PHP Registration form not cheking if username exists - php

I'm writing a code for a simple registration system. I have this part where I check if the username or email already exist. If this is the case, it should show an error message, but it doesn't work. If the username or email exist, the registration form is submitted anyway.
This is my code
Registration.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="shortcut icon" href="favicon.png" type="image/x-icon"/>
<link rel="icon" type="image/png" href="favicon.png" />
<title>Registro</title>
</head>
<body>
<?php
if(isset($_POST['submit'])){
$mysqli = NEW
MySQLi('localhost','user','pass','database');
$username = $_POST['username'];
$name = $_POST['name'];
$pass= $_POST['pass'];
$email= $_POST['email'];
$phone= $_POST['phone'];
$querya=mysqli_query($mysqli,"select * from table where username='$username' && email='$email'");
$num_rowss=mysqli_num_rows($querya);
if ($num_rowss>0){
echo "Username or password is taken, please write a new one."
}else{
$query = "INSERT INTO table(username,name,pass,email,phone)VALUES('"
. $mysqli->real_escape_string($username) .
"' , '"
. $mysqli->real_escape_string($name) .
"' , '"
. $mysqli->real_escape_string($pass) .
"' , '"
. $mysqli->real_escape_string($email) .
"' , '"
. $mysqli->real_escape_string($phone) .
"')
";
$insert = $mysqli->query($query);
if($insert){
header('Location: login.php');
}
}
$mysqli->close();
}
?>
<div>
<h1>Register</h1>
<form action="" method="post" name="registro" id="formulario"><br><br>
<table>
<tr><td>Username: <input type="text" name="username" id="username" required></td>
</tr>
<tr><td>Name:<input type="text" name="name" id="name" required></td>
</tr>
<tr><td>Password: <input type="password" name="pass" required></td>
</tr>
<tr><td>Email: <input type="email" name="email" required></td>
</tr>
<tr><td>Phone: <input type="text" name="phone" required></td>
</tr>
<tr><td> <input name="submit" id="submit" type="submit" value="Registrar" /></td></tr>
</table><br><br>
</form>
</div>
</body>


A couple things:
Concern on SQL Injection - Use Parameters
It should be OR, NOT &&. You want to know if the username or e-mail is found.
You should have some way to handle errors also.
Your query should read as the following:
$querya=mysqli_query($mysqli,"select * from table where username='$username' OR email='$email'");
$num_rowss=mysqli_num_rows($querya);


Try this. it works for me sorry if not!
$querya = "SELECT username, email FROM table WHERE username = '".$name."' OR email = '".$email."'";
$result = $mysqli->query($sql);
if(mysqli_num_rows($result) > 0)
{
echo 'Username or password is taken, please write a new one.';
}
else
{

Related

Submit button don't add data to MySQL

I tried to create a form which will send an email and add data to MySQL data base. For email part because I work on localhost I used formsubmit. All good but there is a conflict. When I press on send only the email is send without any data added to my database. If I delete the action attribute from form data will be added but in this case I can't send any emails. Here is my file:
<?php
require 'config.php';
if(!empty($_SESSION["id"]))
{
$id= $_SESSION["id"];
$result = mysqli_query($conn,"SELECT * FROM tb_user WHERE id= $id");
$row = mysqli_fetch_assoc($result);
}
else
{
header("Location: login.php");
}
if(isset($_POST["submit"]))
{
$name = $_POST['name'];
$email = $_POST['email'];
$cui = $_POST['cui'];
$tip = $_POST['tip'];
$adresa = $_POST['adresa'];
$query = "INSERT INTO beneficiari VALUES('','$email','$name','$cui','$tip','$adresa')";
mysqli_query($conn,$query);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Beneficiari </title>
<link rel="stylesheet" href="indexCSS.css">
<link rel="stylesheet" type="text/css" href="beneficiariCSS.css">
</head>
<body>
<div class="topnav">
Welcome <?php echo $row["name"]; ?>
Logout
<a class="active" href="index.php">Home</a>
Anunturi
Viz
Registration
</div>
<div class="container">
<form action="https://formsubmit.co/0e6b51872b4393271dbfa08bb0655fc8" method="POST">
<h3>Inregistrare</h3>
<input type="text" name="name" id="name" placeholder="Denumire institutie" required>
<input type="email" name="email" id="email" placeholder="Enter an valid email" required>
<input type="text" name="cui" id="cui" placeholder="CUI" required>
<input type="text" name="tip" id="tip" placeholder="Tipul institutie" required>
<input type="text" name="adresa" id="adresa" placeholder="Adresa" required>
<button type="submit" name="submit">Send</button>
</form>
</div>
</body>
</html>

