I am making a registration form and i trying to output the form on the same page as the php code it is not working i am using echo but nothing get this displayed. All code looks ok but nothing. Any help appreciated.
<?php include("../includes/header.php");
// Begin Create new user function
// Variables that data come from the submission form
$username = $_POST["user"]; // Username that will be MD5'ed
$usernamereal = $_POST["user"]; // Username
$password = $_POST["pass"]; // Password that will be MD5'ed
$name = $_POST["name"]; // Name
$address = $_POST["address"]; // Address
$suburb = $_POST["suburb"]; // Suburb
$state = $_POST["state"]; // State
$postcode = $_POST["postcode"]; // Postcode
$phone1 = $_POST["phone1"]; // Phone Number 1
$phone2 = $_POST["phone2"]; // Phone Number 2
$emailaddress = $_POST["email"]; // Email Address
// Get IP Address of user
$ipaddress = $_SERVER["REMOTE_ADDR"];
/* Check if all the sections are completed as a whole, then if one isn't
filled out display the error message for that/those particular variables. */
if ((!$username) || (!$password) || (!$name) || (!$address) || (!$suburb) || (!$state) || (!$postcode) || (!$phone1) || (!$phone2) || (!$emailaddress)) {
echo "You didn't submit the following required information:<br><br>";
if(!$username) {
echo "Please enter a username<br>";
}
if (!$password) {
echo "Please enter a password<br>";
}
if (!$name) {
echo "Please enter a name<br>";
}
if (!$address) {
echo "Please enter a address<br>";
}
if (!$suburb) {
echo "Please enter a suburb<br>";
}
if (!$state) {
echo "Please enter a state<br>";
}
if (!$postcode) {
echo "Please enter a postcode<br>";
}
if (!$phone1) {
echo "Please enter a phone number for phone number 1<br>";
}
if (!$phone2) {
echo "Please enter a phone number for phone number 2<br>";
}
if (!$emailaddress) {
echo "Please enter a email address<br>";
}
exit(); // If there are errors then we quit this script
}
// Check if postcode is a numeric
if ((!is_numeric($postcode))) {
echo "Please enter a postcode";
exit();
}
// Check if phone number 1 is a numeric
if ((!is_numeric($phone1))) {
echo "Please enter a phone number for phone number 1";
exit();
}
// Check if phone number 2 is a numeric
if ((!is_numeric($phone2))) {
echo "Please enter a phone number for phone number 2";
exit();
}
// Use Connect Script
include("connect.php");
// Get date from MySQL Server
$currentdatetime = mysql_query('select now()');
$curdatetime = mysql_result($currentdatetime,0);
/* Check if username exists. If not then add all data to the database.
If so then ask user for another name to try. */
// MD5 Username and Password
$username = MD5($username);
$password = MD5($password);
// Check if the username exists
$usernameinuse = mysql_query("SELECT * FROM userdata WHERE userid = '$username'");
$isusernameinuse = mysql_num_rows($usernameinuse);
// If username exists then print error message and exit script
if ($isusernameinuse == 1) {
echo "The username you selected is already been used by another member.<BR>Go back and select a new username";
exit;
}
else {
// Find out how many users there are so that you can determine the next user number
$usercount = mysql_query("SELECT * FROM userdata");
$noofusers = mysql_num_rows($usercount);
// New user number = User number + 1
$usernumber = $noofusers + 1;
// Insert the new user to the database since everything is fine
mysql_query("INSERT INTO userdata VALUES ('$username','$password','$name','$address','$suburb','$state','$postcode','$phone1','$phone2','$emailaddress','$curdatetime','$ipaddress','$usernumber','$usernamereal')");
// Print Successful Creation of user message
echo "User " . $usernamereal . " has been created successfully.<BR>Click login at the top to login.";
}
echo "
<div class='main-content-wrap'>
<div class='main-content'>
<h1>CREATE YOUR ACCOUNT:</h1>
<div id='main'>
<div id='regbox'>
