Paul_Withers Posted September 1, 2014 Share Posted September 1, 2014 Hi, I have taken the step of writing my site in MySQLi instead of MYSQL as advised. However, I had a script that I got off the internet, the original file works great and registers the user to the database. However the edited version of the script, where I have added more information such as the users address etc, no longer works. I have compared the two files and can't seem to find the problem. When the script is run, it skips all the registration part and jumps to the last error in the script saying 'You Could Not Be Registered Because Of Missing Data.'. All the variables match the column names in the database. Here is the original working script <?php error_reporting(E_ALL); ini_set('display_errors', '1'); // some error checking /* if($_POST['reg']){ echo "form submitted"; }else{ echo "form not submitted"; } */ if( isset( $_POST['user'] ) && isset( $_POST['pass'] ) && isset( $_POST['email'] ) ){ // echo $_POST['user']." - ".$_POST['pass']." - ".$_POST['email']; if( strlen( $_POST['user'] ) < 5 ) { include('header.inc'); echo "Username Must Be 5 or More Characters."; include('footer.inc'); } elseif( strlen( $_POST['pass'] ) < 5 ) { include('header.inc'); echo "Password Must Be 5 or More Characters."; include('footer.inc'); } elseif( $_POST['pass'] == $_POST['user'] ) { include('header.inc'); echo "Username And Password Can Not Be The Same."; include('footer.inc'); } elseif( $_POST['email'] == "" ) { //More secure to use a regular expression to check that the user is entering a valid email // versus just checking to see if the field is empty include('header.inc'); echo "Email must be valid."; include('footer.inc'); } else { require( 'database.php' ); $username = mysqli_real_escape_string($con, $_POST['user']); //Remove md5() function if not using encryption i.e. $password = $_POST['pass']; $password = mysqli_real_escape_string($con, md5( $_POST['pass'])); $email = mysqli_real_escape_string($con, $_POST['email'] ); $sqlCheckForDuplicate = "SELECT username FROM user WHERE username = '". $username ."'"; //echo "$sqlCheckForDuplicate<br/>"; $result = mysqli_query($con, $sqlCheckForDuplicate); if(mysqli_num_rows($result) == 0){ //echo "No Duplicates<br/>"; $sqlRegUser = "INSERT INTO user( username, password, email ) VALUES ( '". $username ."', '". $password ."', '". $email."' )"; //echo "$sqlRegUser<br/>"; if( !mysqli_query($con, $sqlRegUser ) ) { include('header.inc'); echo "You Could Not Register Because Of An Unexpected Error."; include('footer.inc'); } else { /* Note: When using the header function, you cannot send output to the browser * before the header function is called. IF you want to echo a message to the * user before going back to your login page then you should use the HTML * Meta Refresh tag. */ //echo "You Are Registered And Can Now Login"; //echo " $username"; //this is for error checking header ('location: login.php'); // if using echo then use meta refresh /* *?> *<meta http-equiv="refresh" content="2;url= login.php/"> *<? */ } mysqli_free_result($result); } else { include('header.inc'); echo "The Username You Have Chosen Is Already Being Used By Another User. Please Try Another One."; //echo " $username;" //this is for error checking include('footer.inc'); } /* close connection */ mysqli_close($con); } } else { include('header.inc'); echo "You Could Not Be Registered Because Of Missing Data."; include('footer.inc'); } ?> and here is my version <?php error_reporting(E_ALL); ini_set('display_errors', '1'); if( isset( $_POST['user'] ) && isset( $_POST['pass'] ) && isset( $_POST['pass_again'] ) && isset( $_POST['firstname'] ) && isset( $_POST['lastname'] ) && isset( $_POST['email'] ) && isset( $_POST['email_again'] ) && isset( $_POST['address1'] ) && isset( $_POST['address2'] ) && isset( $_POST['town'] ) && isset( $_POST['county'] ) && isset( $_POST['postcode'] ) && isset( $_POST['business'] ) && isset( $_POST['vat_registered'] ) && isset( $_POST['vat_number'] )) { if( strlen( $_POST['user'] ) < 5 ) { include('includes/overall/header.php'); echo "Username Must Be 5 or More Characters."; include('includes/overall/footer.php'); } elseif( strlen( $_POST['pass'] ) < 5 ) { include('includes/overall/header.php'); echo "Password Must Be 5 or More Characters."; include('includes/overall/footer.php'); } elseif( $_POST['pass'] == $_POST['user'] ) { include('includes/overall/header.php'); echo "Username And Password Can Not Be The Same."; include('includes/overall/footer.php'); } elseif( $_POST['pass_again'] == "" ) { include('includes/overall/header.php'); echo "Passwords must match"; include('includes/overall/footer.php'); } // CREATE BETTER EMAIL CHECK elseif( $_POST['email'] == "" ) { include('includes/overall/header.php'); echo "Email must be valid."; include('includes/overall/footer.php'); } elseif( $_POST['email_again'] == "" ) { include('includes/overall/header.php'); echo "Emails must match."; include('includes/overall/footer.php'); } elseif( $_POST['address_1'] == "" ) { include('includes/overall/header.php'); echo "Address cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['address_2'] == "" ) { include('includes/overall/header.php'); echo "Address cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['town'] == "" ) { include('includes/overall/header.php'); echo "Town cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['county'] == "" ) { include('includes/overall/header.php'); echo "County cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['postcode'] == "" ) { include('includes/overall/header.php'); echo "Postcode cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['business'] == "" ) { include('includes/overall/header.php'); echo "Business cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['vat_registered'] == "" ) { include('includes/overall/header.php'); echo "VAT Registered cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['vat_number'] == "" ) { include('includes/overall/header.php'); echo "VAT number cannot be empty, please enter N/A if not VAT registered."; include('includes/overall/footer.php'); } else { require( 'database.php' ); $username = mysqli_real_escape_string($con, $_POST['user']); //Remove md5() function if not using encryption i.e. $password = $_POST['pass']; $password = mysqli_real_escape_string($con, md5( $_POST['pass'])); $password_again = mysqli_real_escape_string($con, md5( $_POST['pass_again'])); $firstname = mysqli_real_escape_string($con, $_POST['firstname']); $lastname = mysqli_real_escape_string($con, $_POST['lastname']); $email = mysqli_real_escape_string($con, $_POST['email'] ); $email_again = mysqli_real_escape_string($con, $_POST['email_again']); $address_1 = mysqli_real_escape_string($con, $_POST['address_1']); $address_2 = mysqli_real_escape_string($con, $_POST['address_2']); $town = mysqli_real_escape_string($con, $_POST['town']); $county = mysqli_real_escape_string($con, $_POST['county']); $postcode = mysqli_real_escape_string($con, $_POST['postcode']); $business = mysqli_real_escape_string($con, $_POST['business']); $vat_registered = mysqli_real_escape_string($con, $_POST['vat_registered']); $vat_number = mysqli_real_escape_string($con, $_POST['vat_number']); $sqlCheckForDuplicate = "SELECT username FROM user WHERE username = '". $username ."'"; //echo "$sqlCheckForDuplicate<br/>"; $result = mysqli_query($con, $sqlCheckForDuplicate); if(mysqli_num_rows($result) == 0){ //echo "No Duplicates<br/>"; $sqlRegUser = "INSERT INTO user( username, password, password_again, firstname, lastname, email, email_again, address_1, address_2, town, county, postcode, business, vat_registered, vat_number ) VALUES ( '". $username ."', '". $password ."', '". $password_again ."', '". $firstname ."', '". $lastname ."', '". $email ."', '". $email_again ."', '". $address_1 ."', '". $address_2 ."', '". $town ."', '". $county ."', '". $postcode ."', '". $business ."', '". $vat_registered ."', '". $vat_number."' )"; //echo "$sqlRegUser<br/>"; if( !mysqli_query($con, $sqlRegUser ) ) { include('includes/overall/header.php'); echo "You Could Not Register Because Of An Unexpected Error."; include('includes/overall/footer.php'); } else { header ('location: login.php'); } mysqli_free_result($result); } else { include('includes/overall/header.php'); echo "The Username You Have Chosen Is Already Being Used By Another User. Please Try Another One."; //echo " $username;" //this is for error checking include('includes/overall/footer.php'); } /* close connection */ mysqli_close($con); } } else { include('includes/overall/header.php'); echo "You Could Not Be Registered Because Of Missing Data."; include('includes/overall/footer.php'); } ?> Error reporting is switched on, I just cant see the problem. Any help is much appreciated Quote Link to comment Share on other sites More sharing options...