You can remove the action from form, and add it after the SQL query, within the if statement as header, like so:
if(isset($_POST["submit"]))
{
$name = $_POST['name'];
$email = $_POST['email'];
$cui = $_POST['cui'];
$tip = $_POST['tip'];
$adresa = $_POST['adresa'];
$query = "INSERT INTO beneficiari VALUES('','$email','$name','$cui','$tip','$adresa')";
mysqli_query($conn,$query);
header('location: https://formsubmit.co/0e6b51872b4393271dbfa08bb0655fc8');
}
I believe this will work.
But whatever you do make sure you check the input!! The way you are handling your input right now is very dangerous, and allows users to inject you with SQLs (read up on SQL injections and protection)

PHP Registration Username/Password Incorrect

I am not sure what the problem is here. The user data is in my MySQL database, and correct. However when I try to login I get an error saying user/password is incorrect. I am trying to login using the users email address. In addition I want to add the first name, and user id to the session.
<?php
session_start();
include_once 'dbconnect_new.php';
if(isset($_SESSION['user'])!="")
{
header("Location: ../index.php");
}
if(isset($_POST['btn-login']))
{
$s_email = mysql_real_escape_string($_POST['email']);
$s_password = mysql_real_escape_string($_POST['password']);
$s_email = trim($s_email);
$s_password = trim($s_password);
$res=mysql_query("SELECT student_id, student_password, student_firstname FROM studentdata WHERE student_email='$s_email'");
$row=mysql_fetch_array($res);
$count = mysql_num_rows($res); // if uname/pass correct it returns must be 1 row
if($count == 1 && $row['student_password']==md5($s_password))
{
$_SESSION['user'] = $row['student_id'];
header("Location: ../index.php");
}
else
{
?>
<script>
alert('Username / Password Seems Wrong !');
</script>
<?php
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>New Reg Page</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<center>
<div id="login-form">
<form method="post">
<table align="center" width="30%" border="0">
<tr>
<td>
<input type="text" name="email" placeholder="Your Email" required />
</td>
</tr>
<tr>
<td>
<input type="password" name="password" placeholder="Your Password" required />
</td>
</tr>
<tr>
<td>
<button type="submit" name="btn-login">Sign In</button>
</td>
</tr>
<tr>
<td>Sign Up Here</td>
</tr>
</table>
</form>
</div>
</center>
</body>
</html>

Try this code:-
$s_email = mysql_real_escape_string($_POST['email']);
$s_password = mysql_real_escape_string($_POST['password']);
$s_email = trim($s_email);
$s_password = md5(trim($s_password));
$res=mysql_query("SELECT student_id, student_firstname FROM studentdata WHERE student_email='$s_email' AND student_password = '$s_password'");
if (!$res) {
// Debug query result by below code
//echo 'Could not run query: ' . mysql_error();
//exit;
echo '<script language="javascript">';
echo 'alert("Username / Password Seems Wrong !")';
echo '</script>';
}else{
$row = mysql_fetch_row($result);
$stu_id = $row[0];
$stu_fname = $row[1];
$_SESSION['user'] = $stu_id;
header("Location: ../index.php");
}
Hope this will help you :)

How to link up the tables in MySQL

I have created 2 tables for phpMyAdmin. One of them is countries and the other is the users.
Countries table:
Users table:
I know how to create forms with HTML and PHP. I want my users to select a country, but the countries are in the different table and cannot be placed in the users table. Would I need to link it up by using the 'SQL' section on phpMyAdmin or is there a PHP code for it?
I haven't fully constructed the php form yet(just started!)
<h1>Register</h1>
<form action="" method="POST">
<p>
<label>UserName : </label>
<input id="username" type="text" name="usernamet" placeholder="Username" />
</p>
<input id="teamname" type="text" name="username" placeholder="Team Name" />
</p>
<select name="countries">
<option value="England">Volvo</option>
<option value="Spain">Saab</option>
<option value="Turkey">Fiat</option>
<option value="France">Audi</option>
</select>
<p>
<label>E-Mail :</label>
<input id="password" type="email" name="email" />
</p>
<p>
<label>Password : </label>
<input id="password" type="password" name="password" placeholder="password" />
</p>
<a class="btn" href="login.php">Login</a>
<input class="btn register" type="submit" name="submit" value="Register" />
</form>