<form name='newUser' action='".$_SERVER['PHP_SELF']."' method='post'>
<table border='0' width='100%' id='table1' height='321'>
<tr>
<td width='115'><font face='Tahoma'>Email</font></td>
<td> <input type='text' name='email' /></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Password</font></td>
<td> <input type='password' name='pass' maxlength='15' /></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>First Name</font></td>
<td> <input type='text' name='fname' /></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Last Name</font></td>
<td> <input type='text' name='lname' /></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Phone</font></td>
<td> <input type='text' name='phone' maxlength='10'/></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Username:</font></td>
<td> <input type='text' name='username' maxlength='15'/></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>ZNZ Single ID</font></td>
<td> <input type='text' name='znzasid' /></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>ZNZ Double ID</font></td>
<td> <input type='text' name='znzdid' /></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Empower Network ID</font></td>
<td> <input type='text' name='enid' /></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>ZNZADTEAM LINK</font></td>
<td> <input type='text' name='znztl' maxlength='5'/></td>
</tr>
<tr>
<td width='115'><font face='Tahoma'>Verification</font></td>
<td> <input type='text' name='captcha'/></td>
</tr>
<tr>
<td width='115' height='44'> </td>
<td height='44'> <input type='submit' value='Create User'>
<input type='reset' value='Reset'></td>
</tr>
</table>
</form>
</div>
</div>
</div>
";
include("../includes/footer.php"); ?>
Your divs are unmatched. You have 4 opening divs and only 3 closing divs.
Related
i am creating a code for email confirmation link. user inserted email id , n stores in db. Next time when user insert id into form, first of all it will check whether email id is already present in db or not. If y then said 'already exists' & if n then insert it into db. Initially i am inserting data into db. then i want to compare user input email is with db email id. so i dont know how i retrieve data on pg then compare it. here is my code
<html>
<body>
<form name="form" method="post">
<table>
<tr>
<td>First Name</td>
<td><input type="text" name="fname" required pattern="[a-zA-Z]+" /></td>
</tr>
<tr>
<td>Last Name</td>
<td><input type="text" name="lname" required pattern="[a-zA-Z]+" /></td>
</tr>
<tr>
<td>Email Id</td>
<td><input type="email" name="mail" required /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submit" value="submit" /></td>
</tr>
</table>
</form>
<?php
include 'connection.php';
if(isset($_POST["submit"]))
{
$fname="'".trim(addslashes($_POST["fname"]))."'";
$lname="'".trim(addslashes($_POST["lname"]))."'";
$email="'".trim(addslashes($_POST["mail"]))."'";
$key="'".MD5(microtime())."'";
$to=$email;
$subject="Confirm your email id";
$message="Hello $fname
Click on below link to confirm your id.
www.vs.com/abcdefghojklmnopqrstuvwxyz.php?code=$key
";
$header="From :sneha#valencynetworks.com";
// echo $fname."<br />".$email."<br />".$to."<br />".$subject."<br />".$message."<br />".$header;
if(mail($to,$subject,$message,$header))
{
$sql="insert into confirm_emailid values($email,$fname,$lname,$key,'1')";
if(mysqli_query($con,$sql))
{
die("Check your id for confirmation".mysqli_error($con));
}
}
/*$sql1=mysqli_query($con,"select * from random_key where eid=$email");
while($row=mysqli_fetch_assoc($sql1))
{
echo $row['eid'];
}*/
$result="SELECT count(eid) as number_of_occurences FROM confirm_emailid WHERE eid = $_POST['mail']";
if ($row['number_of_occurences'] == 0) {
echo "this adresse isn't in the database, so add it !";
}
else {
echo "already in the database :(";
}
mysqli_close($con);
}
?>
</body>
</html>
The best way is to use Ajax for compare this email field with database emails.
