Sylsky

Ok done x) and... How can I verify if the user already exists in the database when the person is registering? I'm really blocked on this :/

Ok, thanks, I took your comments in note. How can I verify if the user already exists in the database when the person is registering? I'm really blocked on this :/

Tried to add this: $listedespseudos = mysql_query("SELECT pseudo FROM membres"); $pseudos = mysql_fetch_assoc($listedespseudos); elseif (ereg($_POST['pseudo'],$pseudos['pseudo'])) { echo "Pseudo déjà utilisé!"; } But not working: Parse error: syntax error, unexpected T_ELSEIF in C:\Users\Sylvain\Desktop\apprentissagePHP\insertion.php on line 28 Is it the way I should go?

Alright, working now! Thanks! I let all those str_replace because trim is working only on the start/end of characters. So if someone put: super pseudo it will be transformed to: super pseudo Now, the last problem, how can I protect the pseudos/mail. I mean, I don't want people to register with the same pseudo/mail? I gotta select from the database all the pseudo/mails and compare with the new entries, but I really have no idea how to o.O

Even with trim people can still create accounts with spaces only: $pseudo = mysql_real_escape_string(htmlspecialchars(trim($_POST['pseudo']))); I also added htmlspecialchars because I readed it's better for pseudos.

Sorry for triple post. I involved my code a little bit: added e-mail filter using a flag + a little "noob trick" which replace every "big spaces" by normal ones. Now 2 problems: - People can still register with the same pseudo than the others (i heard about an "UNIQUE" to add somewhere, tried on UNIQUE VALUES but it didn't work). - People can still register with spaces only Could you help me, please? I have the feeling that my code is getting bigger and bigger, is it normal or i'm going the bad way?

So my code is this one now: mysql_select_db("apprentissage", $con); $pseudo = mysql_real_escape_string($_POST['pseudo']); $mdp = mysql_real_escape_string($_POST['mdp']); $email = mysql_real_escape_string($_POST['email']); var_dump($pseudo); var_dump($mdp); var_dump($email); mysql_query("INSERT INTO membres (pseudo,mdp,email) VALUES ('$pseudo', '$mdp', '$email')"); echo "<br>Vous êtes bien inscrit!"; And the page displays: You can see I tried to register only with spaces. And the "fantom" account has been added to the database.

Nice! It's adding now ! But I can still put fields with only spaces, it's still added to database -.-'

Oh my bad I let the mysql_query at his place before. Now it displays this: INSERT INTO membres (pseudo,mdp,email) VALUES (htyhhjk,rtret,rtyrtyhjkhj)

It displays nothing :/ For info, i'm using EasyPHP, dunno, maybe it's linked.

It doesn't even make a new row, it does nothing in the SQL. And I added this: echo mysql_errno($con) .mysql_error($con). "\n"; in my else bloc, but now, it added a 0 before my "Vous êtes bien inscrit!" Like this: 0 Vous êtes bien inscrit!" Does it means "0" problems? But there is, nothing is added to the database anymore since I added those new variables :S

Even took my old code, without mysql_real_escape_string to apply that trim(): mysql_select_db("apprentissage", $con); $trimmedpseudo = trim($_POST['pseudo']); $trimmedmdp = trim($_POST['mdp']); $trimmedemail = trim($_POST['email']); mysql_query("INSERT INTO membres (pseudo,mdp,email) VALUES ($trimmedpseudo,$trimmedmdp,$trimmedemail)"); echo "Vous êtes bien inscrit!"; I get this "Vous êtes bien inscrit!" but nothing is registered in the database

I just noticed that with that new code... nothing is inserted in my tables anymore, whatever the text I put, but it still display: echo "Vous êtes bien inscrit!";

Alright, now my code looks like this: I let the query in the else bloc because for me (maybe my brain isn't really built normaly xD) it's more logical like this :< The mysql_real_escape_string isn't making any error message anymore. BUT nothing is inserted in my tables, now And... I'd like to avoid the users to put only spaces to make their accounts, I heard about the function str_replace, do I have to use this or there is another one?

Ok, thanks. I tried to apply the mysql_real_escape_string, like this: But I got an error: Warning: mysql_query() expects parameter 2 to be resource, string given in C:\Users\Sylvain\Desktop\apprentissagePHP\insertion.php on line 26