localhost Posted June 2, 2006 Share Posted June 2, 2006 This is coded from my head so I am not sure why it isn't working...The form shows and it submits and refreshs the form, but it doesn't write to the database! :( Here is the code:[code]<?php###################################################################### # Created by: Dann(localhost) for Twilight Programmers ## Created on: May 31, 2006 ## File: Register.php ## Use: To register new users and their information into the database #######################################################################// Connect to databaseinclude('connect.php'); // If the submit button if pushed we do the following...if(isset($_POST['submit'])) {// Set POST form variables$username = $_POST['username'];$email = $_POST['email'];$password = $_POST['password'];$cpassword = $_POST['cpassword'];$website = $_POST['website'];$location = $_POST['location'];$aim = $_POST['aim'];$msn = $_POST['msn'];$yim = $_POST['yim'];// Hidden POST form variables$regdate = $_POST['regdate'];$regip = $_POST['regip'];$priv = $_POST['priv'];// To track IP$ip = $_SERVER['REMOTE_ADDR'];// Uses base64 so we can decode it when sending a lost password$enc_password = base64_encode($password);// Query to check if a username or email is already taken$sql = "SELECT COUNT(*) AS count FROM users WHERE username = '" . mysql_real_escape_string($_POST['username']) . "' OR email = '" . mysql_real_escape_string($_POST['email']) . "'";$sql_result = mysql_query($sql);$row = mysql_fetch_array($sql_result);if ($row['count'] > 0) { echo "Username or e-mail already taken.";} else {// Check to see if both passwords are the sameif($password!=$cpassword) { echo "Passwords do not match.";}// Check to see if required fields are filledif($username==NULL || $email==NULL || $password==NULL || $cpassword==NULL) {echo "All fields with a * are required.";// Query to insert the form values into our database table designated 'users'$query = "INSERT INTO users (`username`, `email`, `password`, `website`, `location`, `aim`, `msn`, `yim`, `regdate`, `regip`, `priv`) VALUES ('$username', '$email', '$enc_password', '$website', '$location', '$aim', '$msn', '$yim', '$regdate', '$regip', '$priv')";$result = mysql_query($query) or die('Could not insert user details into database.');}}}print "<title>Register</title><style type=\"text/css\"><!--.style1 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: x-small;}--></style>";// Form for registrationecho "<form action=\"\" method=\"POST\"><p> <input type=\"hidden\" name=\"regdate\" value=\" <?php echo date('m/d/y'); ?> \"> <input type=\"hidden\" name=\"regip\" value=$ip> <input type=\"hidden\" name=\"priv\" value=\"1\"></p><p class=\"style1\">* Indicates a field is required</p><p><span class=\"style1\"> *Username: <input type=\"text\" name=\"username\"> <Br> *eMail: <input type=\"text\" name=\"email\"> <Br> *Password: <input type=\"password\" name=\"password\"> <BR> *Confirm Password: <input type=\"password\" name=\"cpassword\"> <Br> Location: <input type=\"text\" name=\"location\"> <Br> Website: <input type=\"text\" name=\"website\"> <Br> AIM: <input type=\"text\" name=\"aim\"> <BR> MSN: <input type=\"text\" name=\"msn\"> <Br> YIM:</span> <input type=\"text\" name=\"yim\"> <Br> <input type=\"submit\" name=\"submit\" value=\"Register\"> </form>"; ?>[/code] Quote Link to comment Share on other sites More sharing options...
poirot Posted June 2, 2006 Share Posted June 2, 2006 There is a problem with your logic. You see, the INSERT query is IN the if ($username==NULL || ...); this is out of place.Also, your script doesn't seem to abort execution once an error occurs (username taken, passwords not matching...); what shouldn't happen. Quote Link to comment Share on other sites More sharing options...
localhost Posted June 2, 2006 Author Share Posted June 2, 2006 So...// Check to see if required fields are filledif($username==NULL || $email==NULL || $password==NULL || $cpassword==NULL) {echo "All fields with a * are required.";} else {// Query to insert the form values into our database table designated 'users'$query = "INSERT INTO users (`username`, `email`, `password`, `website`, `location`, `aim`, `msn`, `yim`, `regdate`, `regip`, `priv`) VALUES ('$username', '$email', '$enc_password', '$website', '$location', '$aim', '$msn', '$yim', '$regdate', '$regip', '$priv')";$result = mysql_query($query) or die('Could not insert user details into database.');}Would that help it? Quote Link to comment Share on other sites More sharing options...
poirot Posted June 2, 2006 Share Posted June 2, 2006 Yes, but there will still be some logic errors.An alternative is:[code]if ($row['count'] > 0) { echo "Username or e-mail already taken.";} // Check to see if both passwords are the sameelseif($password!=$cpassword) { echo "Passwords do not match.";}// Check to see if required fields are filledelseif($username==NULL || $email==NULL || $password==NULL || $cpassword==NULL) {echo "All fields with a * are required.";} else {// Query to insert the form values into our database table designated 'users'$query = "INSERT INTO users (`username`, `email`, `password`, `website`, `location`, `aim`, `msn`, `yim`, `regdate`, `regip`, `priv`) VALUES ('$username', '$email', '$enc_password', '$website', '$location', '$aim', '$msn', '$yim', '$regdate', '$regip', '$priv')";$result = mysql_query($query) or die('Could not insert user details into database.');}}[/code] Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.