Steps :
List item
On focusout from email field call ajax request
This ajax request fields contain user entered email
on php page its checks whether email exists o not if exists it gives false flag and if not it gives true flag.
4.From this method you can check email without page loading.
When your form is submited, you have an array $_POST.
So, you just have to select from your database the sames values : exemple :
SELECT count(id) as number_of_occurences FROM member WHERE mail_adresse = $_POST['e-mail'] ;
You fetch the data like you did other times, and just compare $row['number_of_occurences'] to 0.
if ($row['number_of_occurences'] == 0) {
this adresse isn't in the database, so add it !
}
else {
already in the database :(
}
index.php
<html>
<body>
<form name="form" method="post" action="process.php">
<table>
<tr>
<td>First Name</td>
<td><input type="text" name="fname" required pattern="[a-zA-Z]+" /></td>
</tr>
<tr>
<td>Last Name</td>
<td><input type="text" name="lname" required pattern="[a-zA-Z]+" /></td>
</tr>
<tr>
<td>Email Id</td>
<td><input type="email" name="mail" required /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submit" value="submit" /></td>
</tr>
</table>
</form>
</body>
process.php
<?php
$host = "localhost";
$user = "root";
$password = "yourpass";
$database = "your database name";
// Establish server connection and select database
$dbh = mysqli_connect($host, $user, $password, $database);
if (mysqli_connect_errno()) {
die('Unable to connect to database ' . mysqli_connect_error());
} else {
// run query to fetch records
// $result = mysqli_query($dbh, "SELECT email_address FROM users ");
/* fetch associative array */
$email = $_POST['mail'];
$query = "SELECT `eid` FROM `confirm_emailid` WHERE `eid` = '$email'";
$result = mysqli_query($dbh, $query); //$link is the connection
if (mysqli_num_rows($result) > 0) {
die('email already exists');
} else {
$query = mysqli_query($dbh, "insert into users(email_address) values('$email')");
echo 'data inserted succesfully';
}
}
So I'm having a challenge with a subscription system that I've been building.
I'm using a simple login php page to validate the username and password of the user against the DB, once authenticated the script creates a secure session and calls the edit_subscription.php file and passes the ID of the user through the Url.
The edit_subscription.php file takes the ID and pulls the user info using MYsql
and loads their info into a form. The user can then edit or modify their subscription details and press the submit button to update the DB.
Everything works except the mysql Update back to the DB.
I've managed to narrow the problem down to the ID variable
If I hardcode the variable into the update command it works and the db is updated
If I hardcode the ID into a variable used in the update command, it works up to a point. if I move that hardcoded variable in front of line 42 the update command will no longer work.
I think it's something to do with the post command, but even when I load the old ID into a hidden form and try to have it repost for the update command it still doesn't work and treats the variable as if it's empty.
I've tried for hours to get this working, and just can seem to get it going.
anyone have any suggestions pertaining to specifically this issue
(please don't comment of security or, best practices unless it relates specifically to the issue described thanks)
<?