Okay... here goes my answer.
As I said, if you plan on asking for a user country, you HAVE to have a place to store it in that same table but if you plan on storing it in another table, that is fine too but you will need to change my single query insert into two query inserts. One to go into a table for your user information and the other to go into the table with the information that will hold the user ID# from the users table (or the id column) and the value from the form.
Original Table:
New Table that I'm working with:
This form also includes error handling options like a blank form. If you want to validate email addresses and the like, search around for a function that will do just that and throw a handler in the verification section below. Also this code assumes you want the form to be processed on its self, that is the form and the code to process the form reside on the same script page. If you plan on doing anything besides, edit the <form action= and remove the <?php ... ?> coding from it. If you want to remove any of this, delete the lines of code related to that.
Also note that this script is using mysqli_ functions and not mysql_ functions as mysql_ and related functions are considered deprecated and will eventually be removed from PHP as of PHP 5.4 (I believe.)
If you don't want confirmation pages, you can edit the script to do just that for you. If you need anything else, edit your original question.
Your problem with the going through the countries list is resolved simply by performing a SELECT * query and then proceeding to loop through the results of that query and adding them to an array as I did. In this case, I used a while() loop to cycle through the results of the array returned from the mysqli_query() function and added the formatted results to an array that will eventually be outputted to the form.
<?php
//Define MySQLi connection information
$db = mysqli_connect("localhost", "stackoverflow", "", "stackoverflow");
// mysqli_connect(SERVER_ADDR, DB_USER, DB_PASSWORD, DB_NAME)
if (mysqli_connect_errno()) {
die("Failed to connect to MySQL: " . mysqli_connect_error());
}
if(isset($_POST) && sizeof($_POST) > 0 ) {
// If there is something to post, start this branch
$username = mysqli_real_escape_string($db, $_POST['username']);
$teamname = mysqli_real_escape_string($db, $_POST['teamname']);
$usercountry = mysqli_real_escape_string($db, $_POST['countries']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$password = mysqli_real_escape_string($db, $_POST['password']);
// Check to make sure we have a valid form.
// If you need more, follow the same pattern.
if (empty($username) || empty($_POST['username'])) $error[] = "Username cannot be empty.";
if (empty($email) || empty($_POST['email'])) $error[] = "Email Address cannot be empty.";
if (empty($password) || empty($_POST['password'])) $error[] = "Password cannot be blank.";
if (empty($usercountry) || empty($_POST['countries'])) $error[] = "Please select a country from the drop down list.";
if (!isset($error)) {
// No errors? No problem. Insert the form data into the database.
$user_insert = "INSERT INTO users (username, teamname, country, email, password, active, rank) VALUES ('" . $username . "' , '" . $teamname . "', '" . $usercountry ."', '" . $email ."', PASSWORD('" . $password . "'), 1, 1)";
mysqli_query($db, $user_insert);
}
} ?>
<?php if (isset($error) || empty($_POST)) {
// There was noting to post, so show the form to collect the information.
// Retrieve the values from the countries table.
$countries = mysqli_query($db, "SELECT * FROM countries ORDER BY countryName");
$country_options = array();
$country_options[] = array('value' => '', 'text' => '');
while($row= mysqli_fetch_array($countries)) {
$country_options[] = array('value' => $row['idCountry'], 'text' => $row['countryName']);
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>User Registration Form</title>
<!-- include your <style> CSS or imports here -->
<style>
.leftCell {
width: 160px;
}
.error {
border: 1px solid #FF0000;
background-color: #FFCCCC;
color: #FF0000;
padding: 10px;
</style>
</head>
<body>
<?php if (isset($error)) { ?>
<div class="error">
<b>Please fix the following errors:</b>
<ul>
<?php foreach($error as $error_text) {
echo "<li>" . $error_text . "</li>";
}
?>
</ul>
</div>
<?php } ?>
<!-- assuming you do not already have a script to input the data, I'm using this page to input the data -->
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="POST">
<!-- Let's create a table -->
<h1>Register</h1>
<table>
<tr>
<td class="leftCell">Desired User Name:</td>
<td><input id="username" type="text" name="username" placeholder="Username" value="<?php echo (isset($username) ? $username : ''); ?>"/></td>
</tr>
<tr>
<td class="leftCell">Team Name:</td>
<td><input id="teamname" type="text" name="teamname" placeholder="Team Name" value="<?php echo (isset($teamname) ? $teamname : ''); ?>"/></td>
</tr>
<tr>
<td style="width: 50px;">User Country:</td>
<td><select name="countries">
<?php
foreach($country_options as $country) {
echo '<option value="' . $country['value'] . '" ' . ($country['value'] == $usercountry ? 'selected="selected"' : '') . '>' . $country['text'] . "</option>";
}
?>
</select></td>
</tr>
<tr>
<td class="leftCell">E-Mail:</td>
<td><input id="email" type="text" name="email" placeholder="E-Mail" /></td>
</tr>
<tr>
<td class="leftCell">Password:</td>
<td><input id="password" type="password" name="password" placeholder="Password" /></td>
</tr>
</table>
<a class="btn" href="login.php">Login</a><br />
<input class="btn register" type="submit" name="submit" value="Register" />
</form>
</body>
</html>
<?php } else { ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>User Registration - Success</title>
</head>
<body>
<h1>The user was successfully registered!</h1>
</body>
</html>
<?php } ?>

