I have two .php files which show all contacts in a database, then allows the user to choose a contact to be edited.
The first script is called pick_modcontact.php where I choose a contact, then posts to the script show_modcontact.php When I click the post button on the form on pick.modcontact.php the browser returns to that file due to this code on the beginning of show_modcontact.php
if (!$_POST['id']) {
header( "Location: pick_modcontact.php");
exit;
} else {
session_start();
}
if ($_SESSION['valid'] != "yes") {
header( "Location: pick_modcontact.php");
exit;
}
I can not work out how to correct the code so that it will show the results of the script show_modcontact.php
This script shows all contacts in a database which is an "address book" this part works fine. please see below.
Name:pick_modcontact.php
if ($_SESSION['valid'] != "yes") {
header( "Location: contact_menu.php");
exit;
}
$db_name = "testDB";
$table_name = "my_contacts";
$connection = #mysql_connect("localhost", "admin", "user") or die(mysql_error());
$db = #mysql_select_db($db_name, $connection) or die(mysql_error());
$sql = "SELECT id, f_name, l_name FROM $table_name ORDER BY f_name";
$result = #mysql_query($sql, $connection) or die(mysql_error());
$num = #mysql_num_rows($result);
if ($num < 1) {
$display_block = "<p><em>Sorry No Results!</em></p>";
} else {
while ($row = mysql_fetch_array($result)) {
$id = $row['id'];
$f_name = $row['f_name'];
$l_name = $row['l_name'];
$option_block .= "<option value\"$id\">$f_name, $l_name</option>";
}
$display_block = "<form method=\"POST\" action=\"show_modcontact.php\">
<p><strong>Contact:</strong>
<select name=\"id\">$option_block</select>
<input type=\"submit\" name=\"submit\" value=\"Select This Contact\"></p>
</form>";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Modify A Contact</title>
</head>
<body>
<h1>My Contact Management System</h1>
<h2><em>Modify a Contact</em></h2>
<p>Select a contact from the list below, to modify the contact's record.</p>
<? echo "$display_block"; ?>
<br>
<p>Return to Main Menu</p>
</body>
</html>
This script is for modifying the contact: named show_modcontact.php
<?php
if (!$_POST['id']) {
header( "Location: pick_modcontact.php");
exit;
} else {
session_start();
}
if ($_SESSION['valid'] != "yes") {
header( "Location: pick_modcontact.php");
exit;
}
$db_name = "testDB";
$table_name = "my_contacts";
$connection = #mysql_connect("localhost", "admin", "pass") or die(mysql_error());
$db = #mysql_select_db($db_name, $connection) or die(mysql_error());
$sql = "SELECT f_name, l_name, address1, address2, address3, postcode, prim_tel, sec_tel, email, birthday FROM $table_name WHERE id = '" . $_POST['id'] . "'";
$result = #mysql_query($sql, $connection) or die(mysql_error());
while ($row = mysql_fetch_array($result)) {
$f_name = $row['f_name'];
$l_name = $row['l_name'];
$address1 = $row['address1'];
$address2 = $row['address2'];
$address3 = $row['address3'];
$country = $row['country'];
$prim_tel = $row['prim_tel'];
$sec_tel = $row['sec_tel'];
$email = $row['email'];
$birthday = $row['birthday'];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Modify A Contact</title>
</head>
<body>
<form action="do_modcontact.php" method="post">
<input type="text" name="id" value="<? echo $_POST['id']; ?>" />
<table cellpadding="5" cellspacing="3">
<tr>
<th>Name & Address Information</th>
<th> Other Contact / Personal Information</th>
</tr>
<tr>
<td align="top">
<p><strong>First Name:</strong><br />
<input type="text" name="f_name" value="<? echo "$f_name"; ?>" size="35" maxlength="75" /></p>
<p><strong>Last Name:</strong><br />
<input type="text" name="l_name" value="<? echo "$l_name"; ?>" size="35" maxlength="75" /></p>
<p><strong>Address1:</strong><br />
<input type="text" name="f_name" value="<? echo "$address1"; ?>" size="35" maxlength="75" /></p>
<p><strong>Address2:</strong><br />