$id = htmlspecialchars($_GET['ID']);
$username="****";
$database="****";
$host="****";
$pass ="****";
mysql_connect($host,$username,$pass);
#mysql_select_db($database) or die( "Unable to select database");
$result = mysql_query("SELECT * FROM `****`.`****` WHERE `Subscriber ID` = '$id' LIMIT 1");
$name_old=mysql_result($result,0,"Name");
$address1_old=mysql_result($result,0,"Address 1");
$address2_old=mysql_result($result,0,"Address 2");
$city_old=mysql_result($result,0,"City");
$prov_old=mysql_result($result,0,"Prov");
$postal_old=mysql_result($result,0,"Postal");
$country_old=mysql_result($result,0,"Country");
$email_old=mysql_result($result,0,"Email");
$qty_old=mysql_result($result,0,"qty");
$status_old=mysql_result($result,0,"Status");
$ezine_old=mysql_result($result,0,"Ezine");
$mailout_old=mysql_result($result,0,"Mailout");
$password_old=mysql_result($result,0,"Password");
$nameErr = $emailErr = $passwordErr = "";
$name=$_POST['name'];
$email=$_POST['email'];
$address1=$_POST['address1'];
$address2=$_POST['address2'];
$city=$_POST['city'];
$province=$_POST['prov'];
$postal=$_POST['postal'];
$country=$_POST['country'];
$password=$_POST['password'];
$mailout=$_POST['mailout'];
$ezine=$_POST['ezine'];
$status="Subscribed";
$qty=$_POST['qty'];
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["password"])) {
$passwordErr = "* Password is required";
}
if (empty($_POST["name"])) {
$nameErr = "* Name is required";
} else {
$name = test_input($_POST["name"]);
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "* Invalid Characters";
}
}
if(isset($_POST['mailout'])){}
else{
$mailout="NO";
}
if(isset($_POST['ezine'])){}
else{
$ezine="NO";
}
if (empty($_POST["email"])) {
$emailErr = "* Email is required";
} else {
$email = test_input($_POST["email"]);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "* Invalid email";
}
}
if($name != NULL AND $nameErr == ""){
if($email != NULL AND $emailErr == ""){
if($password != NULL AND $passwordErr == ""){
mysql_query("UPDATE `Subscribers` SET
`Name` ='$name',
`Email` = '$email',
`Address 1` = '$address1',
`Address 2` = '$address2',
`City` = '$city',
`Prov` = '$province',
`Postal` = '$postal',
`Country` = '$country',
`Password` = '$password',
`qty` = '$qty',
`Status` = '$status',
`Mailout` = '$mailout',
`Ezine` = '$ezine',
WHERE `Subscriber ID` = $id");
mysql_close();
echo ("<p align=\"center\"><font color=\"red\">Thank you for updating your subscription, you should receive an email confirmation shortly</font></p>");
}
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<table width="100%" border="0">
<tr>
<td width="11%" align="right">Name</td>
<td width="3%"> </td>
<td width="47%"><input type="text" name="name" value="<?php echo $name_old;?>">
<font color="red"> <?php echo $nameErr;?></font></td>
<td width="39%" bgcolor="#CCCCCC"><input type="checkbox" name="ezine" value="YES"
<? if($ezine_old =="YES"){echo "checked";} ?>>
Subscribe by email</td>
</tr>
<tr>
<td width="11%" align="right">Address 1</td>
<td> </td>
<td width="47%"><input type="text" name="address1" value="<?php echo $address1_old;?>"></td>
<td bgcolor="#CCCCCC"><input type="checkbox" name="mailout" value="YES" <? if($mailout_old =="YES"){echo "checked";} ?>>
Subscribe by Post </td>
</tr>
<tr>
<td width="11%" align="right">Address 2</td>
<td> </td>
<td width="47%"><input type="text" name="address2" value="<?php echo $address2_old;?>"></td>
<td bgcolor="#CCCCCC"><input type="text" name="qty" value="<?php echo $qty_old;?>" size="5">
# of copies.</td>
</tr>
<tr>
<td align="right">City</td>
<td> </td>
<td><input type="text" name="city" value="<?php echo $city_old;?>"></td>
<td> </td>
</tr>
<tr>
<td align="right">Province</td>
<td> </td>
<td><input type="text" name="prov" value="<?php echo $prov_old;?>" >
<td> </td>
</tr>
<tr>
<td align="right">Postal</td>
<td> </td>
<td><input type="text" name="postal"value="<?php echo $postal_old;?>" ></td>
<td></td>
</tr>
<tr>
<td align="right">Country</td>
<td> </td>
<td><input type="text" name="country" value="<?php echo $country_old;?>" ></td>
<td> </td>
</tr>
<tr>
<td align="right">Email</td>
<td> </td>
<td colspan="2"><input type="text" name="email" value="<?php echo $email_old;?>">
<font color="red"><?php echo $emailErr;?></font></td>
</tr>
<tr>
<td align="right">Password</td>
<td> </td>
<td colspan="2"><input type="password" name="password" value="<?php echo $password_old;?>">
<font color="red"> <?php echo $passwordErr;?></font></td>
</tr>
<tr>
<td align="right"> </td>
<td> </td>
<td> </td>
<td></td>
</tr>
<tr>
<td align="right"> </td>
<td><img src="images/shim.png" width="20" height="20" /></td>
<td><input type="Submit" ></td>
<td> </td>
</tr>
</table>
<p> </p>
</form>
There is a comma after
Ezine = '$ezine' ,
Remove it. Also you shall also use mysqli extension or PDO sql . mysql_ is deprecated
As you said, there is a lot wrong with that code.. however to satisfy your question here is the simple answer:
You left an extra comma in your update statement.
