Jump to content

Archived

This topic is now archived and is closed to further replies.

localhost

Registration not writing to database

Recommended Posts

This is coded from my head so I am not sure why it isn't working...The form shows and it submits and refreshs the form, but it doesn't write to the database! :( Here is the code:

[code]
<?php

######################################################################
# Created by: Dann(localhost) for Twilight Programmers                 #
# Created on: May 31, 2006                                             #
# File: Register.php                                                 #
# Use: To register new users and their information into the database #
######################################################################

// Connect to database
include('connect.php');

// If the submit button if pushed we do the following...
if(isset($_POST['submit'])) {

// Set POST form variables

$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$cpassword = $_POST['cpassword'];
$website = $_POST['website'];
$location = $_POST['location'];
$aim = $_POST['aim'];
$msn = $_POST['msn'];
$yim = $_POST['yim'];
// Hidden POST form variables
$regdate = $_POST['regdate'];
$regip = $_POST['regip'];
$priv = $_POST['priv'];

// To track IP
$ip = $_SERVER['REMOTE_ADDR'];

// Uses base64 so we can decode it when sending a lost password
$enc_password = base64_encode($password);

// Query to check if a username or email is already taken
$sql = "SELECT COUNT(*) AS count FROM users WHERE username = '" . mysql_real_escape_string($_POST['username']) . "' OR email = '" . mysql_real_escape_string($_POST['email']) . "'";

$sql_result = mysql_query($sql);
$row = mysql_fetch_array($sql_result);

if ($row['count'] > 0) {
  echo "Username or e-mail already taken.";
} else {

// Check to see if both passwords are the same
if($password!=$cpassword) {
echo "Passwords do not match.";
}


// Check to see if required fields are filled
if($username==NULL || $email==NULL || $password==NULL || $cpassword==NULL) {
echo "All fields with a * are required.";

// Query to insert the form values into our database table designated 'users'
$query = "INSERT INTO users (`username`, `email`, `password`, `website`, `location`, `aim`, `msn`, `yim`, `regdate`, `regip`, `priv`) VALUES ('$username', '$email', '$enc_password', '$website', '$location', '$aim', '$msn', '$yim', '$regdate', '$regip', '$priv')";
$result = mysql_query($query) or die('Could not insert user details into database.');

}
}
}

print "<title>Register</title>
<style type=\"text/css\">
<!--
.style1 {
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: x-small;
}
-->
</style>";

// Form for registration
echo "<form action=\"\" method=\"POST\">
<p>
  <input type=\"hidden\" name=\"regdate\" value=\" <?php echo date('m/d/y'); ?> \">
  <input type=\"hidden\" name=\"regip\" value=$ip>
  <input type=\"hidden\" name=\"priv\" value=\"1\">
</p>
<p class=\"style1\">* Indicates a field is required</p>
<p><span class=\"style1\">
  *Username:
  <input type=\"text\" name=\"username\">
  <Br>
  *eMail:
  <input type=\"text\" name=\"email\">
  <Br>
  *Password:
  <input type=\"password\" name=\"password\">
  <BR>
  *Confirm Password:
  <input type=\"password\" name=\"cpassword\">
  <Br>
  Location:
  <input type=\"text\" name=\"location\">
  <Br>
  Website:
  <input type=\"text\" name=\"website\">
  <Br>
  AIM:
  <input type=\"text\" name=\"aim\">
  <BR>
  MSN:
  <input type=\"text\" name=\"msn\">
  <Br>
  YIM:</span>
  <input type=\"text\" name=\"yim\">
  <Br>
  <input type=\"submit\" name=\"submit\" value=\"Register\">
  </form>";
  
?>

[/code]

Share this post


Link to post
Share on other sites
There is a problem with your logic. You see, the INSERT query is IN the if ($username==NULL || ...); this is out of place.

Also, your script doesn't seem to abort execution once an error occurs (username taken, passwords not matching...); what shouldn't happen.

Share this post


Link to post
Share on other sites
So...

// Check to see if required fields are filled
if($username==NULL || $email==NULL || $password==NULL || $cpassword==NULL) {
echo "All fields with a * are required.";
} else {
// Query to insert the form values into our database table designated 'users'
$query = "INSERT INTO users (`username`, `email`, `password`, `website`, `location`, `aim`, `msn`, `yim`, `regdate`, `regip`, `priv`) VALUES ('$username', '$email', '$enc_password', '$website', '$location', '$aim', '$msn', '$yim', '$regdate', '$regip', '$priv')";
$result = mysql_query($query) or die('Could not insert user details into database.');
}

Would that help it?

Share this post


Link to post
Share on other sites
Yes, but there will still be some logic errors.
An alternative is:

[code]if ($row['count'] > 0) {
  echo "Username or e-mail already taken.";
}

// Check to see if both passwords are the same
elseif($password!=$cpassword) {
echo "Passwords do not match.";
}

// Check to see if required fields are filled
elseif($username==NULL || $email==NULL || $password==NULL || $cpassword==NULL) {
echo "All fields with a * are required.";
} else {
// Query to insert the form values into our database table designated 'users'
$query = "INSERT INTO users (`username`, `email`, `password`, `website`, `location`, `aim`, `msn`, `yim`, `regdate`, `regip`, `priv`) VALUES ('$username', '$email', '$enc_password', '$website', '$location', '$aim', '$msn', '$yim', '$regdate', '$regip', '$priv')";
$result = mysql_query($query) or die('Could not insert user details into database.');

}
}
[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.