<input type="text" name="f_name" value="<? echo "$address2"; ?>" size="35" maxlength="75" /></p>
<p><strong>Address3:</strong><br />
<input type="text" name="f_name" value="<? echo "$address3"; ?>" size="35" maxlength="75" /> </p>
<p><strong>Postcode:</strong><br />
<input type="text" name="f_name" value="<? echo "$postcode"; ?>" size="35" maxlength="75" /></p>
<p><strong>Country:</strong><br />
<input type="text" name="f_name" value="<? echo "$country"; ?>" size="35" maxlength="75" /> </p>
<p><strong>First Name:</strong><br />
<input type="text" name="f_name" value="<? echo "$f_name"; ?>" size="35" maxlength="75" /></p>
</td>
<td align="top">
<p><strong>Prim Tel:</strong><br />
<input type="text" name="f_name" value="<? echo "$prim_tel"; ?>" size="35" maxlength="75" /></p>
<p><strong>Sec Tel:</strong><br />
<input type="text" name="f_name" value="<? echo "$sec_tel"; ?>" size="35" maxlength="75" /></p>
<p><strong>Email:</strong><br />
<input type="text" name="f_name" value="<? echo "$email;" ?>" size="35" maxlength="75" /> </p>
<p><strong>Birthday:</strong><br />
<input type="text" name="f_name" value="<? echo "$birthday"; ?>" size="35" maxlength="75" /> </p>
</td>
</tr>
<tr>
<td align="center">
<p><input type="submit" name="submit" value="Update Contact" /></p>
<br />
<p>Retuen To Menu</p>
</td>
</tr>
</table>
</form>
</body>
</html>
Edited answer to reflect discoveries found in comment thread below for future readers
In your PHP files you need to update
$_POST[id]
to be
$_POST['id']
PHP will not now what id is, and therefor will evaluate to false, causing your script to exit, and fall into the loop you are describing.
This is also the case when you are using your $_SESSION array
$_SESSION[valid]
should be
$_SESSION['valid']
$_SESSION, $_POST, $_GET, $_REQUEST, etc are all associative arrays, in order to refer to any of their contents you need to specify the string that refers to the key they are located in.
Ok, in your if statement
if (!$_POST['id']) {
header( "Location: pick_modcontact.php");
exit;
} else {
session_start();
}
if ($_SESSION['valid'] != "yes") {
header( "Location: pick_modcontact.php");
exit;
}
You are checking to see if $_SESSION['valid'] does not equal yes, this will evaluate to true because you never set $_SESSION['valid'] = "yes" so it will always go back to pick_modcontact.php here.
Try updating it to be
if (!$_POST['id']) {
header( "Location: pick_modcontact.php");
exit;
} else {
session_start();
// let the script know that this is a valid contact
$_SESSION['valid'] = 'yes';
}
if ($_SESSION['valid'] != "yes") {
header( "Location: pick_modcontact.php");
exit;
}
Also
$option_block .= "<option value\"$id\">$f_name, $l_name</option>";
should be (you're misssing an equals sign) which means that on submit, it wont know the value of 'id'
$option_block .= "<option value=\"$id\">$f_name, $l_name</option>";
Related
Greeting dear programmers, i have problem in connecting mydatabase. I create three tables under one database. I put relationship for three table. After i put it i add phpcode to connect it. But it doesnt want to work. Before this,i try connect use that code. It works. But for this it doesnt want. I dont know is it because of the table relationship or got any error on my html form. Any developer pls help me to tell my problem. A lot of Thanks in advance.
<?php
session_start();
$_SESSION['message'] = '';
$mysqli=new MySQLi('127.0.0.1','root','','accounts');
if($_SERVER["REQUEST_METHOD"] == "POST") {
$option1 = $_POST['option1'];
$option2 = $_POST['option2'];
$option3 = $_POST['option3'];
$option4 = $_POST['option4'];
$option5 = $_POST['option5'];
$option6 = $_POST['option6'];
$sql ="INSERT INTO menubar(option1,option2,option3,option4,option5,option6)"
."VALUES ('$option1','$option2','$option3','$option4','$option5','$option6')";
if($mysqli->query($sql)=== true) {
$_SESSION['message'] ='Registration successful!