`Ezine` = '$ezine',
In the future try always checking if the query went through.
$result = mysql_query(..);
if($result) {
// it worked
} else {
// it failed
echo mysql_error(); // or mysqli_error($link); or $link->error, etc.
}
Best of luck
I'm working on a registration form for my website.
One of the fields on my registration form is a drop down box that is populated by a table on my MySQL database.
I originally wrote the registration script a different way but I needed to change how the form worked to accommodate the new drop down box and the way it gathered its data.
Before the changes the form was successfully submitted, but now it just gives me a white screen.
I have checked the mysqli_connect.php with an if-else statement. It showed that it was working but no registrations were being sent to the MySQL server when the submit button was pressed. Also, the drop down box was not showing any of the content from the MySQL table that it was linked to.
Below is a copy of the script that I am using:
<?php
#ini_set('display_errors', 'on');
echo "<h1>Register</h1>";
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
$errors = array();
if (empty($_POST['firstname'])){
$errors[] = 'Your forgot to enter your first name.';
}else{
$firstname = trim($_POST['firstname']);
}
if (empty($_POST['lastname'])){
$errors[] = 'Your forgot to enter your last name.';
}else{
$lastname = trim($_POST['lastname']);
}
if (empty($_POST['username'])){
$errors[] = 'Your forgot to enter your username.';
}else{
$username = trim($_POST['username']);
}
if (!empty($_POST['password1'])) {
if ($_POST['password1'] != $_POST ['password2']) {
$errors[] = 'Your password did not match the confirmed password!';
}else{
$password = trim($_POST['password1']);
}
} else {
$errors[] = 'You forgot to enter your password!';
}
if (empty($_POST['birthdate'])){
$errors[] = 'Your forgot to enter your birthdate.';
}else{
$birthdate = trim($_POST['birthdate']);
}
if (empty($_POST['gamespyid'])){
$errors[] = 'Your forgot to enter your gamespy id.';
}else{
$gamespyid = trim($_POST['gamespyid']);
}
if (empty($errors)) {
require ('mysqli_connect.php');
$q="INSERT INTO Users (firstname, lastname, username, password1, birthdate, gamespyid, base) VALUES ('$firstname', '$lastname', '$username', SHA1('$password1'), '$birthdate', '$gamespyid', '$base')";
$r = #mysql_query($dbc, $q);
if ($r){
echo'<p>You are now registered</p>';
}else{
echo'<p>You have not been registered</p>';
}
} else {
echo 'Error<br> <p>The following errors have occured:<br/>';
foreach ($error as $msg) {
echo " - $msg<br/>\n";
}
echo '</p><p>Please try again.</p><p><br/></p>';
} //if no errors
} //submit
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head>
<title></title>
</head>
<body>
<form action="../pages/register.inc.php" method='POST'>
<table summary="REgform">
<tr>
<td>First Name:</td>
<td><input type='text' name='firstname' value='<?php echo $firstname; ?>'></td>
</tr>
<tr>
<td>Last Name:</td>
<td><input type='text' name='lastname'value='<?php echo $lastname; ?>'></td>
</tr>
<tr>
<td>Username:</td>
<td><input type='text' name='username'value='<?php echo $username; ?>'></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password1'></td>
</tr>
<tr>
<td>Repeat Password:</td>
