']); $email1 = $_POST['email1']; $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; $email1 = stripslashes($email1); $pass1 = stripslashes($pass1); $email2 = stripslashes($email2); $pass2 = stripslashes($pass2); $email1 = strip_tags($email1); $pass1 = strip_tags($pass1); $email2 = strip_tags($email2); $pass2 = strip_tags($pass2); include_once "../scripts/connect_to_mysql.php"; $emailCHecker = mysql_real_escape_string($email1); $emailCHecker = str_replace("`", "", $emailCHecker); $sql_uname_check = mysql_query("SELECT user_name FROM tbl_user WHERE user_name='$username'"); $uname_check = mysql_num_rows($sql_uname_check); $sql_email_check = mysql_query("SELECT email FROM tbl_user WHERE email='$emailCHecker'"); $email_check = mysql_num_rows($sql_email_check); if ((!$username) || (!$gender) || (!$b_m) || (!$b_d) || (!$b_y) || (!$email1) || (!$pass1) || (!$pass2)) { $error_stat=1; $errorMsg = 'ERROR: You did not submit the following required information:<br /><br />'; if(!$username){ $errorMsg .= ' * User Name<br />'; } if(!$gender){ $errorMsg .= ' * Sex <br />'; } if(!$b_m){ $errorMsg .= ' * Birth Month<br />'; } if(!$b_d){ $errorMsg .= ' * Birth Day<br />'; } if(!$b_y){ $errorMsg .= ' * Birth year<br />'; } if(!$email1){ $errorMsg .= ' * Email Address<br />'; } if(!$pass1){ $errorMsg .= ' * Login Password<br />'; } if(!$pass2){ $errorMsg .= ' * Confirm Login Password<br />'; } } else if ($pass1 != $pass2) { $errorMsg = 'ERROR: Your Password fields below do not match<br />'; } else if (strlen($username) < 4) { $errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 4 - 20 characters please.<br />"; } else if (strlen($username) > 20) { $errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 4 - 20 characters please.<br />"; } else if ($uname_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside of our system. Please try another.<br />"; } else if ($email_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside of our system. Please use another.<br />"; } else { $email1 = mysql_real_escape_string($email1); $pass1 = mysql_real_escape_string($pass1); $full_birthday = "$b_y-$b_m-$b_d"; $sql = mysql_query("INSERT INTO tbl_user (user_name, sex, dob, date_joined,email, password) VALUES('$username','$gender','$full_birthday', now(),'$email1', '$pass1')") or die (mysql_error()); $id = mysql_insert_id(); echo "<h2>Registration Successful!</h2>"; echo "<p>Congratulations <b>$username</b>, your registration was successful. Your account has now been created with the following details:</p>"; echo "<p><b>Username:</b> $username</p>"; echo "<p><b>Password:</b> $pass1</p>"; echo "<p><b>Sex:</b> $gender</p>"; echo "<p><b>Email:</b> $email1</p>"; echo "<p><b>DOB:</b> $full_birthday</p>"; echo "<p>You may now login.</p>"; } // Close else after duplication checks } if (!isset($_POST['submit']) || $error_stat==1) { ?> <?php echo $errorMsg;?> <form method="POST" action=""> <table> <tr> <td width="114" bgcolor="#FFFFFF">User Name: *</span></td> <td width="452" bgcolor="#FFFFFF"><input name="username" type="text" id="username " size="32" maxlength="20" /> <span id="nameresponse">Alphanumeric Characters Only</span></td> </tr> <tr> <td bgcolor="#EFEFEF">Sex:*</span></td> <td bgcolor="#EFEFEF"><label> <input name="gender" type="radio" id="gender" value="m" checked="checked" />Male <input type="radio" name="gender" id="gender" value="f" />Female </label></td> </tr> <tr> <td bgcolor="#FFFFFF">Date of Birth:*</span></td> <td bgcolor="#FFFFFF"> <select name="birth_month" id="birth_month"> <option value="01">January</option> <option value="02">February</option> <option value="03">March</option> <option value="04">April</option> <option value="05">May</option> <option value="06">June</option> <option value="07">July</option> <option value="08">August</option> <option value="09">September</option> <option value="10">October</option> <option value="11">November</option> <option value="12">December</option> </select> <select name="birth_day" id="birth_day"> <option value="01">1</option> <option value="02">2</option> <option value="03">3</option> <option value="04">4</option> <option value="05">5</option> <option value="06">6</option> <option value="07">7</option> <option value="08">8</option> <option value="09">9</option> <option value="10">10</option> <option value="11">11</option> <option value="12">12</option> <option value="13">13</option> <option value="14">14</option> <option value="15">15</option> <option value="16">16</option> <option value="17">17</option> <option value="18">18</option> <option value="19">19</option> <option