Added to the database!';
header("location:confirmnormal.php");
}
else {
$_SESSION['message'] = "User could not be added to the database!";
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Normal</title>
</head>
<body>
<div>
<?=$_SESSION['message']?>
<table align="center" >
<form method="post" action="" enctype="multipart/form-data" autocomplete="off">
<tr>
<td>
Enter Menu Bar:
</td>
<td>
<input type="text" placeholder="Personal Information" name="option1" required/>
<tr><td></td><td>
<input type="text" placeholder="Career Aspirations" name="option2" required />
</td></tr>
<tr><td></td><td>
<input type="text" placeholder="Educational Background" name="option3" required />
</td></tr>
<tr><td></td> <td> <input type="text" placeholder="Skills" name="option4" required /></td></tr>
<tr><td></td> <td><input type="text" placeholder="Language Proficiency" name="option5" required /></td></tr>
<tr><td></td><td><input type="text" placeholder="Job Preference" name="option6" required /></td>
</tr>
<tr>
<td align="center">
<input type="submit" name="login" value="register" class="btn-login"/>
</td>
</tr>
</tr>
</tr>
</form>
</table>
</div>
</body>
</html>
Check the POST using isset() also check the POST by using form submit
if(isset($_POST['submit']))
{
$option1 = $_POST['option1'];
$option2 = $_POST['option2'];
$option3 = $_POST['option3'];
$option4 = $_POST['option4'];
$option5 = $_POST['option5'];
$option6 = $_POST['option6'];
$sql ="INSERT INTO menubar(option1,option2,option3,option4,option5,option6)"
."VALUES ('$option1','$option2','$option3','$option4','$option5','$option6')";
if($mysqli->query($sql)=== true) {
$_SESSION['message'] ='Registration successful!
Added to the database!';
header("location:confirmnormal.php");
}
else {
$_SESSION['message'] = "User could not be added to the database!";
}
}
So im trying to have a user update their profile from update.php and then display it in userprofile.php but I am getting the error :"Cannot update: Duplicate entry 'username' for key 1". Ive tried to find a solution but im pretty stuck. Any help would be appreciated.
Here is update.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>User Profile Update</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>
<body>
<?php
session_start();
if(!isset($_SESSION['logged']) || $_SESSION['logged'] = TRUE)
{
$userError = "Error! Invalid Username.";
$passError = "Error! Invalid Password.";
$emailError = "Error! Invalid Email.";
$conError = "Error! Passwords do not match.";
$errorCheck = false;
$regex = '/^(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)|(?:\\x22?[^\\x5C\\x22]\\x22?)){255,})(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)|(?:\\x22?[^\\x5C\\x22]\\x22?)){65,}#)(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]|(?:\\x5C[\\x00-\\x7F]))*\\x22))(?:\\.(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]|(?:\\x5C[\\x00-\\x7F]))*\\x22)))*#(?:(?:(?!.*[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-+[a-z0-9]+)*\\.){1,126}){1,}(?:(?:[a-z][a-z0-9]*)|(?:(?:xn--)[a-z0-9]+))(?:-+[a-z0-9]+)*)|(?:\\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|(?:(?!(?:.*[a-f0-9][:\\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))(?:\\.(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))){3}))\\]))$/iD';
if (isset($_POST['update']))
{
if(empty($_POST["firstName"])){
echo $userError;
$errorCheck = True;
}
elseif(empty($_POST["lastName"])){
echo $passError;
$errorCheck = True;
}
elseif(empty($_POST["userName"])){
echo $userError;
$errorCheck = True;
}
elseif(empty($_POST["pass"])){
echo $passError;
$errorCheck = True;
}
elseif(preg_match($regex, $_POST["email"]) != 1) {
echo $emailError;
$errorCheck = True;
}
elseif($_POST["pass"] != $_POST["pass2"]){
echo $conError;
$errorCheck = True;
}
elseif($_POST["address"] != $_POST["address"]){
echo $conError;
$errorCheck = True;
}
if(isset($_POST['update']) && (!$errorCheck)){
$user="bparis";
$pass="soccerguy998";
$database="bparis";
$passwordSub=$_POST["pass"];
$encrypted_mypassword=md5($passwordSub);
$con=mysql_connect("localhost", $user, $pass)
or die ('Couldnt connect to server');
mysql_select_db($database,$con)
or die('could not connect to db');
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$key_id = $_POST["userName"];
$key_id2 = $_POST["email"];
//$location = $_POST['location'];
update($key_id2);
}else
{
userupdate();}
}else
{userupdate();}
}else
{ //if no user is logged in, display error
echo "<h1>Access denied</h1>";
echo "<h3><a href=login.php>Click here to login</a></h3>";
}
?>
<?php
function update($email){
$_SESSION['email'] = $email;
$sQry = "SELECT email FROM members WHERE email = " . (int)$_SESSION['email']; // Int userid
$obQry = mysql_query($sQry) or die(mysql_error()); // Shortcut, bad but usable
if (mysql_num_rows($obQry) == 1)
{
// Single record exists:// EDIT USER_PROFILE
$sReplace = "UPDATE members (username,password,email,firstName,lastName,address) VALUES('$_POST[userName]','$encrypted_mypassword','$_POST[email]','$_POST[firstName]','$_POST[lastName]','$_POST[address]')";
// Remember, I assumed that email is an integer!
