timx1981
-
Posts
4 -
Joined
-
Last visited
Never
Posts posted by timx1981
-
-
Ok. Let me take a step back here and explain what I am trying to accomplish. I have been doing tutorial after tutorial trying to come up with a semi-secure login script for my website. I found bits and pieces that I liked from multiple sources. I believe I have everything working so far minue the registration code, which is what I have been posting about. I did remove some code from it, but I will now post it in its entirety. I really do appreciate the help.
Thanks.
[code]<?
require_once($_SERVER['DOCUMENT_ROOT'].'/db_connect.php');
//SEE IF ALREADY LOGGED IN
if($_SESSION['logged_in'] == 1)
{
//REDIRECT TO HOMEPAGE
header('Location: http://' . $_SERVER['HTTP_HOST'] . '');
} else {
if(isset($HTTP_POST_VARS['submit']))
{
//BEGIN CHECKING USERNAME...
if(!$_POST['username']) die('Alert: username field was blank.');
//array of invalid characters
$junk = array('.', ',', '/', '`', ';', '[', ']', '-', '_', '*', '&', '^', '%', '$', '#', '@', '!', '~', '+', '(', ')', '|', '{', '}', '<', '>', '?', ':', '"', '=');
//starting lenght of username
$len = strlen($_POST['username']);
//replace invalid characters
$_POST['username'] = str_replace($junk, '', $_POST['username']);
$test = $_POST['username'];
//if lenghts are different ($len smaller), invalid characters found, so prompt error.
if(strlen($test) != $len) {
die('Username Error: Username contained invalid characters. You can only use A-Z, 0-9 and the
underscore (_).');
}
//Check if username already exists...
$q2 = mysql_query("SELECT * FROM `members` WHERE `username` = '".$_POST['username']."'");
$q3 = mysql_fetch_object($q2);
if($q3->username == $_POST['username']) {
die('<BR><BR>Sorry, but the username "'.$q3->username.'" is taken, please choose another.');
}
//PASSWORD
if(!$_POST['password']) {
die('Error: Password field was blank');
}
if(!$_POST['verify_password']) {
die('Error: Verify Password field was blank.');
}
if($_POST['password'] != $_POST['verify_password']) {
die('Error: The passwords do not match.');
}
if(strlen($_POST['password']) < 6 ) {
die('Error: Your password is too short. Must be 6 or more characters in length.');
}
//ADD NEW MEMBER
$insert ="INSERT INTO `members` (username, user_password, user_email) VALUES ('".$_POST['username']."',
'".md5($_POST['password'])."', '".$_POST['email']."')";
$insert2 = mysql_query($insert);
if(!$insert2) die(mysql_error());
echo('Registration Successful, Welcome new member! You can now login to your new account. <a href=\login.php\>Login</a>"');
} else {
?>
<table>
<form name="signup" action="<? $_SERVER['PHP_SELF']; ?>" method="POST">
<tr>
<td>Username: <BR> (only A-Z, 0-9 and _ Allowed)<BR></td>
<td><input type="text" id ="username" name="username" value="" maxlength="30"> <BR></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" id="password" name="password" value="" maxlength="30"><BR> (minimum 6
characters)</td>
</tr>
<tr>
<td>Verify Pass:</td>
<td><input type="password" id="verify_password" name="verify_password" value="" maxlength="30"><BR>
</td>
</tr>
<tr>
<td>Email:</td>
<td><input type="text" id="email" name="email" value="" size="30"><br></td>
</tr>
<tr>
<td>Click to Complete Signup:</td>
<td><input type="submit" id="submit" name="submit" value="submit"></td>
</tr>
</form>
</table>
<?
} //end not logged in
} //end submit not pressed
?>
[/code] -
here is the entire piece of code. I really thought that the problem would have been withing the section I posted, but here is the rest of it.... Thanks for the reply. Please help if you are able.
<?