value="20">20</option> <option value="21">21</option> <option value="22">22</option> <option value="23">23</option> <option value="24">24</option> <option value="25">25</option> <option value="26">26</option> <option value="27">27</option> <option value="28">28</option> <option value="29">29</option> <option value="30">30</option> <option value="31">31</option> </select> <select name="birth_year" id="birth_year"> <option value="2010">2010</option> <option value="2009">2009</option> <option value="2008">2008</option> <option value="2007">2007</option> <option value="2006">2006</option> <option value="2005">2005</option> <option value="2004">2004</option> <option value="2003">2003</option> <option value="2002">2002</option> <option value="2001">2001</option> <option value="2000">2000</option> <option value="1999">1999</option> <option value="1998">1998</option> <option value="1997">1997</option> <option value="1996">1996</option> <option value="1995">1995</option> <option value="1994">1994</option> <option value="1993">1993</option> <option value="1992">1992</option> <option value="1991">1991</option> <option value="1990">1990</option> <option value="1989">1989</option> <option value="1988">1988</option> <option value="1987">1987</option> <option value="1986">1986</option> <option value="1985">1985</option> <option value="1984">1984</option> <option value="1983">1983</option> <option value="1982">1982</option> <option value="1981">1981</option> <option value="1980">1980</option> <option value="1979">1979</option> <option value="1978">1978</option> <option value="1977">1977</option> <option value="1976">1976</option> <option value="1975">1975</option> <option value="1974">1974</option> <option value="1973">1973</option> <option value="1972">1972</option> <option value="1971">1971</option> <option value="1970">1970</option> <option value="1969">1969</option> <option value="1968">1968</option> <option value="1967">1967</option> <option value="1966">1966</option> <option value="1965">1965</option> <option value="1964">1964</option> <option value="1963">1963</option> <option value="1962">1962</option> <option value="1961">1961</option> <option value="1960">1960</option> <option value="1959">1959</option> <option value="1958">1958</option> <option value="1957">1957</option> <option value="1956">1956</option> <option value="1955">1955</option> <option value="1954">1954</option> <option value="1953">1953</option> <option value="1952">1952</option> <option value="1951">1951</option> <option value="1950">1950</option> <option value="1949">1949</option> <option value="1948">1948</option> <option value="1947">1947</option> <option value="1946">1946</option> <option value="1945">1945</option> <option value="1944">1944</option> <option value="1943">1943</option> <option value="1942">1942</option> <option value="1941">1941</option> <option value="1940">1940</option> <option value="1939">1939</option> <option value="1938">1938</option> <option value="1937">1937</option> <option value="1936">1936</option> <option value="1935">1935</option> <option value="1934">1934</option> <option value="1933">1933</option> <option value="1932">1932</option> <option value="1931">1931</option> <option value="1930">1930</option> <option value="1929">1929</option> <option value="1928">1928</option> <option value="1927">1927</option> <option value="1926">1926</option> <option value="1925">1925</option> <option value="1924">1924</option> <option value="1923">1923</option> <option value="1922">1922</option> <option value="1921">1921</option> <option value="1920">1920</option> <option value="1919">1919</option> <option value="1918">1918</option> <option value="1917">1917</option> <option value="1916">1916</option> <option value="1915">1915</option> <option value="1914">1914</option> <option value="1913">1913</option> <option value="1912">1912</option> <option value="1911">1911</option> <option value="1910">1910</option> <option value="1909">1909</option> <option value="1908">1908</option> <option value="1907">1907</option> <option value="1906">1906</option> <option value="1905">1905</option> <option value="1904">1904</option> <option value="1903">1903</option> <option value="1902">1902</option> <option value="1901">1901</option> <option value="1900">1900</option> </select> </td> </tr> <tr> <td bgcolor="#EFEFEF">Email Address:*</span></td> <td bgcolor="#EFEFEF"><input name="email1" type="text" id="email1" size="32" maxlength="48" /></td> </tr> <tr> <td bgcolor="#FFFFFF">Create Password:*</span></td> <td bgcolor="#FFFFFF"><input name="pass1" type="password" id="pass1" size="32" maxlength="16" /> <span>Alphanumeric Characters Only</span></td> </tr> <tr> <td bgcolor="#EFEFEF">Confirm Password: *</span></td> <td bgcolor="#EFEFEF"><input name="pass2" type="password" id="pass2" size="32" maxlength="16" /> <span>Alphanumeric Characters Only</span></td> </tr> <tr> <td><input type="submit" name="submit" value="Sign Up!" /></td> </tr> </table> </form> <?php } ?