Hi I'm new here in this forum and I'm currently developing a system that is coded in PHP...
Right now, I'm building a registration page.. In my coding here, the first name, middle name, surname, position, company name, company address, telephone number, email and password should not be left blank. I don't have problems with the fields except Email. I'm going dizzy looking at what's wrong with my coding. Please help me!
KNOWN PROBLEMS:
It does not display "Email Already Exist" when i put an email from the database. I don't know where i should put my addtoDB function. checkEmail function does not return a value
TOOLS USED FOR THIS:
Notepad ++ Dreamweaver (For the HTML forms layout) Easy PHP server (I use this to compile my PHP codes and at the same time, connect to a sql database using PHPMyAdmin)
*I believe there's a lot of errors here in my codes. if you find them, please let me know
My php codes are within my website. I use $_SERVER["PHP_SELF"] on the form tag. I did this to save time and to avoid being confused on debugging when i should find the codes on my folder. Anyway, I mix my HTML and PHP codes in one .php file. I know this works fine. Only that I think what's wrong with this code is the logical error. I have tested this on a PHP compiler and there's no syntax error.
Here's my php tag that is responsible for validating my fields:
<?php // Validates the registration form before it is saved to the database
// set to empty values
$fnamErr = $mnamErr = $snamErr = $cnamErr = $posErr = $addErr = $telErr = $mobErr = $faxErr = $emailErr = $passErr = $rpassErr = " ";
$check = $fnam = $mnam = $snam = $cnam = $pos = $add = $tel = $mob = $fax = $email = $pass = $rpass = " ";
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
if (empty($_POST["fnam"]))
{ $fnamErr = " * "; }
else
{ $fnam = test_input($_POST["fnam"]); } //Test first name if its valid
if (empty($_POST["mnam"]))
{ $mnamErr = " * "; }
else
{ $mnam = test_input($_POST["mnam"]); } //Test middle name if its valid
if (empty($_POST["snam"]))
{ $snamErr = " * "; }
else
{ $snam = test_input($_POST["snam"]); } //Test surname if its valid
if (empty($_POST["cnam"]))
{ $cnamErr = " * "; }
else
{ $cnam = test_input($_POST["cnam"]); } //Test company name if its valid
if (empty($_POST["pos"]))
{ $posErr = " * "; }
else
{ $pos = test_input($_POST["pos"]); } //Test Position if its valid
if (empty($_POST["add"]))
{ $addErr = " * "; }
else
{ $add = test_input($_POST["add"]); } //Test Address if its valid
if (empty($_POST["tel"]))
{ $telErr = " * "; }
else
{ $tel = test_input($_POST["tel"]); } //Test Telephone if its valid
if (empty($_POST["pass"]))
{ $passErr = " * "; }
else
{ $pass = test_input($_POST["pass"]); //Test password if its valid
$count = strlen($pass); // count characters
if ($count < 4)
{
$passErr = "Password must contain at least 4 characters. Enter correct password.";
}
}
if (empty($_POST["rpass"]))
{ $rpassErr = " * "; }
else
{ $rpass = test_input($_POST["rpass"]); //Test re-entered password if its valid
if ($pass != $rpass)
{ $rpassErr = "Doesn't match the password.";
{
echo addtoDB();
echo "<script>alert('Registration Complete! You are automatically directed to the Home page.'); location.href='MAIN.php'; </script>";
}}
}
if (empty($_POST["email"]))
{ $emailErr = " * "; } //Test email if its valid
else
{ $email = test_input($_POST["email"]);
$a="";
$check = checkEmail($a);
}
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+.[\w\_]+)/",$email))
{ $emailErr = "Invalid email format. Enter correct email"; echo $check;}
if ($email == $check)
{ $emailErr="Email Already exists";
}
}
?>
Here's my other php tag:
<?php //Functions are listed in here for calling
function checkEmail($em) //checks if email already exists
{ $con=mysqli_connect("localhost","root","","ojt_ms");
if (mysqli_connect_errno())
{ echo "Failed to connect to MySQL: " . mysqli_connect_error(); }
$clog = mysqli_query($con,"SELECT * FROM `company info` ");
while($row = mysqli_fetch_assoc($clog))
{ $em = $row['email']; }
return $em;
}
function test_input($data)
{ //To avoid hacking of database called SQL INJECTION
//This function removes other unnecessary characters
//That hackers may used to get on the website
//This is for security issues
$data = trim($data); $data = stripslashes($data);
$data = htmlspecialchars($data); return $data;
}
function addtoDB() //adds form to database
{ $con=mysqli_connect("localhost","root","","ojt_ms");
if (mysqli_connect_errno())
{ echo "Failed to connect to MySQL: " . mysqli_connect_error(); }
$sql=mysqli_query($con,"INSERT INTO `company info` (`fnam`, `mnam`, `snam`, `pos`, `cnam`, `cadd`, `tel`, `mob`, `fax`, `pass`, `email`) VALUES ( '$_POST[fnam]', '$_POST[mnam]', '$_POST[snam]', '$_POST[pos]', '$_POST[cnam]', '$_POST[add]', '$_POST[tel]', '$_POST[mob]', '$_POST[fax]', '$_POST[pass]', '$_POST[email]' ) ");
mysqli_close($con);
return;
}
?>
I appreciate any help as possible. Thank you