Updating database with MYSQLi

I have been updating my members site so it will work with mysqli. I'm rather new to php and mysql.
I have a page where users can edit their information in a form which posts to send_post.php.
Can anyone tell me what is wrong with my code? I just get a white screen and a syntax error, 'unexpected ',' in send_post.php on line 7'.
This is the page with my form.
<?php
// See if they are a logged in member by checking Session data
include_once("php_includes/check_login_status.php");
if (isset($_SESSION['username'])) {
// Put stored session variables into local php variable
$username = $_SESSION['username'];
}
//Connect to the database through our include
include_once "php_includes/db_conx.php";
// Query member data from the database and ready it for display
$sql = "SELECT * FROM members WHERE username='$username' AND activated='1' LIMIT 1";
$user_query = mysqli_query($db_conx, $sql);
// Now make sure that user exists in the table
$numrows = mysqli_num_rows($user_query);
if($numrows < 1){
echo "That user does not exist or is not yet activated, press back";
exit();
}
while ($row = mysqli_fetch_array($user_query, MYSQLI_ASSOC)) {
$state = $row["state"];
$city = $row["city"];
$name = $row["name"];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<link rel="shortcut icon" href="../../assets/ico/favicon.png">
<title>Edit</title>
</head>
<body>
<br>
<div class = "container">
<div align="center">
<h3><br />
Edit your account info here<br />
<br />
</h3>
<table align="center" cellpadding="8" cellspacing="8">
<form action="send_post.php" method="post" enctype="multipart/form-data" name="form"
id="form">
<tr>
<td><div align="right">Name:</div></td>
<td><input name="city" type="text" id="city" value="<?php echo "$name"; ?>"
size="30" maxlength="24" /></td>
</tr>
<tr>
<td><div align="right">State:</div></td>
<td><input name="state" type="text" id="state" value="<?php echo "$state"; ?>"
size="30" maxlength="64" /></td>
</tr>
<tr>
<td><div align="right">City:</div></td>
<td><input name="city" type="text" id="city" value="<?php echo "$city"; ?>"
size="30" maxlength="24" /></td>
</tr>
<tr>
<td> </td>
<td><input name="Submit" type="submit" value="Submit Changes" /></td>
</tr>
</form>
</table>
</div>
</div>
</body>
</html>
This is the form processing page. send_post.php
<?php
if ($_POST['state']) {
$city = $_POST['city'];
$name = $_POST['name'];
//Connecting to sql db.
$connect = mysqli_connect("localhost","username","password","database");
$mysqli_query=($connect,"UPDATE members (`state`, `city`, `name` WHERE
username='$username'");
VALUES ('$state', '$city', '$name')";
mysqli_query($connect, $query);
mysqli_close($connect);
echo "Your information has been successfully added to the database.";
?>