Paul_Withers Posted September 1, 2014 Author Share Posted September 1, 2014 Hi, I have taken the step of writing my site in MySQLi instead of MYSQL as advised. However, I had a script that I got off the internet, the original file works great and registers the user to the database. However the edited version of the script, where I have added more information such as the users address etc, no longer works. I have compared the two files and can't seem to find the problem. When the script is run, it skips all the registration part and jumps to the last error in the script saying 'You Could Not Be Registered Because Of Missing Data.'. All the variables match the column names in the database. Here is the original working script <?php error_reporting(E_ALL); ini_set('display_errors', '1'); // some error checking /* if($_POST['reg']){ echo "form submitted"; }else{ echo "form not submitted"; } */ if( isset( $_POST['user'] ) && isset( $_POST['pass'] ) && isset( $_POST['email'] ) ){ // echo $_POST['user']." - ".$_POST['pass']." - ".$_POST['email']; if( strlen( $_POST['user'] ) < 5 ) { include('header.inc'); echo "Username Must Be 5 or More Characters."; include('footer.inc'); } elseif( strlen( $_POST['pass'] ) < 5 ) { include('header.inc'); echo "Password Must Be 5 or More Characters."; include('footer.inc'); } elseif( $_POST['pass'] == $_POST['user'] ) { include('header.inc'); echo "Username And Password Can Not Be The Same."; include('footer.inc'); } elseif( $_POST['email'] == "" ) { //More secure to use a regular expression to check that the user is entering a valid email // versus just checking to see if the field is empty include('header.inc'); echo "Email must be valid."; include('footer.inc'); } else { require( 'database.php' ); $username = mysqli_real_escape_string($con, $_POST['user']); //Remove md5() function if not using encryption i.e. $password = $_POST['pass']; $password = mysqli_real_escape_string($con, md5( $_POST['pass'])); $email = mysqli_real_escape_string($con, $_POST['email'] ); $sqlCheckForDuplicate = "SELECT username FROM user WHERE username = '". $username ."'"; //echo "$sqlCheckForDuplicate<br/>"; $result = mysqli_query($con, $sqlCheckForDuplicate); if(mysqli_num_rows($result) == 0){ //echo "No Duplicates<br/>"; $sqlRegUser = "INSERT INTO user( username, password, email ) VALUES ( '". $username ."', '". $password ."', '". $email."' )"; //echo "$sqlRegUser<br/>"; if( !mysqli_query($con, $sqlRegUser ) ) { include('header.inc'); echo "You Could Not Register Because Of An Unexpected Error."; include('footer.inc'); } else { /* Note: When using the header function, you cannot send output to the browser * before the header function is called. IF you want to echo a message to the * user before going back to your login page then you should use the HTML * Meta Refresh tag. */ //echo "You Are Registered And Can Now Login"; //echo " $username"; //this is for error checking header ('location: login.php'); // if using echo then use meta refresh /* *?> *<meta http-equiv="refresh" content="2;url= login.php/"> *<? */ } mysqli_free_result($result); } else { include('header.inc'); echo "The Username You Have Chosen Is Already Being Used By Another User. Please Try Another One."; //echo " $username;" //this is for error checking include('footer.inc'); } /* close connection */ mysqli_close($con); } } else { include('header.inc'); echo "You Could Not Be Registered Because Of Missing Data."; include('footer.inc'); } ?