> </div> <div id="footer"> <div class="left">© 2011</div> <div class="right"><a href="#">....</a><a href="#">....</a></div> <div class="clearer"> </div> </div> </div> </div> </div> </body> </html> Hi, php newbie here, web developer newbie too! Some time ago I did a website which included a course registration form which someone else created for me in php. This worked fine and I amended the original to work on another website. I am currently updating this second website and the php has stopped working, and I am no longer in contact with the original developer of the code. The form is at: http://www.bisntechnologies.com/register.htm, and the php is: <?php /* ------- Stuff You Can Change --------- */ $recipient = 'registration@bisntechnologies.com'; $redirect = 'confirmation.php'; /* -------------------------------------- */ $name = $HTTP_POST_VARS['name']; $company = $HTTP_POST_VARS['company']; $position = $HTTP_POST_VARS['position']; $telephone = $HTTP_POST_VARS['telephone']; $email = $HTTP_POST_VARS['email']; $interest = $HTTP_POST_VARS['interest']; $clientip = $_SERVER['REMOTE_ADDR']; $msg = "Name: $name\nCompany: $company\nPosition: $position\nTelephone: $telephone\nE-mail: $email\nInterest: $interest\n\nIP Address: $clientip"; $replymsg = "<html><body style=\"font-family: Trebuchet MS; font-size: 13px\"><p>Dear $name,</p><p>Thank you for registering.</p><p><a href=\"http://www.bisntechnologies.com\"><img border=0 src=\"http://www.bisntechnologies.com/images/NewLogo.jpg\" alt=\"BiSN Technologies Ltd\"></a></p></body></html>"; if (mail($email,'Registration',$replymsg,"MIME-Version: 1.0\r\nContent-type: text/html;charset=iso-8859-1\r\nFrom: registration@bisntechnologies.com")) { mail($recipient,'Registration Confirmation',$msg,"From: $email"); include($redirect); } else { echo "<h4>\"$email\" is an invalid e-mail address. Please click the browser's Back button.</h4>"; } ?> Putting in valid information gives the error: "" is an invalid e-mail address. Please click the browser's Back button." which it didn't used to do. I expect it is a very simple mistake but I cannot trace it. Any help to pinpoint the problem greatly appreciated. Any body please, Why my registration form page stoped working, don't feed the dbase any more, I'm the only one with access to make changes but I did not make any changes, just stoped out of no where, any ideas? Hello, I am currently coding a site from scratch. I know i can use templates and everything else but i want the experience. The HTML I've had down for years but it seems PHP is getting a little elusive for me. I'm trying to create a registration form and when i test my site i keep getting parse errors and syntax errors... mainly regarding the use of {} and if/else. Any help would be appreciated. Most of the code is still incomplete, I have to go back and fill in some areas I've left blank for now, but i have commented using // Where the browser is kicking back my errors.
- “Any sufficiently advanced technology is indistinguishable from magic” (Arthur C. Clark, 1962)
<?php $con = Mysqli_connect("'', '', ''"); if (Mysqli_connect_errno()) { echo "Failed to connect to DB. Please check your connection info." . Mysqli_connect_errno; // Only if there is an error. } //Declaring Variable for Registration form $fname = ""; $lname = ""; $em = ""; $emc = ""; $pass = ""; $passc = ""; $date = ""; $error_array = ""; if (insert($_POST['register_button'])) { // To handle the registration form // First Name Values $fname = strip_tags($_POST['reg_fname']); $fname = str_replace(' ', '', $fname); $fname = ucfirst(strtolower($fname)); // Last Name Values $lname = strip_tags($_POST['reg_lname']); $lname = str_replace(' ', '', $lname); $lname = ucfirst(strtolower($lname)); // Registration Email Values $em = strip_tags($_POST['reg_email']); $em = str_replace(' ', '', $em); // Confirm Registration Email Values $emc = strip_tags($_POST['reg_emailc']); $emc = str_replace(' ', '', $emc); // Registrsation Password Values $pass = strip_tags($_POST['reg_pass']); // Registration Password Confirmation Values $passc = strip_tags($_POST['reg_passc']); // Registration Date Values $date = date("m-d-Y"); // Here is where the browser keeps kicking back parse errors if ($em == $emc) { } else { echo "Email and Confirmation Email must match"; } if (filter_var($em, FILTER_VALIDATE_EMAIL)) { $em = filter_var($em, FILTER_VALIDATE_EMAIL) } else { echo "Invlaid Format"; } ?>