Add a hidden field in the form like this
<input type="hidden" name="username" value="<?php echo $username; ?>">
Change send_post.php
<?php
//checking that all the fields have been entered
if( isset( $_POST['state'] ) && !empty( $_POST['state'] ) )
{
$state = $_POST['state'];
}
if( isset( $_POST['city'] ) && !empty( $_POST['city'] ) )
{
$city = $_POST['city'];
}
if( isset( $_POST['name'] ) && !empty( $_POST['name'] ) )
{
$name = $_POST['name'];
}
if( isset( $_POST['username'] ) && !empty( $_POST['username'] ) )
{
$username = $_POST['username'];
}
//Connecting to sql db.
$mysqli = new mysqli("localhost","username","password","database");
//updating database
$query = $mysqli->query( "UPDATE members SET `state` = '$state', `city` = '$city', `name` = '$name' WHERE `username` = '$username'" );
//closing mysqli connection
$mysqli->close;
//echoing that the information has been added
echo "Your information has been successfully added to the database.";
?>

change
$mysqli_query=($connect,"UPDATE members (`state`, `city`, `name` WHERE
username='$username'");
VALUES ('$state', '$city', '$name')";
to
$mysqli_query=($connect,"UPDATE members (`state`, `city`, `name`) VALUES ('$state', '$city', '$name') WHERE username='$username' ");

How can Update account which corresponds with the Pin inputted?