}
else
{
$passwordSub=$_POST["pass"];
$encrypted_mypassword=md5($passwordSub);
$sReplace = "INSERT INTO members (username,password,email,firstName,lastName,address) VALUES('$_POST[userName]','$encrypted_mypassword','$_POST[email]','$_POST[firstName]','$_POST[lastName]','$_POST[address]')";
}
$obUpdate = mysql_query($sReplace) or die('Cannot update: ' . mysql_error());
if($obUpdate){
$subject = "Profile updated ";
$message = "You have updated your profile with Belfort Furniture. If not please contact customer service at : 703-406-7600";
$Belfortemail = "akomala.akouete#belfortfurniture.com";
echo "<b>profile updated</b>";mail($email, $subject,$message, "From:" . $Belfortemail);}else{
echo "Try update again";}
}
?>
<?php
function userupdate(){
?>
<table>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<h1>Profile Update</h1>
<hr>
<tr><td>First Name:</td><td>
<input type="text" name="firstName" maxlength="20">
</td></tr>
<tr><td>Last Name:</td><td>
<input type="text" name="lastName" maxlength="20">
</td></tr>
<tr><td>Username:</td><td>
<input type="text" name="userName" maxlength="20">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="20">
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="pass2" maxlength="20">
</td></tr>
<tr><td>Email:</td><td>
<input type="text" name="email" maxlength="50">
</td></tr>
<tr><td>Address:</td><td>
<input type="text" name="address" maxlength="100">
</td></tr>
<!--<tr>
<td class="right">address 1: </td>
<td><input type="text" name="location" value="" size="60" /></td>
</tr>-->
<tr><th colspan=2><input type="submit" name="update" value="UPDATE"></th></tr>
</form>
</table>
<?php
echo "<br><h3><a href=usersProfile.php>View your profile</a></h3>";
}
?>
</body>
</html>
and here is userprofile.php
<?php
session_start();
# DB INFO #
$user="xxxx";
$pass="xxxxx";
$database="xxxxx";
$con=mysql_connect("localhost", $user, $pass)
or die ('Couldnt connect to server');
mysql_select_db($database,$con)
or die('could not connect to db');
$result = mysql_query("SELECT userName,email,firstName,lastName,address FROM members") or die(mysql_error());
showpUsers($result);
function showpUsers($result)
{
?>
<table border="1">
<tr>
<?php
$headings = array("Usernam","Email","First Name","Last Name","Address");
foreach($headings as $info) {
echo "<th border='1'>" . $info . "</th>";
}
?>
</tr>
<?php
if(count($result)>0){
$list = array("username","email","firstName","lastName","address");
//while($data = mysql_fetch_row($result)){
$data = $result;
echo "<tr border='1'>";
for($i=0;$i<count($data);$i++) {
echo "<td border='1'>" . $data[$i] . "</td>";
}
echo "</tr>";
//}
}else{
echo "<b>Empty users list</b>";
}
?>
</table>
<?php
}
echo "<a href=update.php><button type='button'>USER UPDATE</button> </h1>";
?>
<hr/>
<br/>
<h3>Return Home Page</h3>
There are two situations I can see that might cause this:
You have two or more rows in the database with the same username, and your INSERT statement is being called. Check for this explicitly by only calling this block if the number of rows returned was 0. At the moment you aren't testing for it at all.