<td><input type='password' name='password2'></td>
</tr>
<tr>
<td>Birthdate:</td>
<td><input type='text ' name='birthdate'value='<?php echo $birthdate; ?>'></td>
</tr>
<tr>
<td>Gamespy Id:</td>
<td><input type='text' name='gamespyid'value='<?php echo $gamespyid; ?>'></td>
</tr>
<tr>
<td>Base:</td>
<td><select name="base" size="1">
<option>
Select One
</option>
<?php require('http://www.virtual-aviation.org/gatewayaviation/admin/mysqli_connect.php');
$q = "SELECT id, CONCAT_WS(' ', airport_name, airport_code) FROM airports ORDER BY airport_code ASC";
$r = mysqli_query ($dbc, $q);
if (mysqli_num_rows($r) > 0) {
while ($row = mysql_fetch_array ($r, MYSQL_NUM)) {
echo "<option value=\"$row[0]\"";
if (isset($_POST['existing']) && ($_POST['existing'] == $row[0]) ) echo 'selected="selected"'; echo ">$row[1]</option>\n";
}
} else {
echo '<option>Please a new airport first.</optioon>';
}
mysqli_close($dbc);
?>
</select></td>
</tr>
</table>
<p><input type='submit' name='submit' value='Register'></p>
</form>
</body>
</html>
Errors found in the dropdown box area
Warning: mysqli_query() expects parameter 1 to be mysqli, null given in /home5/virtua15/public_html/gatewayaviation/pages/register.inc.php on line 178
Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, null given in /home5/virtua15/public_html/gatewayaviation/pages/register.inc.php on line 180
Please a new airport first.
You can't require from 'http'. You need to change
require('http://www.virtual-aviation.org/gatewayaviation/admin/mysqli_connect.php');
to some local path like
require('mysqli_connect.php');
IMHO First check your mysql query by echoing it and then run the query through editor.
Second, although you have set display_errors but still you might not able to view the errors.
Hey I need to get the gender selected from a select tag
and then store that value as a variable in php, here's some relevant snippets of both
the register.php form and the register_process.php file
register.php
<form action="register_process.php" method="post">
<table>
<tr>
<td>Username (to be used for login and display name)</td>
<td><input type="text" name="username" id="username" onclick="check()"/></td>
<td id="username_check"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password" id="password" onclick="check()"/></td>
<td id="password_check"></td>
</tr>
<tr>
<td>Password (Re-Enter)</td>
<td><input type="password" name="repassword" id="repassword" onclick="check()"/></td>
<td id="repassword_check"></td>
</tr>
<tr>
<td>Email Address</td>
<td><input type="text" name="email" id="email" onclick="check()"/></td>
<td id="email_check"></td>
</tr>
<tr>
<td>Email Address (Re-Enter)</td>
<td><input type="text" name="reemail" id="reemail" onclick="check()"/></td>
<td id="reemail_check"></td>
</tr>
<tr>
<td>Gender</td>
<td>
<select name="gender">
<option value="1">Male</option>
<option value="2">Female</option>
</select>
</td>
<td></td>
</tr>
<tr>
<td>I agree to the terms and conditions</td>
<td><input type="checkbox" name="tos" id="tos" /></td>
<td id="tos_check"></td>
</tr>
<tr>
<td id="valid" colspan="3"></td>
</tr>
<tr>
<td colspan="3"><input type="submit" value="Register" /></td>
</tr>
<tr>
<td colspan="3">Cancel</td>
</tr>
</table>
</form>