> and here is my version <?php error_reporting(E_ALL); ini_set('display_errors', '1'); if( isset( $_POST['user'] ) && isset( $_POST['pass'] ) && isset( $_POST['pass_again'] ) && isset( $_POST['firstname'] ) && isset( $_POST['lastname'] ) && isset( $_POST['email'] ) && isset( $_POST['email_again'] ) && isset( $_POST['address1'] ) && isset( $_POST['address2'] ) && isset( $_POST['town'] ) && isset( $_POST['county'] ) && isset( $_POST['postcode'] ) && isset( $_POST['business'] ) && isset( $_POST['vat_registered'] ) && isset( $_POST['vat_number'] )) { if( strlen( $_POST['user'] ) < 5 ) { include('includes/overall/header.php'); echo "Username Must Be 5 or More Characters."; include('includes/overall/footer.php'); } elseif( strlen( $_POST['pass'] ) < 5 ) { include('includes/overall/header.php'); echo "Password Must Be 5 or More Characters."; include('includes/overall/footer.php'); } elseif( $_POST['pass'] == $_POST['user'] ) { include('includes/overall/header.php'); echo "Username And Password Can Not Be The Same."; include('includes/overall/footer.php'); } elseif( $_POST['pass_again'] == "" ) { include('includes/overall/header.php'); echo "Passwords must match"; include('includes/overall/footer.php'); } // CREATE BETTER EMAIL CHECK elseif( $_POST['email'] == "" ) { include('includes/overall/header.php'); echo "Email must be valid."; include('includes/overall/footer.php'); } elseif( $_POST['email_again'] == "" ) { include('includes/overall/header.php'); echo "Emails must match."; include('includes/overall/footer.php'); } elseif( $_POST['address_1'] == "" ) { include('includes/overall/header.php'); echo "Address cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['address_2'] == "" ) { include('includes/overall/header.php'); echo "Address cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['town'] == "" ) { include('includes/overall/header.php'); echo "Town cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['county'] == "" ) { include('includes/overall/header.php'); echo "County cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['postcode'] == "" ) { include('includes/overall/header.php'); echo "Postcode cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['business'] == "" ) { include('includes/overall/header.php'); echo "Business cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['vat_registered'] == "" ) { include('includes/overall/header.php'); echo "VAT Registered cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['vat_number'] == "" ) { include('includes/overall/header.php'); echo "VAT number cannot be empty, please enter N/A if not VAT registered."; include('includes/overall/footer.php'); } else { require( 'database.php' ); $username = mysqli_real_escape_string($con, $_POST['user']); //Remove md5() function if not using encryption i.e. $password = $_POST['pass']; $password = mysqli_real_escape_string($con, md5( $_POST['pass'])); $password_again = mysqli_real_escape_string($con, md5( $_POST['pass_again'])); $firstname = mysqli_real_escape_string($con, $_POST['firstname']); $lastname = mysqli_real_escape_string($con, $_POST['lastname']); $email = mysqli_real_escape_string($con, $_POST['email'] ); $email_again = mysqli_real_escape_string($con, $_POST['email_again']); $address_1 = mysqli_real_escape_string($con, $_POST['address_1']); $address_2 = mysqli_real_escape_string($con, $_POST['address_2']); $town = mysqli_real_escape_string($con, $_POST['town']); $county = mysqli_real_escape_string($con, $_POST['county']); $postcode = mysqli_real_escape_string($con, $_POST['postcode']); $business = mysqli_real_escape_string($con, $_POST['business']); $vat_registered = mysqli_real_escape_string($con, $_POST['vat_registered']); $vat_number = mysqli_real_escape_string($con, $_POST['vat_number']); $sqlCheckForDuplicate = "SELECT username FROM user WHERE username = '". $username ."'"; //echo "$sqlCheckForDuplicate<br/>"; $result = mysqli_query($con, $sqlCheckForDuplicate); if(mysqli_num_rows($result) == 0){ //echo "No Duplicates<br/>"; $sqlRegUser = "INSERT INTO user( username, password, password_again, firstname, lastname, email, email_again, address_1, address_2, town, county, postcode, business, vat_registered, vat_number ) VALUES ( '". $username ."', '". $password ."', '". $password_again ."', '". $firstname ."', '". $lastname ."', '". $email ."', '". $email_again ."', '". $address_1 ."', '". $address_2 ."', '". $town ."', '". $county ."', '". $postcode ."', '". $business ."', '". $vat_registered ."', '". $vat_number."' )"; //echo "$sqlRegUser<br/>"; if( !mysqli_query($con, $sqlRegUser ) ) { include('includes/overall/header.php'); echo "You Could Not Register Because Of An Unexpected Error."; include('includes/overall/footer.php'); } else { header ('location: login.php'); } mysqli_free_result($result); } else { include('includes/overall/header.php'); echo "The Username You Have Chosen Is Already Being Used By Another User. Please Try Another One."; //echo " $username;" //this is for error checking include('includes/overall/footer.php'); } /* close connection */ mysqli_close($con); } } else { include('includes/overall/header.php'); echo "You Could Not Be Registered Because Of Missing Data."; include('includes/overall/footer.php'); } ?