I need an Event Registration Script that allows for payment with Paypal & saves form details and Paypal transaction ID to my MySQL DB After the payment has been finalized. I want to have ppl be able to register for camp, and with that choose if they want to preorder the new camp DVD, order last camps DVD, order both DVD's or neither DVD. I am not incredible gifted with PHP since I am new so please be gentle. What do you recommend? I would like to learn a little from this process instead of buying a completed script. Thanks How do I make email, name and phone required fields? thanks in advance <?php $email = $_POST['email']; $name = trim($_POST['name']); $phone = trim($_POST['phone']); $time = trim($_POST['time']); $zipcode = trim($_POST['zipcode']); $date = trim($_POST['date']); $EmailTo = "myemail@somedomain.com"; $Subject = "form"; /// Add a subject $Body = ""; $Body .= "Full name:\n$name\n\n"; $Body .= "Primary phone:\n$phone\n\n"; $Body .= "time:\n$time\n\n"; $Body .= "Zip code:\n$zipcode\n\n"; $Body .= "date:\n$date\n\n"; if($Subject == NULL) {$Subject = "From $EmailFrom";} $success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>"); if ($success){ header ('Location: confirm.html');} else{ echo "Error! Your e-mail was not sent!";} ?> Hey Guys! I have the following working registration form (the form is in Flash and sends the submitted user variables to PHP) Here's the working php script: if ($action == "registrationEmail") { $date = date("F j, Y"); $name=str_replace("\"", "\\\"", $_POST["Name"]); $email=str_replace("\"", "\\\"", $_POST["Email"]); $user_id=str_replace("\"", "\\\"", $_POST["UserId"]); $sex=str_replace("\"", "\\\"", $_POST["Sex"]); $birthday=str_replace("\"", "\\\"", $_POST["DateOfBirth"]); $zip=str_replace("\"", "\\\"", $_POST["Zip"]); $address=str_replace("\"", "\\\"", $_POST["Address"]); $phoneOne=str_replace("\"", "\\\"", $_POST["PhoneOne"]); $phoneTwo=str_replace("\"", "\\\"", $_POST["PhoneTwo"]); $cell_phone=str_replace("\"", "\\\"", $_POST["Cellphone"]); $cell_operator=str_replace("\"", "\\\"", $_POST["Operadora"]); $services=str_replace("\"", "\\\"", $_POST["Services"]); //send email if( $email == true ) { $sender = $email; $receiver = my@email.com"; $client_ip = $_SERVER['REMOTE_ADDR']; $email_body = "Email: $email \n\nIP: $client_ip \n\nName: $name \n\nUserId: $user_id \n\nSex: $sex \n\nDate Of Birth: $birthday \n\nZip: $zip \n\nAddress: $address \n\nPhone One: $phoneOne \n\nPhone Two: $phoneTwo \n\nCell Phone: $cell_phone \n\nCell Operator: $cell_operator \n\nServices: $services \n\nDate: $date"; $extra = "From: $sender\r\n" . "Reply-To: $sender \r\n" . "X-Mailer: PHP/" . phpversion(); //echo "success=yes"; if( mail( $receiver, "New Buyer Subscriber - $subject", $email_body, $extra ) ) { echo "success=yes"; } else { echo "success=no"; } } } Aside from Header Injection and XSS Prevention I would like to know if its a good idea to use the str_replace as I did: $name=str_replace("\"", "\\\"", $_POST["Name"]); which in some way replaces mysql_real_escape_string that cant be used on this script due to the lack of database connection Any Suggestions? Hi I'm new here, also I'm new in php. What I need to do is to write registration form with drop down menu. Actually, I need to have drop down menu which would write data into database when someone fill registration form. Also I need when someone choose one of the city name in drop down menu, to display certain image in specific php page. Can anyone help me. Here is my code for registration form : register.php <?PHP //Database Information $dbhost = ""; $dbname = ""; $dbuser = ""; $dbpass = ""; //Connect to database mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error()); mysql_select_db($dbname) or die(mysql_error()); $name = $_POST['name']; $email = $_POST['email']; $username = $_POST['username']; $password = md5($_POST['password']); $grad = $_POST['grad']; // lets check to see if the username already exists $checkuser = mysql_query("SELECT username FROM users WHERE username='$username'"); $username_exist = mysql_num_rows($checkuser); if($username_exist > 0){ echo "I'm sorry but the username you specified has already been taken. Please pick another one."; unset($username); include 'register.html'; exit(); } $checkemail = mysql_query("SELECT email FROM users WHERE email='$email'"); $email_exist = mysql_num_rows($checkemail); if($email_exist > 0){ echo "Email koji ste izabrali vec postoji."; unset($email); include 'register.html'; exit(); } $checkname = mysql_query("SELECT name FROM users WHERE name='$name'"); $name_exist = mysql_num_rows($checkname); if($name_exist > 0){ echo "Ime koje ste izabrali vec postoji."; unset($name); include 'register.html'; exit(); } // lf no errors present with the username // use a query to insert the data into the database. $query = "INSERT INTO users (name, email, username, password, grad) VALUES('$name', '$email', '$username', '$password','$grad')"; mysql_query($query) or die(mysql_error()); mysql_close(); if(empty($name) || empty($email) || empty($username)) { echo "Nisu uneseni svi podaci."; } /*else if(empty(($password))) //ovaj uslov ne prolazi !!! { echo "Niste uneli lozinku."; }*/ else { echo "Uspesno ste se registrovali"; } ?> and for form : register.html <form name="login" method="post" action="register.php"> <table border="0" width="225" align="center"> <tr> <td width="219" bgcolor="#ff6600"> <p align="center"><font color="white"><span style="font-size:14pt;"><b>Registration</b></span></font></p> </td> </tr> <tr> <td width="555"> <table border="0" width="555" align="center"> <tr> <td width="116"><span style="font-size:12pt;">Name:</span></td> <td width="156"><input type="text" name="name" maxlength="100"></td> <td width="200"><p align="left"><span style="font-size:11pt;"><i>*Ukucajte vase puno ime i prezime*</i></span></p></td> </tr> <tr> <td width="116"><span style="font-size:12pt;">Email:</span></td> <td width="156"><input type="text" name="email" maxlength="100"></td><br/> </tr> <tr> <td width="116"><span style="font-size:12pt;">Username:</span></td> <td width="156"><input type="text" name="username"></td><br/> </tr> <tr> <td width="116"><span style="font-size:12pt;">Password:</span></td> <td width="156"><input type="password" name="password"></td><br/> </tr> <tr> <td width="116"> </td> <td width="156"> <p align="right"><input type="submit" name="submit" value="Submit"></p> </td> </tr> <tr> <td> <select name = "dropdown" value="options"> <option value "register.php">Izaberi grad</option> <option value = "Beograd">Beograd</option> <option value = "Nis">Nis</option> <option value = "Novi Sad">Novi Sad</option> </select> </td> </tr> </table> </td> </tr> <tr> <td width="219" bgcolor="#ff6600"> </td> </tr> </table> </form> This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=342885.0 Hello, iv got a code that validates form fields: ////////////////////duomenys is regform.php $username = $_POST['regname']; $email= $_POST['regemail']; $password1 = $_POST['regpass1']; $password2 = $_POST['regpass2']; /////////////////////////////////////////// ini_set('error_reporting', E_ALL); ini_set('display_errors', 1); $result = pg_query('SELECT 1 FROM duom WHERE LOWER(name)=\''.strtolower(pg_escape_string($username)).'\'')or exit(pg_last_error()); if(isset($_POST['regsubmit'])){ ////////////////////////////////////tikrina ar viskas uzpildyta if($username !="" && $email !="" && $password1 !="" && $password2 !="" && $password1 == $password2) { /////////////////////////////////////////////////////////////// if (pg_num_rows($result)) { exit('Toks vartotojas jau egzistuoja, pasirinkite kita vartotojo varda'); } else ///////////////////ideda duomenys is regform.php i duomenu baze $insert = "INSERT into duom(name, email, pass) VALUES('".$username."','".$email."','".$password1."')"; pg_query($insert); echo "Registracija pavyko!"; /////////////////////////////////////////////////////////////// } else echo "Blogai uzpildyti domenys!"; } everything is working but i need to add 1 more thing to this - to see if email already exists in the databse. I did it for username but idk how to add the same code for email. Heres the code to check if username already exists: ini_set('error_reporting', E_ALL); ini_set('display_errors', 1); $result = pg_query('SELECT 1 FROM duom WHERE LOWER(name)=\''.strtolower(pg_escape_string($username)).'