there is a ton of javascript I have omitted from this that does very basic validation
register_process.php
<?php
ini_set('display_errors', 'On');
error_reporting(E_ALL | E_STRICT);
?>
<?php
$connection = mysql_connect(HOST, USERNAME, PASSWORD);
if(!$connection)
{
die("Database connection failed: " . mysql_error());
}
$db_select = mysql_select_db(DATABASE, $connection);
if(!$db_select)
{
die("Database selection failed: " . mysql_error());
}
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$repassword = mysql_real_escape_string($_POST['repassword']);
$email = mysql_real_escape_string($_POST['email']);
$reemail = mysql_real_escape_string($_POST['reemail']);
$gender = $_POST['gender'];
$tos = mysql_real_escape_string($_POST['tos']); // not being checked yet
$errors = 0;
$success = 0;
// USERNAME CHECK
if (preg_match('/^[a-z\d_]{5,20}$/i', $username))
{
$user_query = "SELECT * FROM users WHERE user_name = '$username' OR login_name = '$username' LIMIT 1";
$result=mysql_query($user_query);
$count=mysql_num_rows($result);
if($count==0)
{
echo "username is available <br/>";
$success++;
echo "<br/>1 Passed<br/>";
}
else
{
echo "sorry, that username already exist";
$errors++;
echo "<br/>1 Passed<br/>";
}
}
else
{
echo "You either need to enter a username, or you have entered a username in an incorrect format.";
$errors++;
echo "<br/>1 Passed<br/>";
}
// PASSWORD CHECK
if(preg_match('/^[a-z\d_]{5,20}$/i', $password))
{
// password is between 5-10 characters, alpha-numeric (a-z, A-Z, 0-9) and underscores
if($password === $repassword)
{
// password is identical
$success++;
echo "<br/>2 Passed<br/>";
}
else
{
// passwords do not match
$errors++;
echo "<br/>2 Passed<br/>";
}
}
else
{
echo "Password failed validation";
$errors++;
}
// EMAIL CHECK
if (eregi('^[a-zA-Z0-9._-]+#[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$',$email))
{
// user#email.com passes
// 1#1.com passes
// -#_.com passes
//
echo "<br/> email is ok";
if($email === $reemail)
{
// email addresses match
$success++;
echo "<br/>3 Passed<br/>";
}
else
{
// email address does not match
echo "<br/>3 Passed<br/>";
$errors++;
}
}
else
{
echo "email validation failed <br/>";
$errors++;
echo $email;
}
// Here is the problem, I can't seem to evaluate the correct value,
// When I echo out $gender I get nothing, So theres either an issue
// in the html form OR in the way I use $gender = $_POST['gender'];
if($gender == 1 || $gender == "1" || $gender == '1')
{
echo "male selected";
}
else
{
echo "female selected";
}
?>
what am I missing here guys?,
I have been hunting around
google to find an answer with no success.
heres the error php is giving me:
"Notice: Undefined index: gender in register_process.php on line 22"
Everything else in the form IS working fine, there are no other issues
Your mistake is this:
/>
Don't close your form tag way up there - you need to close it after the select.
BTW xhtml is dead, don't use it (it has been superseded by html5). Use plain HTML and don't close tags that don't need it.
Because of error in your HTML syntax.
Change:
<form action="register_process.php" method="post" />
To:
<form action="register_process.php" method="post">
Here is the code.
I really dont why it is not submitting my information.