> Error reporting is switched on, I just cant see the problem. Any help is much appreciated address1 has been corrected to address_1 and the same with address_2 but error still occurs Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted September 1, 2014 Share Posted September 1, 2014 The problem is related to the if statement here if( isset( $_POST['user'] ) && isset( $_POST['pass'] ) && isset( $_POST['pass_again'] ) && isset( $_POST['firstname'] ) && isset( $_POST['lastname'] ) && isset( $_POST['email'] ) && isset( $_POST['email_again'] ) && isset( $_POST['address_1'] ) && isset( $_POST['address_2'] ) && isset( $_POST['town'] ) && isset( $_POST['county'] ) && isset( $_POST['postcode'] ) && isset( $_POST['business'] ) && isset( $_POST['vat_registered'] ) && isset( $_POST['vat_number'] )) { One of the $_POST variables is not set this is causing the if statement to fail and so you get the Missing Data message shown. You need to make sure you have spelt the names of your fields correctly both in your HTML code and PHP code. Also make sure all the fields you checking to see exist actually show up in the output of this line (add it before the line above) printf('<pre>$_POST %s</pre>', print_r($_POST, true)); Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted September 1, 2014 Share Posted September 1, 2014 the particular message occurs when your massive isset(...) && isset(...) statement is false. the purpose of that statement is (should be) to test if a form was submitted. it doesn't need to test if every field is set, because all text/password/textarea fields will be set. so, just test if one field isset(), such as a hidden field that identifies that your registration form was submitted, which is what the $_POST['reg'] appears to be for. next, DRY (Don't Repeat Yourself.) You have a ton of code repeating the inclusion of the header/footer files. You should only have those ONCE. lastly, you should validate all the inputs at once and output all the errors at once so that the visitor doesn't need to repeatedly submit the form to find out each error in turn. your elseif() logic validating different fields should be completely separate conditional tests. to accomplish validating all the inputs at once, you would make an array to hold the error messages and then simply test if the array is empty at the end of all the validation. if it is empty, no errors. if is not empty, loop over the elements in the array and echo them to display the error messages. Quote Link to comment Share on other sites More sharing options...
Paul_Withers Posted September 1, 2014 Author Share Posted September 1, 2014 Its ok I found a solution, it seems it didn't like too many && isset I changed it to this and it works great <?php error_reporting(E_ALL); ini_set('display_errors', '1'); // some error checking /* if($_POST['reg']){ echo "form submitted"; }else{ echo "form not submitted"; } */ if (isset($_POST['user'], $_POST['pass'], $_POST['pass_again'], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $_POST['email_again'], $_POST['address_1'], $_POST['address_2'], $_POST['town'], $_POST['county'], $_POST['postcode'], $_POST['business'], $_POST['vat_registered'], $_POST['vat_number'] ) ) { // echo $_POST['user']." - ".$_POST['pass']." - ".