It seems the code below doesn't work properly. Even if there isn't a record that has the same username or name, it will say there is on in the database, which prevents them from making an account. Why so?
$check1 = $db->prepare("SELECT username,name FROM servers WHERE username = ? OR name = ? LIMIT 1");
$check1->execute(array($username, $password));
if($check1->rowCount() > 0)
{
echo "Sorry, there is already an account with this username and/or server name!";
}
And here is my other problem, the harder one. It seems my execute wont work properly. The data will NEVER insert in the database, and it just says: "You've successfully created your account!"
Here is my code:
$insertQuery = $db->prepare("INSERT INTO servers (id, username, password, name, type, description, ip, votes, beta) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
$insertQuery->execute(array(null, $username, $password, $name, $server_type, $description, $ip, 0, 1));
if($insertQuery->errorInfo() > 0)
{
echo "Sorry, there was the following error:";
print_r($insertQuery->errorInfo());
}
else
{
echo "Server has been succesfully created!";
}
[MAY LOOK SLOPPY. CODED IN NOTEPAD++, BEST VIEWED WITH IT.]
Full, whole page code:
<?php
include_once("includes/config.php");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><? $title; ?></title>
<meta http-equiv="Content-Language" content="English" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="stylesheet" type="text/css" href="style.css" media="screen" />
</head>
<body>
<div id="wrap">
<div id="header">
<h1><? $title; ?></h1>
<h2><? $description; ?></h2>
</div>
<? include_once("includes/navigation.php"); ?>
<div id="content">
<div id="right">
<div id="artlicles">
<?php
if(!$_SESSION['user'])
{
$username = $_POST['username'];
$password = $_POST['password'];
$name = $_POST['name'];
$server_type = $_POST['type'];
$description = $_POST['description'];
//This check isn't 100% secure. It allows for registration with no server details
if(!$username || !$password)
{
//Ideally HTML and PHP should be as separate as possible. Perhaps consider having a different PHP script that runs the registration
echo "Note: Descriptions allow HTML. Any abuse of this will result in an IP and account ban. No warnings!<br><form action='create.php' method='POST'><table><tr><td>Username</td><td><input type='text' name='username'></td></tr><tr><td>Password</td><td><input type='password' name='password'></td></tr>";
echo "<tr><td>Sever Name</td><td><input type='text' name='name' maxlength='35'></td></tr><tr><td>Type of Server</td><td><select name='type'>
<option value='Any'>Any</option>
<option value='PvP'>PvP</option>
<option value='Creative'>Creative</option>
<option value='Survival'>Survival</option>
<option value='Roleplay'>RolePlay</option>
</select></td></tr>
<tr><td>Description</td><td><textarea maxlength='1500' rows='18' cols='40'></textarea></td></tr>";
echo "<tr><td>Submit</td><td><input type='submit'></td></tr></table></form>";
}
elseif(strlen($password) <
{
echo "Password needs to be higher than 8 characters!";
}
elseif(strlen($username) > 13)
{
echo "Username can't be greater than 13 characters!";
}
else
{
$check1 = $db->prepare("SELECT username,name FROM servers WHERE username = ? OR name = ? LIMIT 1");
$check1->execute(array($username, $name));
if($check1->rowCount() > 0)
{
echo "Sorry, there is already an account with this username and/or server name!";
}
else
{
$ip = $_SERVER['REMOTE_ADDR'];
$insertQuery = $db->prepare("INSERT INTO servers (id, username, password, name, type, description, ip, votes, beta) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
$insertQuery->execute(array(null, $username, $password, $name, $server_type, $description, $ip, 0, 1));
if($insertQuery->errorInfo() > 0)
{
echo "Sorry, there was the following error:";
print_r($insertQuery->errorInfo());
}
else
{
echo "Server has been succesfully created!";
}
}
}
}
else
{
echo "You are currently logged in!";
}
?>
</div>
</div>
<div style="clear: both;"> </div>
</div>
<div id="footer">
<a href="http://www.templatesold.com/" target="_blank">Website Templates</a> by <a href="http://www.free-css-templates.com/" target="_blank">Free CSS Templates</a> - Site Copyright MCTop
</div>
</div>
</body>
</html>