<?php
//Includes mass includes containing all the files needed to execute the full script
//Also shows homepage elements without customs
include ("includes/mass.php");
//Grabbing data form POST array and storing in variables plus the date
$username = ($_POST['username']);
$password = ($_POST['password']);
$conpassword= ($_POST['password2']);
$firstname = ($_POST['firstname']);
$lastname = ($_POST['lastname']);
$email = ($_POST['email']);
$submit = ($_POST['submit']);
$date = date("Y-m-d");
//Reigstration Form
$register = "<div id='registration'>
<h2>Register Here!</h2>
<form action='register.php' method='post'>
<table>
<tr>
<td>
Username
</td>
<td>
<input type='text' name='username' value='$username' >
</td>
</tr>
<tr>
<td>
Password
</td>
<td>
<input type='password' name ='password'>
</td>
</tr>
<tr>
<td>
Confirm Password
</td>
<td>
<input type='password' name ='password2'>
</td>
</tr>
<tr>
<td>
Firstname
</td>
<td>
<input type='text' name='firstname' value='$firstname'>
</td>
</tr>
<tr>
<td>
Lastname
</td>
<td>
<input type='text' name='lastname' value='$lastname' >
</td>
</tr>
<tr>
<td>
Email
</td>
<td>
<input type='text' name='email' value= '$email' >
</td>
</tr>
<tr>
<td>
<input type='submit' class='button' name='submit' value='Sign Up'>
</td>
</tr>
</table>
</form>
</div>";
echo $register;
//Check to make sure user has submitted the correct details
echo "<div id='regform'>";
if (isset($submit))
{
//Querying the database for if the username already exists
$sql = "SELECT * FROM user WHERE username = '$username'";
$query = mysql_query($sql);
$numrows = mysql_num_rows($query);
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if (strlen($username)<2)
{
echo ("<br>You must enter a longer username</br>");
exit;
}
elseif (strlen($username) > 25)
{
echo ("You must enter a shorter username<br>");
exit;
}
if ($username==$dbusername)
{
echo ("That username already exists!");
exit;
}
elseif (strlen($password)<6)
{
echo ("<br>'Password must be be between 6 & 26 characters'<br>");
exit;
}
if ($password != $conpassword)
{
echo ("<br>Your passwords dont match<br>");
exit;
}
elseif (strlen($firstname)<=0)
{
echo ("<br>You must enter your firstname<br>");
exit;
}
if (strlen($lastname)<=0)
{
echo ("<br>You must enter your lastname<br>");
exit;
}
elseif (!preg_match('/#/',$email) || (strlen($email)<=6) )
{
echo ("</br>You must enter a proper email address!");
exit;
}
if (!isset($password))
{
echo "You must enter a password!";
exit;
}
elseif (!isset($conpassword))
{
echo ("You must confirm your password");
exit;
}
else
{
//Encrypt the password
$password = md5($password);
$conpassword = md5($conpassword);
//Start Session
session_start();
//push this information to the database
//Submit data to database plus store exec into variable.
$sqlsubmit ="INSERT INTO user VALUES ('','$firstname','$lastname','$username','$password','$email','$date',)";
mysql_query($sqlsubmit);
//echo success.
echo "successfully submitted to the database"."<br>"."<a href='user.php'>Click Here To Go To Your Accont</a>";
exit;
}
}
elseif(!isset($submit))
{
echo "</br>"."Enter your info here!!!!! :))";
}
echo "</div>";
?>
It has been state by Pekka as well as in a comment... but since this is very important, I'll repeat it in a separate (community wiki) answer:
This code is vulnerable to SQL-injection attacks of the worst kind.
Your code is absolutely insecure. It should not be used, no excuses possible. Go read about SQL-Injection and input sanitisation before you proceed any further.
http://xkcd.com/327/
Update: As Quassnoi so subtly points out, you urgently need to secure your input. See the chapter SQL Injection in the PHP manual.
The query fails because you have an extra comma at the end of the line:
$sqlsubmit ="INSERT INTO user VALUES
('','$firstname','$lastname','$username','$password','$email','$date',)";
Use echo mysql_error(); to find out such errors.
Also, the success message gets output, regardless whether the query fails or not.
You want to add a condition:
if (mysql_query($sqlsubmit))
echo "successfully submitted ...";
else
echo "error submitting ..... ".mysql_error();