$_POST['email']; if( strlen( $_POST['user'] ) < 5 ) { include('includes/overall/header.php'); echo "Username Must Be 5 or More Characters."; include('includes/overall/footer.php'); } elseif( strlen( $_POST['pass'] ) < 5 ) { include('includes/overall/header.php'); echo "Password Must Be 5 or More Characters."; include('includes/overall/footer.php'); } elseif( $_POST['pass'] == $_POST['user'] ) { include('includes/overall/header.php'); echo "Username And Password Can Not Be The Same."; include('includes/overall/footer.php'); } elseif( $_POST['pass_again'] == "" ) { include('includes/overall/header.php'); echo "Passwords must match"; include('includes/overall/footer.php'); } // CREATE BETTER EMAIL CHECK elseif( $_POST['email'] == "" ) { include('includes/overall/header.php'); echo "Email must be valid."; include('includes/overall/footer.php'); } elseif( $_POST['email_again'] == "" ) { include('includes/overall/header.php'); echo "Emails must match."; include('includes/overall/footer.php'); } elseif( $_POST['address_1'] == "" ) { include('includes/overall/header.php'); echo "Address cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['address_2'] == "" ) { include('includes/overall/header.php'); echo "Address cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['town'] == "" ) { include('includes/overall/header.php'); echo "Town cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['county'] == "" ) { include('includes/overall/header.php'); echo "County cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['postcode'] == "" ) { include('includes/overall/header.php'); echo "Postcode cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['business'] == "" ) { include('includes/overall/header.php'); echo "Business cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['vat_registered'] == "" ) { include('includes/overall/header.php'); echo "VAT Registered cannot be empty"; include('includes/overall/footer.php'); } elseif( $_POST['vat_number'] == "" ) { include('includes/overall/header.php'); echo "VAT number cannot be empty, please enter N/A if not VAT registered."; include('includes/overall/footer.php'); } else { require( 'database.php' ); $username = mysqli_real_escape_string($con, $_POST['user']); //Remove md5() function if not using encryption i.e. $password = $_POST['pass']; $password = mysqli_real_escape_string($con, md5( $_POST['pass'])); $password_again = mysqli_real_escape_string($con, md5( $_POST['pass_again'])); $firstname = mysqli_real_escape_string($con, $_POST['firstname']); $lastname = mysqli_real_escape_string($con, $_POST['lastname']); $email = mysqli_real_escape_string($con, $_POST['email'] ); $email_again = mysqli_real_escape_string($con, $_POST['email_again']); $address_1 = mysqli_real_escape_string($con, $_POST['address_1']); $address_2 = mysqli_real_escape_string($con, $_POST['address_2']); $town = mysqli_real_escape_string($con, $_POST['town']); $county = mysqli_real_escape_string($con, $_POST['county']); $postcode = mysqli_real_escape_string($con, $_POST['postcode']); $business = mysqli_real_escape_string($con, $_POST['business']); $vat_registered = mysqli_real_escape_string($con, $_POST['vat_registered']); $vat_number = mysqli_real_escape_string($con, $_POST['vat_number']); $sqlCheckForDuplicate = "SELECT username FROM user WHERE username = '". $username ."'"; //echo "$sqlCheckForDuplicate<br/>"; $result = mysqli_query($con, $sqlCheckForDuplicate); if(mysqli_num_rows($result) == 0){ //echo "No Duplicates<br/>"; $sqlRegUser = "INSERT INTO user( username, password, password_again, firstname, lastname, email, email_again, address_1, address_2, town, county, postcode, business, vat_registered, vat_number ) VALUES ( '". $username ."', '". $password ."', '". $password_again ."', '". $firstname ."', '". $lastname ."', '". $email ."', '". $email_again ."', '". $address_1 ."', '". $address_2 ."', '". $town ."', '". $county ."', '". $postcode ."', '". $business ."', '". $vat_registered ."', '". $vat_number."' )"; //echo "$sqlRegUser<br/>"; if( !mysqli_query($con, $sqlRegUser ) ) { include('includes/overall/header.php'); echo "You Could Not Register Because Of An Unexpected Error."; include('includes/overall/footer.php'); } else { /* Note: When using the header function, you cannot send output to the browser * before the header function is called. IF you want to echo a message to the * user before going back to your login page then you should use the HTML * Meta Refresh tag. */ //echo "You Are Registered And Can Now Login"; //echo " $username"; //this is for error checking header ('location: login.php'); // if using echo then use meta refresh /* *?