Your username is the PRIMARY KEY for the table. In this case you should alter your table so that it has a unique auto_incrementing primary key.
Oh, and rewrite the whole thing to fix the massive SQL injection vulnerabilities. Don't let this code anywhere near a public web site in the state it's in.
I am currently making a login form and although there are no error as far as i know when i tried to log in, however, it doesn't show any successful message or whatsoever so i don't know if I successfully log in or not.
<?php
session_start();
require_once('sqlconnect.inc.php');
if (isset($_POST["Login"]))
{
$conn = #mysqli_connect($host, $user, $pswd);
if (!$conn) {
echo "<p>Database connection failure</p>";
} else {
$selectDatabase = #mysqli_select_db($conn,$dbnm)
or die("<p>The database is not available.</p>");
}
$email = $_POST['email'];
$passw = $_POST['password'];
$query = "SELECT member_email FROM team WHERE member_email = '$email' AND password = '$passw'";
$queryResult = #mysqli_query($conn,$query)
or die ("<p>Unable to execute query.</p>". "<p>Error code" . mysqli_errno($conn) .":" . mysqli_error($conn))."</p>";
if(mysqli_num_rows($queryResult) == 0) //user is not found
{
header('Location: login.php');
}else{
if(mysqli_num_rows($queryResult) == 1)
{
echo ("<p>User is found, Successful login!</p>");
echo('<p>member add </p>');
echo('<p>Log out </p>');
$query2 = "SELECT member_name FROM team WHERE member_email = '$email' AND password= '$passw'";
$queryResult2 = #mysqli_query($conn, $query2)
or die ("<p>Unable to execute query.</p>". "<p>Error code" . mysqli_errno($conn) .":" . mysqli_error($conn))."</p>";
$array = mysqli_fetch_row($queryResult2);
$_SESSION['membername'] = $array[0];
}
else
{
echo"<p>Email and password do not match</p>";
echo'<p>Home page </p>';
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/chtml-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" >
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="description" content="Web Programming :: Assignment 2" />
<meta name="Keywords" content="Web, programming" />
<title>Register Page</title>
</head>
<body>
<form id='login' action='login.php' method='POST'>
<fieldset >
<legend><h1>My Team System Log in Page</h1></legend>
<?php $email = isset($_POST['email']) ? filter_var($_POST['email'], FILTER_SANITIZE_STRING) : ''; ?>
<label for='email' >Email:</label>
<input type='text' name='email' id='email' maxlength="50" value="<?php echo $email; ?>" />
</div>
<br />
<div class="elements">
<label for='password' >Password:</label>
<input type='password' name='password' id='password' maxlength="50" />
</div>
<br />
<div class="submit">
<input type='submit' name='login' value='Login' />
<input type='reset' name='Submit' value='Clear' />
<br />
<div class="elements">
Home
</fieldset>
</form>
</body>
</html>
Either you have an error from the mysql call that is being masked by using the # or the code block where you have the header function is being called. What happens if you remove the # and/or replace the header call with just a plain
echo "Debug: Test";
I want to display error message or alert message after checking the condition.