\'')or exit(pg_last_error()); if (pg_num_rows($result)) { exit('Username already exists); thanks in advance I need help with this ASAP!!! I pretty sure my boss will fire me if I can not figure this out tonight... PLEASE HELP! I am a graphic designer and not a programmer... PLEASE HELP ME!!! My form will not display the echoed message ("Please fill in all required (*) feilds", "Maximum length for username is 25 characters", etc.) when I hit submit... It wouldn't even show the variables when I tried to just have the form only echo the various strings... nothing appeared... the only way I could get the string values to appear was through a array like this: if(is_array($_POST)){ echo '<pre>'; print_r($_POST); echo '</pre>'; } ^^This returned the data fine... but when I try to echo on particular string and not using the array, nothing appears... This is crucial as this is how the custom error messages are displayed... Here is my PHP code: <?php $submit = $_POST['submit']; //form data $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); $passwordrepeat = strip_tags($_POST['passwordrepeat']); $email = strip_tags($_POST['email']); $emailrepeat = strip_tags($_POST['emailrepeat']); $career_status = strip_tags($_POST['career_status']); $name_title = strip_tags($_POST['name_title']); $first_name = strip_tags($_POST['first_name']); $middle_name = strip_tags($_POST['middle_name']); $last_name = strip_tags($_POST['last_name']); $suffix = strip_tags($_POST['suffix']); $current_address1 = strip_tags($_POST['current_address1']); $current_address2 = strip_tags($_POST['current_address2']); $current_city = strip_tags($_POST['current_city']); $current_state = strip_tags($_POST['current_state']); $current_zip = strip_tags($_POST['current_zip']); $phone_home = strip_tags($_POST['phone_home']); $phone_mobile = strip_tags($_POST['phone_mobile']); $preferred_contact = strip_tags($_POST['preferred_contact']); $school_name = strip_tags($_POST['school_name']); $school_city = strip_tags($_POST['school_city']); $school_state = strip_tags($_POST['school_state']); $school_gradYear = strip_tags($_POST['school_gradYear']); $med_school_debt = strip_tags($_POST['med_school_debt']); $monthly_debt_payment = strip_tags($_POST['monthly_debt_payment']); $credit_score = strip_tags($_POST['credit_score']); $marital_status = strip_tags($_POST['marital_status']); $current_employer_name = strip_tags($_POST['current_employer_name']); $current_employer_city = strip_tags($_POST['current_employer_city']); $current_employer_state = strip_tags($_POST['current_employer_state']); $current_position = strip_tags($_POST['current_position']); $current_specialty = strip_tags($_POST['current_specialty']); $current_employer_startDate_mm = strip_tags($_POST['current_employer_startDate_mm']); $current_employer_startDate_yyyy = strip_tags($_POST['current_employer_startDate_yyyy']); $changing_employer = strip_tags($_POST['changing_employer']); $current_employer_endDate_mm = strip_tags($_POST['current_employer_endDate_mm']); $current_employer_endDate_yyyy = strip_tags($_POST['current_employer_endDate_yyyy']); $future_employer_name = strip_tags($_POST['future_employer_name']); $future_employer_city = strip_tags($_POST['future_employer_city']); $future_employer_state = strip_tags($_POST['future_employer_state']); $future_position = strip_tags($_POST['future_position']); $future_specialty = strip_tags($_POST['future_specialty']); $future_employer_startDate_mm = strip_tags($_POST['future_employer_startDate_mm']); $future_employer_startDate_yyyy = strip_tags($_POST['future_employer_startDate_yyyy']); $destination_city = strip_tags($_POST['destination_city']); $destination_state = strip_tags($_POST['destination_state']); $move_date_mm = strip_tags($_POST['move_date_mm']); $move_date_yyyy = strip_tags($_POST['move_date_yyyy']); $prop_single_family = strip_tags($_POST['prop_single_family']); $prop_townhouse = strip_tags($_POST['prop_townhouse']); $prop_condo = strip_tags($_POST['prop_condo']); $prop_co_op = strip_tags($_POST['prop_co_op']); $prop_duplex = strip_tags($_POST['prop_duplex']); $prop_mobile = strip_tags($_POST['prop_mobile']); $prop_other = strip_tags($_POST['prop_other']); $num_bedrooms = strip_tags($_POST['num_bedrooms']); $num_bath = strip_tags($_POST['num_bath']); $price_low = strip_tags($_POST['price_low']); $price_high = strip_tags($_POST['price_high']); $prop_purpose = strip_tags($_POST['prop_purpose']); $need_realtor = strip_tags($_POST['need_realtor']); $need_lender = strip_tags($_POST['need_lender']); $need_refinance_NoCash = strip_tags($_POST['need_refinance_NoCash']); $need_refinance_TakeCash = strip_tags($_POST['need_refinance_TakeCash']); $need_home_equity = strip_tags($_POST['need_home_equity']); $need_commercial = strip_tags($_POST['need_commercial']); $need_practice = strip_tags($_POST['need_practice']); $mortgage_needs = strip_tags($_POST['mortgage_needs']); $most_important = strip_tags($_POST['most_important']); $keep_property_time = strip_tags($_POST['keep_property_time']); $keep_mortgage_time = strip_tags($_POST['keep_mortgage_time']); $program_foundHome_lowDown_NoPMI = strip_tags($_POST['program_foundHome_lowDown_NoPMI']); $program_foundHome_20down_bestRate = strip_tags($_POST['program_foundHome_20down_bestRate']); $program_foundHome_20down_specializedLender = strip_tags($_POST['program_foundHome_20down_specializedLender']); $program_preapproved_physLoan = strip_tags($_POST['program_preapproved_physLoan']); $program_preapproved_coventionalLoan = strip_tags($_POST['program_preapproved_coventionalLoan']); $program_lenderBailed = strip_tags($_POST['program_lenderBailed']); $program_poorCredit = strip_tags($_POST['program_poorCredit']); $referral_source = strip_tags($_POST['referral_source']); $registration_date = date("Y-m-d"); if ($submit) { //check that required fields are completed if ($username&&$password&&$passwordrepeat&&$email&&$emailrepeat&&$career_status&&$first_name&&$last_name) { //encrypt password $password = md5($password); $passwordrepeat = md5($passwordrepeat); if ($password==$passwordrepeat) { //check character length of username and if (strlen($username)>25) { echo "Maximum length for username is 25 characters."; } else { //check password length if (strlen($password)>25||(strlen($password)<6)) { echo "Password must be between 6 and 25 characters in length."; } else { //register the user echo "Success!"; } } } else echo "Your passwords do not match. Please re-enter and hit submit again."; } else echo "Please fill in all required (*) feilds."; } ?> Here is my form: http://www.doctorbrownshoes.com/testPHP/registration.php Hey All! Well, here I am at PHP Freaks mercy again lol. I love this website and everyone here is always so helpful so let's get to my most recent issue. I am developing a pretty simple event registration form, which would be pretty easy in most respects. It will have the following pretty standard fields. Number of people attending: (drop down with 1-10) Name Address City State Zip Email Phone Alternate Phone There will be a few other fields but they aren't relevant. Basically the first field "Number of people attending (drop down 1-10)" will have to create a section with the following fields above for each person's information. If there are 3 people attending then it will need to have 3 sections of all those fields for each person. Making the page dynamically generate those sections on-the-fly when the user selects "3" for example is the first issue I am having. The other issue I am having is how would I handle the information dynamically within the PHP. If there was just one person it would be easy because I could just reference those fields. One solution I have for the second problem that I have some experience with is naming the fields name[] for example. But I still don't have a complete grasp on how to make that fix my problem. I've tried googling for hours but have had no luck, which may be because I'm not sure how to phrase the problem maybe. Any help! Ok im only new to PHP and Im trying to setup my own porfolio website using PHP,CSS,HTML5 and other bits. Iv downloaded WAMP and im tryin to get my website workin offline first. Well im just trying to get a section in my site in the top right corner for a login and register area similar to this website (membership section) iv bein following some online video tuts and completed them right but Im not sure how to integrate it into my existing home page,/ index.html page. I want to have it so that it says login or registered and it works through php. all the tuts I followed seem to have this done on one index.php page and im getting confused as to how I can have a small section on my home page just for registering if yano what I mean..... Maybe its a silly question....im still learning....Any help be gratefull Hello. So I already know an extremely elementary way to check to see if a form field is blank using PHP. For example: Code: [Select] if ($subject == "") The question I have is, is there a way to have php check every field in a form to make sure it has some sort of value? I want to create an 'if' statement which basically says, "If all form fields have something filled in, then do this" For example Code: [Select] if ($subject == "any value") & ($name == "any value") & ($comment == "any value") Not sure if that makes sense. Any help would be greatly appreciated!!! Hey Everyone, Im having trouble with this code, i'm trying to use preg_match to display an error when someone inputs their email and it doesnt have a specific domain (like for example yahoo.com). My logic is to use it as a filter, if the input doesnt have the word '@yahoo.com' it will show the error. What am I doing wrong? Code: [Select] if(preg_match("/^[a-zA-Z]\w+(\.