> *<meta http-equiv="refresh" content="2;url= login.php/"> *<? */ } mysqli_free_result($result); } else { include('includes/overall/header.php'); echo "The Username You Have Chosen Is Already Being Used By Another User. Please Try Another One."; //echo " $username;" //this is for error checking include('includes/overall/footer.php'); } /* close connection */ mysqli_close($con); } } else { include('includes/overall/header.php'); echo "You Could Not Be Registered Because Of Missing Data."; include('includes/overall/footer.php'); } ?> Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted September 1, 2014 Share Posted September 1, 2014 there's no limit to the number of terms you can have. as pointed out, you likely had a typo and as also pointed out, you don't (ever) need to write out a statement that has that many terms in it. Quote Link to comment Share on other sites More sharing options...
jcbones Posted September 1, 2014 Share Posted September 1, 2014 Here is your script cleaned up a might, and taking into account all of the above suggestions. UN-TESTED <?php error_reporting(E_ALL); ini_set('display_errors', '1'); // some error checking /* if($_POST['reg']){ echo "form submitted"; }else{ echo "form not submitted"; } */ /////////////////////////////FAILURE TO TRIM VALUES MAY RESULT IN UN-DESIRED EXECUTION///////////////////////////// $errors = array(); //if a post has been sent to the page: if($_SERVER['REQUEST_METHOD'] == 'POST') { // echo $_POST['user']." - ".$_POST['pass']." - ".$_POST['email']; //check if either user or pass is empty: if((!empty($_POST['user']) && !empty($_POST['pass'])) { if(strlen( $_POST['user'] ) < 5 ) { //now we check for length $errors[] = "Username Must Be 5 or More Characters."; } if( strlen( $_POST['pass'] ) < 5 ) { //now we check for length $errors[] = "Password Must Be 5 or More Characters."; } if($_POST['pass'] == $_POST['user'] ) { //see if they match $errors[] = "Username And Password Can Not Be The Same."; } //now make sure pass_again isn't empty, and that the two match. if(empty($_POST['pass_again']) || $_POST['pass'] !== $_POST['pass_again'] ) { $errors[] = "Passwords must match"; } } else { //if the user or pass is empty, we catch it here, bypassing the now needless checks. $error[] = 'You must provide both a username, and a password.'; } // CREATE BETTER EMAIL CHECK //checking to make sure both emails are populated. if(!empty($_POST['email_again']) && !empty($_POST['email'])) { if(!preg_match('~^.+@[^\.].*\.[a-z]{2,}$~',$_POST['email'])) { //check to make sure it is somewhat valid expression. $errors[] = "Email must be valid."; } if($_POST['email_again'] == $_POST['email'] ) { //and that they are both the same. $errors[] = "Emails must match."; } } else { //we catch them here, if either is empty. $errors[] = 'You must provide an email address.'; } //From here on, we are just checking empty values. if(empty($_POST['address_1'])) { $errors[] = "Address cannot be empty"; } if(empty($_POST['address_2']) { $errors[] = "Address cannot be empty"; } if(empty($_POST['town']) { $errors[] = "Town cannot be empty"; } if(empty($_POST['county']) { $errors[] = "County cannot be empty"; } if(empty($_POST['postcode']) { $errors[] = "Postcode cannot be empty"; } if(empty($_POST['business']) { $errors[] = "Business cannot be empty"; } if(empty($_POST['vat_registered']) { $errors[] = "VAT Registered cannot be empty"; } if(empty($_POST['vat_number']) { $errors[] = "VAT number cannot be empty, please enter N/A if not VAT registered."; } //if errors is empty, then we are good to go on, otherwise we skip all the way to the bottom. if(empty($errors)) { require( 'database.php' ); //echo "$sqlCheckForDuplicate<br/>"; $username = mysqli_real_escape_string($con, $_POST['user']); $sqlCheckForDuplicate = "SELECT username FROM user WHERE username = '". $username ."'"; $result = mysqli_query($con, $sqlCheckForDuplicate); if(mysqli_num_rows($result) > 0) { //if there is a duplicate, we log it into errors, which is empty. $errors[] = "The Username You Have Chosen Is Already Being Used By Another User. Please Try Another One."; //echo " $username;" //this is for error checking } else { //We only add data to the database when we are sure that everything is error free. //Remove md5() function if not using encryption i.e. $password = $_POST['pass']; //note(***You should encrypt better than md5(), use the crypt() function, or password_hash(). $password = mysqli_real_escape_string($con, md5( $_POST['pass'])); $password_again = mysqli_real_escape_string($con, md5( $_POST['pass_again'])); $firstname = mysqli_real_escape_string($con, $_POST['firstname']); $lastname = mysqli_real_escape_string($con, $_POST['lastname']); $email = mysqli_real_escape_string($con, $_POST['email'] ); $email_again = mysqli_real_escape_string($con, $_POST['email_again']); $address_1 = mysqli_real_escape_string($con, $_POST['address_1']); $address_2 = mysqli_real_escape_string($con, $_POST['address_2']); $town = mysqli_real_escape_string($con, $_POST['town']); $county = mysqli_real_escape_string($con, $_POST['county']); $postcode = mysqli_real_escape_string($con, $_POST['postcode']); $business = mysqli_real_escape_string($con, $_POST['business']); $vat_registered = mysqli_real_escape_string($con, $_POST['vat_registered']); $vat_number = mysqli_real_escape_string($con, $_POST['vat_number']); //echo "No Duplicates<br/>"; $sqlRegUser = "INSERT INTO user( username, password, password_again, firstname, lastname, email, email_again, address_1, address_2, town, county, postcode, business, vat_registered, vat_number ) VALUES ( '". $username ."', '". $password ."', '". $password_again ."', '". $firstname ."', '". $lastname ."', '". $email ."', '". $email_again ."', '". $address_1 ."', '". $address_2 ."', '". $town ."', '". $county ."', '". $postcode ."', '". $business ."', '". $vat_registered ."', '". $vat_number."' )"; //echo "$sqlRegUser<br/>"; if( !mysqli_query($con, $sqlRegUser ) ) { //if for some reason the query fails after all of this, we catch it at the bottom. $errors[] = "You Could Not Register Because Of An Unexpected Error."; } else { /* Note: When using the header function, you cannot send output to the browser * before the header function is called. IF you want to echo a message to the * user before going back to your login page then you should use the HTML * Meta Refresh tag. */ //echo "You Are Registered And Can Now Login"; //echo " $username"; //this is for error checking header ('location: login.php'); //if query succeeds, then we re-direct: (NOTE, this should be a fully qualified URI). //always include an exit() function after a header(), this will end script execution: exit(); // if using echo then use meta refresh /* *?> *<meta http-equiv="refresh" content="2;url= login.php/"> *<? */ //result is always freed on exit of script, this line will never run. mysqli_free_result($result); } } //if you have gotten this far, there are only two cases: //1. you have errors: //2. registration query failed. include('includes/overall/header.php'); foreach($errors as $value) { //print all errors to page: echo $value . "<br />\n"; } include('includes/overall/footer.php'); } ?> Quote Link to comment Share on other sites More sharing options...
Paul_Withers Posted September 4, 2014 Author Share Posted September 4, 2014 Im gonna cry, the last version I posted worked yesterday, and now Im getting the message You Could Not Register Because Of An Unexpected Error. From reading through the checks this seems to be because of if( !mysqli_query($con, $sqlRegUser ) ) { include('includes/overall/header.php'); echo "You Could Not Register Because Of An Unexpected Error."; include('includes/overall/footer.php'); } But I can't figure out what the unexpected error is Any ideas? Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted September 4, 2014 Share Posted September 4, 2014 There is a problem with your sql. Use $mysqli->error to see what the error is Quote Link to comment Share on other sites More sharing options...
Paul_Withers Posted September 4, 2014 Author Share Posted September 4, 2014 Hi, I done that and get this message Errormessage: Column count doesn't match value at row 1 The first column in the db is id which is auto increment. The rest of the columns match with the values ??? Im confused lol Quote Link to comment Share on other sites More sharing options...
Paul_Withers Posted September 4, 2014 Author Share Posted September 4, 2014 Please ignore above, I forgot I had removed a field. Braindead lol Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.