{
//BEGIN CHECKING USERNAME...
if(!$_POST['username']) die('Alert: username field was blank.');
//array of invalid characters
$junk = array('.', ',', '/', '`', ';', '[', ']', '-', '_', '*', '&', '^', '%', '$', '#', '@', '!', '~',
'+', '(', ')', '|', '{', '}', '<', '>', '?', ':', '"', '=');
//starting lenght of username
$len = strlen($_POST['username']);
//replace invalid characters
$_POST['username'] = str_replace($junk, '', $_POST['username']);
$test = $_POST['username'];
//if lenghts are different ($len smaller), invalid characters found, so prompt error.
if(strlen($test) != $len) {
die('Username Error: Username contained invalid characters. You can only use A-Z, 0-9 and the
underscore (_).');
}
//Check if username already exists...
$q2 = mysql_query("SELECT * FROM `members` WHERE `username` = '".$_POST['username']."'");
$q3 = mysql_fetch_object($q2);
if($q3->username == $_POST['username']) {
die('<BR><BR>Sorry, but the username "'.$q3->username.'" is taken, please choose another.');
}
//PASSWORD
if(!$_POST['password']) {
die('Error: Password field was blank');
}
if(!$_POST['verify_password']) {
die('Error: Verify Password field was blank.');
}
if($_POST['password'] != $_POST['verify_password']) {
die('Error: The passwords do not match.');
}
if(strlen($_POST['password']) < 6 ) {
die('Error: Your password is too short. Must be 6 or more characters in length.');
}
//ADD NEW MEMBER
$insert ="INSERT INTO `members` (username, user_password, user_email) VALUES ('".$_POST['username']."',
'".md5($_POST['password'])."', '".$_POST['email']."')";
$insert2 = mysql_query($insert);
if(!$insert2) die(mysql_error());
echo('Registration Successful, Welcome new member! You can now login to your new account. <a
href=\login.php\>Login</a>"');
} else {
?>
<table>
<form name="signup" action="<? $_SERVER['PHP_SELF']; ?>" method="POST">
<tr>
<td>Username: <BR> (only A-Z, 0-9 and _ Allowed)<BR></td>
<td><input type="text" id ="username" name="username" value="" maxlength="30"> <BR></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" id="password" name="password" value="" maxlength="30"><BR> (minimum 6
characters)</td>
</tr>
<tr>
<td>Verify Pass:</td>
<td><input type="password" id="verify_password" name="verify_password" value="" maxlength="30"><BR>
</td>
</tr>
<tr>
<td>Email:</td>
<td><input type="text" id="email" name="email" value="" size="30"><br></td>
</tr>
<tr>
<td>Click to Complete Signup:</td>
<td><input type="submit" id="submit" name="submit" value="submit"></td>
</tr>
</form>
</table>
<?
} //end not logged in
} //end submit not pressed
?>
-
Hi,
I am trying to learn php and have run into a snag. I am getting this error, "Parse error: syntax error, unexpected T_ELSE in /mounted-storage/home28a/sub002/sc25473-ELFX/www/register.php on line 60"
from the following code. If anyone can help me with this I would greatly appreciate it.
Thanks,
//ADD NEW MEMBER
$insert ="INSERT INTO `members` (username, user_password, user_email) VALUES ('".$_POST['username']."',
'".md5($_POST['password'])."', '".$_POST['email']."')";
$insert2 = mysql_query($insert);
if(!$insert2) die(mysql_error());
echo('Registration Successful, Welcome new member! You can now login to your new account. <a
href=\login.php\>Login</a>"');
} else {
?>
<table>
<form name="signup" action="<? $_SERVER['PHP_SELF']; ?>" method="POST">
<tr>
<td>Username: <BR> (only A-Z, 0-9 and _ Allowed)<BR></td>
<td><input type="text" id ="username" name="username" value="" maxlength="30"> <BR></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" id="password" name="password" value="" maxlength="30"><BR> (minimum 6
characters)</td>
</tr>
<tr>
<td>Verify Pass:</td>
<td><input type="password" id="verify_password" name="verify_password" value="" maxlength="30"><BR>
</td>
</tr>
<tr>
<td>Email:</td>
<td><input type="text" id="email" name="email" value="" size="30"><br></td>
</tr>
<tr>
<td>Click to Complete Signup:</td>
<td><input type="submit" id="submit" name="submit" value="submit"></td>
</tr>
</form>
</table>
<?
} //end not logged in
} //end submit not pressed
?>
Parse Error
in PHP Coding Help
Posted