-
Posts
1,842 -
Joined
-
Last visited
Posts posted by marcus
-
-
yes i did
-
if i post the code could you alter it so it will work? possibly?
-
It isnt working
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /home/neoblob/public_html/inc/do_reg.inc on line 20 -
ok, lemme try that
-
but how do i check w/ sql that it already exists?
-
if a user already exists in the database they cannot register at all, or have to choose a new username
edit: many of my user tend to attempt to register multiple times, and when i view the member list there they are, right next to each other -
Ok, well, I'm trying to make my registration more secure by adding something if the username, email or ip already exists in the database, how would i do this?
-
Ok I am making a registration and it isnt working, i need some help here figuring this out.
register.php
[code]
<?
if($_COOKIE['auth'] == "yes") {
include('./inc/header.inc');
?>
<tr><td style="border:1px solid black; padding:0px;" colspan=5>
<div class=box>
<p align=right>Marra»Denied</p>
You are already registered. One account per person please.
</div>
<tr><td class=si colspan=5>
© 2006 Infinite Productions Studios. All Rights Reserved
</td>
</table>
<?
}else{
include('./inc/header.inc');
include('./inc/output.inc');
$ip = $_SERVER[REMOTE_ADDR];
?>
<?
if($_COOKIE['auth'] == "yes") {
echo '<tr><td style="border:1px solid black; padding:0px;" colspan=5>
<div class=box>
<p align=right>Marra»Error</p>
You are already registered.
</div>
<tr><td class=si colspan=5>
© 2006 Infinite Productions Studios. All Rights Reserved
</td>
</table>';
}else{
?>
<tr><td style="border:1px solid black; padding:0px;" colspan=5>
<div class=box>
<p align=right>Marra»Registration</p>
<form method=post action=do_reg.php>
Please fill in all the details below. Email address is required for password recovery. <br><br>
Username:<input type=text name=name><br><br>
Password:<input type=password name=pass><br><br>
Password:<input type=password name=pass2><br><br>
Email:<input type=text name=mail><br><br>
Below is information that is required for game play. Please choose carefully as these options cannot be changed later.<br><br>
Name Your Hero: <input type=text name=hero><br><br>
Guild:<select name=guild>
<option>Blood Alchemists</option>
<option>Iron Visage</option>
<option>Immortal Catalysts</option>
<option>The Legion</option>
</select><br><br>
Alignment:<select name=align>
<option>Evil</option>
<option>Chaotic</option>
<option>Neutral</option>
<option>Good</option>
<option>Heroic</option>
</select><br><br>
<input type=hidden value="<? echo $ip ?>" name=ip>
<input type=submit value=Register>
</form>
</div>
<tr><td class=si colspan=5>
© 2006 Infinite Productions Studios. All Rights Reserved
</td>
</table>
<?
}
}
?>[/code]
and then
do_reg.php
[code]<?php
$new_user = $_POST[name];
$new_pass = $_POST[pass];
$new_pass2 = $_POST[pass2];
$new_mail = $_POST[mail];
$new_hero = $_POST[hero];
$new_guild = $_POST[guild];
$new_align = $_POST[align];
if($_COOKIE['auth'] == "yes") {
echo '<tr><td style="border:1px solid black; padding:0px;" colspan=5>
<div class=box>
<p align=right>Marra»Error</p>
You are already registered.
</div>
<tr><td class=si colspan=5>
© 2006 Infinite Productions Studios. All Rights Reserved
</td>
</table>';
}else{
include("./inc/info.php");
//PASSWORDS MATCH?
if($new_pass != $new_pass2) {
$error = 'Your passwords do match, please go back and fix them.';
include("register.php");
exit();
}
//IP ALREADY IN DB?
$connection = mysql_connect($host,$user,$password);
$db = mysql_select_db($database, $connection);
$sql = "SELECT ip FROM USER
WHERE ip='$ip'";
$result = mysql_query($sql);
$num = mysql_numrows($result);
if ($num > 0)
{
$error = 'Ip Address already in use. We do not allow multiple accounts.';
include("register.php");
exit();
}
//USERNAME ALREADY EXIST?
$connection = mysql_connect($host,$user,$password);
$db = mysql_select_db($database, $connection);
$sql = "SELECT user FROM USER
WHERE user='$new_user'";
$result = mysql_query($sql);
$num = mysql_numrows($result);
if ($num > 0)
{
$error = 'Username already in use, please go back and select another.';
include("register.php");
exit();
}
//EMAIL SYNTAX CORRECT?
if (!ereg("^.+@.+\\..+$",$new_mail))
{
$error = "$new_mail is not a valid email address. Please use a correct email.";
include("register.php");
exit();
}
//EMAIL ALREADY IN USE?