I have this Alumni Directory System that when users wants to join the site, he/she will input the correct pin for his/her account. If the pin was correct, he will be directed to the account creation page which includes: username,password and email.
This inputs will be updated to his existing record on the database. Here's the scripts that I've been using, and got problem on how to update the inputs of the user to the database.
verify.php
<?php
// Start Session to enable creating the session variables below when they log in session_start();
include 'scripts/connect_to_mysql.php';
// Connect to the database
// Force script errors and warnings to show on page in case php.ini file is set to not display them
error_reporting(E_ALL);
ini_set('display_errors', '1'); ?> <?php //
//Initialize some vars
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<link href="stylesheets/style.css" rel="stylesheet" type="text/css"/>
<title>Enter Your Pin</title>
<body>
<div id="main_content">
<form id="form1" name="form1" method="post" action="createaccount.php" style="height: 96px;">
<label>Confirmation Number:
<input type="text" name="confirm" id="ed"/> </label>
<p>
<input name="" type="submit" value="Log-in" id="button1"/>
</p>
</form>
createaccount.php
<?php
include_once "scripts/connect_to_mysql.php";
$confirm = $_POST['confirm'];
$result = mysql_query("SELECT * FROM myMembers where confirmation='$confirm'");
while($row = mysql_fetch_array($result))
{
$id = $row['id'];
$username = $row['username'];
$password = $row['password'];
$email = $row['email'];
}
?>
<?php
if (isset ($_POST['username'])){
$username = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['username']); // filter everything but letters and numbers
$email = $_POST['email'];
$password = $_POST['password'];
$email = stripslashes($email);
$password= stripslashes($password);
$email = strip_tags($email);
$password= strip_tags($password);
// Connect to database
include_once "scripts/connect_to_mysql.php";
$emailCHecker = mysql_real_escape_string($email);
$emailCHecker = str_replace("`", "", $emailCHecker);
// Database duplicate username check setup for use below in the error handling if else conditionals
$sql_uname_check = mysql_query("SELECT username FROM myMembers WHERE username='$username'");
$uname_check = mysql_num_rows($sql_uname_check);
// Database duplicate e-mail check setup for use below in the error handling if else conditionals
$sql_email_check = mysql_query("SELECT email FROM myMembers WHERE email='$emailCHecker'");
$email_check = mysql_num_rows($sql_email_check);
// Error handling for missing data
if ((!$username) || (!$email) || (!$password)) {
$errorMsg = 'ERROR: You did not submit the following required information:<br /><br />';
}
if(!$username){
$errorMsg .= ' * User Name<br />';
}
if(!$email){
$errorMsg .= ' * Email Address<br />';
}
if(!$password){
$errorMsg .= ' * Password<br />';
} else if (strlen($username) < 4) {
$errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 4 - 20 characters please.<br />";
} else if (strlen($username) > 20) {
$errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 4 - 20 characters please.<br />";
} else if ($uname_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside of our system. Please try another.<br />";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside of our system. Please use another.<br />";
} else { // Error handling is ended, process the data and add member to database
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}
$username = mysql_real_escape_string($username);
$email = mysql_real_escape_string($email);
$password = mysql_real_escape_string($password);
// Add MD5 Hash to the password variable
$db_password = md5($password);
// GET USER IP ADDRESS
$ipaddress = getenv('REMOTE_ADDR');
// Add user info into the database table for the main site table
$sql = mysql_query("UPDATE myMembers SET username='$username', email='$email', password='$db_password', ipaddress='ipaddress', sign_up_date WHERE confirmation='$confirm'");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Create Account | <?php echo $MySocialSitename; ?></title>
<link href="style/main.css" rel="stylesheet" type="text/css" />
<script src="js/jquery-1.4.2.js" type="text/javascript"></script>
<script language="javascript" type="text/javascript">
$(document).ready(function() {
$("#username").blur(function() {
$("#nameresponse").removeClass().text('Checking Username...').fadeIn(1000);
$.post("scripts/check_signup_name.php",{ username:$(this).val() } ,function(data) {
$("#nameresponse").fadeTo(200,0.1,function() {
$(this).html(data).fadeTo(900,1);
});
});
});
});
function toggleSlideBox(x) {
if ($('#'+x).is(":hidden")) {
$('#'+x).slideDown(300);
} else {
$('#'+x).slideUp(300);
}
}
</script>
</head>
<body>
<br /><br />
<table class="mainBodyTable" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="738" valign="top">
<h2 style="margin-left:80px;">Create Your Account </h2>
<table width="600" align="center" cellpadding="8" cellspacing="0" style="border:#999 1px solid; background-color:#FBFBFB;">
<form action="createaccount.php" method="post" style="margin-top: -31px;" name="personal">
<tr>
<td colspan="2"><font color="#FF0000"><?php print "$errorMsg"; ?></font></td>
</tr>
<tr>
<tr>
<td width="114" bgcolor="#FFFFFF">User Name:<span class="brightRed"> *</span></td>
<td width="452" bgcolor="#FFFFFF"><input name="username" type="text" class="formFields" id="username" value="<?php echo $username;?>" size="32" maxlength="20" /><br />
<span id="nameresponse"><span class="textSize_9px"><span class="greyColor">Alphanumeric Characters Only</span></span></span></td>
</tr>
<tr>
<td><div align="right" class="style1">Password:</div></td>
<td><input name="password" type="password" class="ed" id="last" size="40" value="" /></td>
<td> </td>
</tr>
<tr>
<td><div align="right" class="style1">Email Address:</div></td>
<td><input name="email" type="text" class="ed" id="address" size="40" value="" /></td>
<td> </td>
</tr>
<tr>
<td><div align="right"></div></td>
<td colspan="2"><label>
<input type="checkbox" name="condition" value="checkbox" />
<span class="style1"><small>i agree the <a rel="facebox" href="terms_condition.php">terms and condition</a> of this alumni</small></span></label></td>
</tr>
<tr>
<td><div align="right"></div></td>
<td><input name="but" type="submit" value="Confirm" /></td>
<td> </td>
</tr>
</table>
</form>
</table>
</body>
</html>
After the update was finished it will direct the user to the login page.

You should Post your Verify.php file code as you say the error is in that page,
Assuming entiries for each person will have only their passcoe and all other fields are empty before they create their account
// in verify.php page
if(isset($_POST['passcode']))
{
$enteredCode=$_POST['passcode'];
$records=mysql_query("select passcode from table where user_id =X");
if( mysql_num_rows($records == 1)
{
while($row=mysql_fetch_array($records))
{
$passcode==$row['passcode'];
}
if($enteredCode == $passcode)
{
header("location:createAccount.php");
}
else
{
// do not redirect, print error msg
}
}
}

Categories