here is my code
session_start();
$plan = #$_GET['plan'];
$plan = +$plan;
include('connect.php');
If (isset($_POST['submit']))
{
$CompanyName = $_POST['CompanyName'];
$CompanyEmail = $_POST['CompanyEmail'];
$CompanyContact = $_POST['CompanyContact'];
$CompanyAddress = $_POST['CompanyAddress'];
$RegistrationType = $_POST['RegistrationType'];
$Plans = $_POST['plan'];
$Status = "Active";
$query1 = "select count(CompanyEmail) from ApplicationRegister where CompanyEmail = '$CompanyEmail'" ;
$result1 = mysql_query($query1) or die ("ERROR: " . mysql_error());
//$result1 = mysql_result($query1, 0, 0);
//echo $result1;
while ($row = mysql_fetch_array($result1))
{
//$companyemail = $row['CompanyEmail'];
//if($companyemail != '' || $companyemail!= 'NULL')
//{
if($row['count(CompanyEmail)'] > 0)
{
echo "This E-mail id is already registered ";
}
else
{
$sql = "INSERT INTO ApplicationRegister(CompanyName, CompanyEmail, CompanyContact, CompanyAddress, RegistrationType, ApplicationPlan, ApplicationStatus, CreatedDate) VALUES ('$CompanyName', '$CompanyEmail', '$CompanyContact', '$CompanyAddress', '$RegistrationType', '$Plans', '$Status', NOW() )";
$result = mysql_query($sql) or die(mysql_error());
$id = mysql_insert_id();
$_SESSION['application_id'] = $id;
//if(isset($plan == "trail"))
if($plan == "trail")
{
header("Location: userRegister.php?id=$id");
exit();
}
else
{
header("Location : PaymentGateway.php");
exit();
}
}
}
}
?>
and after this i have placed my html form
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link href="style.css" rel="stylesheet" type="text/css" />
<title>Welcome</title>
</head>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><h2><br />
Application Registration</h2>
<p> </p></td>
</tr>
<tr>
<td><form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data" name="form1" id="form1" onsubmit="return Validate();">
<input type="hidden" name="plan" value="<?php echo $plan ?>"/>
Company Name:
<input type="text" name="CompanyName" style="width:230px; height:20px;" /><br /><br />
Company E-mail :
<input type="text" name="CompanyEmail" style="width:230px; height:20px;" /><br /><br />
Company Contact <input type="text" name="CompanyContact" style="width:230px; height:20px;" /><br /><br />
Company Address: <input type="text" name="CompanyAddress" style="width:230px; height:20px;" /><br /><br />
Select Your Registration Type : <br /><br />
Trail: <input type="radio" name="RegistrationType" value="Trail" /><br />
Paid<input type="radio" name="RegistrationType" value="Paid" /><br /><br />
<input type="hidden" name="form_submitted" value="1"/>
<input type="submit" value="REGISTER" name="submit" />
</form>
</td>
</tr>
</table>
When the user entered companyemail is already exists it should display the alert message just below the company email field in the form. But now its displaying in the starting of the page. I dont know what to use and how to use. Please suggest
$msg = "";
if($row['count(CompanyEmail)'] > 0)
{
$msg = "This E-mail id is already registered ";
}
and HTML
<input type="text" name="CompanyEmail" style="width:230px; height:20px;" /><br />
<?php echo $msg; ?>
This query will return only one record. So its not need to use while loop
$query1 = "select count(CompanyEmail) from ApplicationRegister where CompanyEmail = '$CompanyEmail'" ;
$result1 = mysql_query($query1) or die ("ERROR: " . mysql_error());
Try this,
$query1 = "select count(CompanyEmail) from ApplicationRegister where CompanyEmail = '$CompanyEmail'" ;
$result1 = mysql_query($query1);
$row = mysql_ferch_array($result1);
if($row['count(CompanyEmail)'] > 0){
error message
}else{
insert uery
}
I have this registration form but for whatever reason it always returns with that the username is taken. Anyone care to look at it?
<?php
session_start;
include "config.php";
if($_POST['register']) {
if($_POST['email']) {
if($_POST['name']) {
if($_POST['pw1']) {
if($_POST['pw2']) {
if($_POST['pw2'] == $_POST['pw1']) {
$check_query = mysql_query("SELECT * FROM register WHERE username = '" .$_POST['name']. "'");
$check = mysql_num_rows($check_query);
if($check == "0"){
$pw = md5($_POST['pw1']);
mysql_query("INSERT INTO register (username, pass, email)
VALUES ('".$_POST['name']."', '".$pw."', '".$_POST['email']."')") or die(mysql_error());
$notice = "You are registered and you can login <a href='index.php'>here</a>";
}else{//#1 name already exists
$notice = "This username already exists";
}//#1 close
}else{//#2 pw's not the same
$notice = "The passwords are not the same";
}//#2 close
}else{//#3 pw2 not filled in
$notice = "You do have to type in a password";
}//#3 close
}else{//#4 pw 1 not filled in
$notice = "You do have to type in a password";
}//#4 close
}else{//#5 no name
$notice = "You do have to type in a username";
}//#5 close
}else{//#6 no email
$notice = "You do have to type in an email";
}//#6 close
}//post register close
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="stylesheet" type="text/css" href="bluestyle.css">
<link href='http://fonts.googleapis.com/css?family=Cabin' rel='stylesheet' type='text/css'>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Sign Up</title>
</head>
<body>
<center><div id="masterpower">
<img src="headblue.png" id="head">
<div id="h">
<a style="float:right;margin-right:10px;">This</a>
</div>
<div class="holder">
<div class="loppit">
<div id="contt">
<h1>Sign up!</h1><br />
<?php
if($_SESSION['usrid']) {
echo 'You are already logged in, <br />Home';
}else{
if($notice) {
echo $notice, '<br />Back';
}else{
?>
Note: Everything is case-sensitive!