$sql = "SELECT email FROM USER WHERE email='$new_mail'";
$result = mysql_query($sql);
$num = mysql_numrows($result);
if ($num > 0)
{
$error = 'Email already present in Database. We do not allow multiple accounts.';
include("register.php");
exit();
}
//HERO NAME TAKEN?
$connection = mysql_connect($host,$user,$password);
$db = mysql_select_db($database, $connection);
$sql = "SELECT hero_name FROM USER
WHERE hero_name='$new_hero'";
$result = mysql_query($sql);
$num = mysql_numrows($result);
if ($num > 0)
{
$error = 'A hero under the name $new_hero has already been born, please go back and select another.';
include("register.php");
exit();
}else{
//END DATABASE CHECKS
//CALCULATE STATS
//BASE
$att = 20;
$def = 20;
$arc = 20;
$vit = 20;
$eng = 20;
//CALCULATE BA
if($new_guild == "Blood Alchemists") {
$att = 16;
$def = 18;
$arc = 22;
$vit = 15;
$eng = 30;
}
//CALCULATE IV
if($new_guild == "Iron Visage") {
$att = 30;
$def = 22;
$arc = 14;
$vit = 24;
$eng = 15;
}
//CALCULATE IC
if($new_guild == "Immortal Catalysts") {
$att = 14;
$def = 20;
$arc = 30;
$vit = 22;
$eng = 40;
}
//CALCULATE TL
if($new_guild == "The Legion") {
$att = 20;
$def = 18;
$arc = 24;
$vit = 22;
$eng = 25;
}
//INSERT REGISTRATION
$sql = "INSERT INTO battle (total,win,lose) VALUES (0,0,0)";
mysql_query($sql);
$sql = "INSERT INTO user (user,pass,email,ip,access,hero_name,guild_name,hero_align) VALUES ('$new_user','$new_pass','$new_mail','$ip','1','$new_hero','$new_guild','$new_align')";
mysql_query($sql);
$sql = "INSERT INTO stats (attack,defense,arcane,health,energy) VALUES ('$att','$def','$arc','$vit','$eng')";
mysql_query($sql);
$sql = "INSERT INTO skill (skill_learned) VALUES ('none')";
$sql = "INSERT INTO gear (head,body,hands,legs,feet,weapon,shield_book,special_1,special_2) VALUES ('NONE','NONE','NONE','NONE','NONE','NONE','NONE','NONE','NONE')";
mysql_query($sql);
include('inc/header.inc');
echo '<tr><td style="border:1px solid black; padding:0px;" colspan=5>
<div class=box>
<p align=right>Marra»Register»Complete</p>';
echo 'Thank you for registering with Marra! Please login to see all that awaits! You may wait 10 seconds to be redirected or just click "Home" at the top.';
echo '<META HTTP-EQUIV="Refresh" CONTENT="10"; URL="index.php">
</div>
<tr><td class=si colspan=5>
© 2006 Infinite Productions Studios. All Rights Reserved
</td>
</table>';
}
}
?>[/code]
It doesnt post into the DB and it keeps coming up with that the EMAIL is already in use. -
[code]
<?php
include("./inc/ryu786.php");
$connection = mysql_connect($host, $user, $password);
[quote]$db = mysql_select_db($database, $connection);[/quote]
$sql = "SELECT id FROM user
WHERE user='$_POST[login]'
AND pass='$_POST[pass]'";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num > 0) { // ### USER AND PASSWORD ARE CORRECT
$id = mysql_fetch_assoc($result);
$ip = $REMOTE_ADDR;
$sql = "INSERT INTO logip (userid, ip) VALUES ('$id[id]', '$ip')";
$result = mysql_query($sql);
setcookie("auth", "yes");
setcookie("id", $id['id']);
header("Location: main.php");
}else{ // ### USER OR PASSWORD IS INCORRECT
header("Location: failed.php");
}
?>
[/code] -
I think this is a problem in my script.
The login script can't seem to find the $connection= path.
Where would I put this path?
Or even, what goes after the = ?
$connection=?
what does it equal?
SQL If Already Exists In DB
in PHP Coding Help
Posted