\w+)*\@\yahoo.com", $data['email']) === 0) $err .= "• $lang[ERROR_DOMAIN]<br>"; Any help will be greatly appreciated. Thanks. - STG how can i validate if email is being entered correctly in a form? i have the following code Code: [Select] <?php if(isset($_POST['Submit'])){ //NEED TO CHECK IF FIELDS ARE FILLED IN if( empty($_POST['email'])){ header("Location:Messages.php?msg=12"); exit(); } if( empty($_POST['name'])){ header("Location:Messages.php?msg=3"); exit(); } if( empty($_POST['pw1']) && (empty($_POST['pw2']))){ header( "Location:Messages.php?msg=4" ); exit(); } $name=$_POST['name']; $email=$_POST['email']; $pw1=$_POST['pw1']; $pw2=$_POST['pw2']; if("$pw1" !== "$pw2" ){ header( "Location:Messages.php?msg=5" ); exit(); } $ip = $_SERVER['REMOTE_ADDR']; //connect to the db server , check if uname exist include('config.php'); $query1=("Select * from user where email='$email'"); $result1= mysql_query($query1); $num1=mysql_num_rows($result1); if ($num1 > 0) {//Email already been used header( "Location:Messages.php?msg=11" ); exit(); }else{ $query=("Select * from user where uname='$name'"); $result= mysql_query($query); $num=mysql_num_rows($result); if ($num > 0) {//Username already exist header( "Location:Messages.php?msg=6" ); exit(); }else{ //if username does not exist insert user details $query=( "INSERT INTO user (uname, pw,email,date_joined,ip,level) VALUES ('$name','$pw1','$email',NOW(),'$ip','Normal')"); if (@mysql_query ($query)) { header("location:login.php?reg=1"); exit; } } } mysql_close(); } ?> Could anyone help me making a login function that checks the txt document if user and pw exists/are correct? -and if they are, sends you to a logged in page. This is for a assignment which is why I have to store the information in a text document, I know it's unsafe. Also i know i should use $_Sessions but I'm not sure how to use it and where to put it.
So far I have created the form which has 2 buttons one for registering and one for logging in. I have also created the registration function which checks the text file if the username already exists if not it will register it. <html lang="eng"> <head> <link rel="stylesheet" href="style.css"> <title>name</title> </head> <body> <div class="formdiv"> <h2>Log in or register</h2> <form action="" method="post"> <p>Username<p style="color:black">*</p> <input type="text" name="user" placeholder="Type in your username" required> <p>Password<p style="color:black">*</p> <input type="password" name="pw" placeholder="Type in your password" required> <?php if (isset($_POST['saveBtn'])){ $username = $_POST['user']; $password = $_POST['pw']; $error = register($username); if ($error == '') { echo "User: $username has been registered!<br/>"; } else echo $error; } ?> <input type="submit" name="saveBtn" value="Save new user"> <input type="submit" name="loginBtn" value="Login"> </form> </div> <?php // Registration function register($user){ $textError = ''; // Check and see if user exists $UserPassTxt = fopen("userpwd.txt","a+"); // Opens text doc rewind($UserPassTxt); while (!feof($UserPassTxt)) { $line = fgets($UserPassTxt); $tmp = explode(':', $line); if ($tmp[0] == $user) { $textError = "Username already exists!"; break; } } if ($textError == ''){ $hash = password_hash('', PASSWORD_DEFAULT); fwrite($UserPassTxt, "\n$user: $hash"); } fclose($UserPassTxt); // Closes txt doc return $textError; } ?> <?php //Login function login($user, $pass){ } ?> </body> ///here's my best attempt at the function <?php //Login $error = '0'; if (isset($_POST['loginBtn'])){ $username = $_POST['user']; $password = $_POST['pw']; $error = login($username,$password); } function login($user, $pass){ $errorText = ''; $validUser = false; $UserPassTxt = fopen("userpwd.txt","r"); rewind($UserPassTxt); while (!feof($UserPassTxt)) { $line = fgets($UserPassTxt); $tmp = explode(':', $line); if ($tmp[0] == $user) { if (trim($tmp[1]) == trim(password_hash('', PASSWORD_DEFAULT))){ $validUser= true; $_SESSION['user'] = $user; } break; } } fclose($UserPassTxt); if ($validUser != true) $errorText = "Not correct username or password"; if ($validUser == true) $_SESSION['validUser'] = true; else $_SESSION['validUser'] = false; return $errorText; } function logoutUser(){ unset($_SESSION['validUser']); unset($_SESSION['user']); } function checkUser(){ if ((!isset($_SESSION['validUser'])) || ($_SESSION['validUser'] != true)){ header('Location: index.php'); } } ?>
|