<form id="form1" name="form1" method="post" class="form" action="register.php">
<table>
<tr><td>Username:</td>
<td><input name="name" id="name" class="ipted" type="text" /></td></tr>
<tr><td>Password:</td>
<td><input type="password" class="ipted" id="pw2" name="pw2"/></td></tr>
<tr><td>Password (Verify):</td>
<td><input name="pw1" class="ipted" id="pw1" type="password" /></td></tr>
<td>E-Mail:</td>
<td><input type="text" class="ipted" id="email" name="email" /></td></tr>
<tr><td></td><td><input type="submit" class="ipted" name="register" value="Register" id="register" /></td></tr>
</form>
<?php
}
}
?>
</div>
</div>
</div>
</div>
</center>
</body>
</html>
This is a little more tidy:
<?php
session_start();
include "config.php";
if($_POST['register']) {
$notice = array();
if(empty($_POST['email'])) {
$notice[] = "You do have to type in an email";
}
if(empty($_POST['name'])) {
$notice[] = "You do have to type in a username";
}
if(empty($_POST['pw1']) || empty($_POST['pw2'])) {
$notice[] = "You do have to type in a password";
}
if($_POST['pw2'] == $_POST['pw1']) {
$notice[] = "The passwords are not the same";
}
$check_query = mysql_query("SELECT * FROM register WHERE username = '" .$_POST['name']. "'") or die(mysql_error()); // added " or die(mysql_error())" for debug purpose
if(mysql_num_rows($check_query) != 0){
$notice[] = "This username already exists";
}
if(count($notice) == 0){
$pw = md5($_POST['pw1']);
mysql_query("INSERT INTO register (username, pass, email)
VALUES ('".$_POST['name']."', '".$pw."', '".$_POST['email']."')") or die(mysql_error());
$notice[] = "You are registered and you can login <a href='index.php'>here</a>";
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="stylesheet" type="text/css" href="bluestyle.css">
<link href='http://fonts.googleapis.com/css?family=Cabin' rel='stylesheet' type='text/css'>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Sign Up</title>
</head>
<body>
<center><div id="masterpower">
<img src="headblue.png" id="head">
<div id="h">
<a style="float:right;margin-right:10px;">This</a>
</div>
<div class="holder">
<div class="loppit">
<div id="contt">
<h1>Sign up!</h1><br />
<?php
if($_SESSION['usrid']) {
echo 'You are already logged in, <br />Home';
}else{
if(isset($notice) && count($notice) > 0) {
echo implode(', ',$notice), '<br />Back';
}else{
?>
Note: Everything is case-sensitive!
<form id="form1" name="form1" method="post" class="form" action="register.php">
<table>
<tr><td>Username:</td>
<td><input name="name" id="name" class="ipted" type="text" /></td></tr>
<tr><td>Password:</td>
<td><input type="password" class="ipted" id="pw2" name="pw2"/></td></tr>
<tr><td>Password (Verify):</td>
<td><input name="pw1" class="ipted" id="pw1" type="password" /></td></tr>
<td>E-Mail:</td>
<td><input type="text" class="ipted" id="email" name="email" /></td></tr>
<tr><td></td><td><input type="submit" class="ipted" name="register" value="Register" id="register" /></td></tr>
</form>
<?php
}
}
?>
</div>
</div>
</div>
</div>
</center>
</body>
</html>
Try that and see if you get an error.