PHP Noob Returns!

Pudgemeister · June 2, 2006

Hi all i'm back!

I have a new prob with my script-I am trying to work my way towards making my own login script.

What I am trying to achieve atm is a register script that scans the database table to make sure the username entered in the form is not already used.

I got so far but am stuck.

These are the three pieces of code used:

[b]dbinfo.inc.php[/b]

[!--coloro:#3333FF--][span style=\"color:#3333FF\"][!--/coloro--]<?
mysql_connect ("localhost", "username", "password") or die ('You cannot connect to the database because: ' . mysql_error());
mysql_select_db('database') or die(mysql_error());
?>[!--colorc--][/span][!--/colorc--]

[b]test_mysql.php[/b]

[!--coloro:#3333FF--][span style=\"color:#3333FF\"][!--/coloro--]<?

echo '<center>Game Testing</center><br><br><br>';
//Register Form//
echo 'Register';
echo '<form action="register.php" method="post">';
echo 'Username:<input type="text" name="username"><br>';
echo 'Password:<input type="text" name="password"><br>';
echo 'First Name:<input type="text" name="first_name"><br>';
echo 'Last Name:<input type="text" name="last_name"><br>';
echo '<input type="Submit"></form><br><br><br>';

//Login Form//
echo 'Login';
echo '<form action="login.php" method="post">';
echo 'Username:<input type="text" name="username"><br>';
echo 'Password:<input type="text" name="password"><br>';
echo '<input type="submit"></form>';

?>[!--colorc--][/span][!--/colorc--]

[b]register.php[/b]

[!--coloro:#3333FF--][span style=\"color:#3333FF\"][!--/coloro--]<?

include ("dbinfo.inc.php");

$username=$_POST['username'];
$password=$_POST['password'];
$first=$_POST['first_name'];
$last=$_POST['last_name'];

$query_1="SELECT $user FROM users";
mysql_query($query_1) or die(mysql_error());

if ($query_1==null){
$query_2="INSERT INTO users VALUES('$username','$password','$first','$last','')";
mysql_query($query_2) or die(mysql_error());
mysql_close();
}else{
echo 'Sorry-This Username Has Already Been Registered';
}

?>[!--colorc--][/span][!--/colorc--]

Now I know that being me-there will be a veriety of errors in this-though the error I m curently getting from the browser is:

"You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM users' at line 1"

Noob needing help again lol

Pudgemeister

P.S. Username, Pasword, and Database name are 100% correct this time-loleee

countnikon · June 2, 2006

[!--quoteo(post=379342:date=Jun 2 2006, 09:44 AM:name=Pudgemeister)--][div class=\'quotetop\']QUOTE(Pudgemeister @ Jun 2 2006, 09:44 AM) [snapback]379342[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Hi all i'm back!

I have a new prob with my script-I am trying to work my way towards making my own login script.

What I am trying to achieve atm is a register script that scans the database table to make sure the username entered in the form is not already used.

I got so far but am stuck.

These are the three pieces of code used:

[b]dbinfo.inc.php[/b]

[!--coloro:#3333FF--][span style=\"color:#3333FF\"][!--/coloro--]<?
mysql_connect ("localhost", "username", "password") or die ('You cannot connect to the database because: ' . mysql_error());
mysql_select_db('database') or die(mysql_error());
?>[!--colorc--][/span][!--/colorc--]
[b]test_mysql.php[/b]

[!--coloro:#3333FF--][span style=\"color:#3333FF\"][!--/coloro--]<?

echo '<center>Game Testing</center><br><br><br>';
//Register Form//
echo 'Register';
echo '<form action="register.php" method="post">';
echo 'Username:<input type="text" name="username"><br>';
echo 'Password:<input type="text" name="password"><br>';
echo 'First Name:<input type="text" name="first_name"><br>';
echo 'Last Name:<input type="text" name="last_name"><br>';
echo '<input type="Submit"></form><br><br><br>';

//Login Form//
echo 'Login';
echo '<form action="login.php" method="post">';
echo 'Username:<input type="text" name="username"><br>';
echo 'Password:<input type="text" name="password"><br>';
echo '<input type="submit"></form>';

?>[!--colorc--][/span][!--/colorc--]
[b]register.php[/b]

[!--coloro:#3333FF--][span style=\"color:#3333FF\"][!--/coloro--]<?

include ("dbinfo.inc.php");

$username=$_POST['username'];
$password=$_POST['password'];
$first=$_POST['first_name'];
$last=$_POST['last_name'];

$query_1="SELECT $user FROM users";
mysql_query($query_1) or die(mysql_error());

if ($query_1==null){
$query_2="INSERT INTO users VALUES('$username','$password','$first','$last','')";
mysql_query($query_2) or die(mysql_error());
mysql_close();
}else{
echo 'Sorry-This Username Has Already Been Registered';
}

?>[!--colorc--][/span][!--/colorc--]
Now I know that being me-there will be a veriety of errors in this-though the error I m curently getting from the browser is:

"You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM users' at line 1"

Noob needing help again lol

Pudgemeister

P.S. Username, Pasword, and Database name are 100% correct this time-loleee
[/quote]
Why is your query statment SELECT $user FROM users? It should be SELECT usrname FROM users where usrname='$user'; I think that might get you.

play_ · June 2, 2006

I think your problem is this: (in bold)

---------------------------------------------------------------------------------------------
<?

include ("dbinfo.inc.php");

[b]$username[/b]=$_POST['username'];
$password=$_POST['password'];
$first=$_POST['first_name'];
$last=$_POST['last_name'];

$query_1="SELECT [b]$user FROM users[/b]";
smysql_query($query_1) or die(mysql_error());

if ($query_1==null){
$query_2="INSERT INTO users VALUES('$username','$password','$first','$last','')"; <----[b] This is also wrong[/b]
mysql_query($query_2) or die(mysql_error());
mysql_close();
}else{
echo 'Sorry-This Username Has Already Been Registered';
}

?>

---------------------------------------------------------------------------------------------

That's not a really valid query. There is no variable $user declared/assigned anywhere. and instead of "if ($query_1==null)" you should check for rows returned.

So replace
[code]
$query_1="SELECT $user FROM users";
mysql_query($query_1) or die(mysql_error());

if ($query_1==null){
$query_2="INSERT INTO users VALUES('$username','$password','$first','$last','')";
mysql_query($query_2) or die(mysql_error());
mysql_close();
}else{
echo 'Sorry-This Username Has Already Been Registered';
}
[/code]

with

[code]
$query_1="SELECT * FROM users WHERE username = $username;
$result_1 = mysql_query($query_1) or die(mysql_error());
$num = mysql_num_rows($result_1); // returns numbers of matches found.
if ($num === 0) {
       // you have to specify in which columns you want to add the information.
    $query_2="INSERT INTO users( username, password, first_name,  last_name)
    VALUES('$username','$password','$first','$last','')";
    $result_2 = mysql_query($query_2) or die(mysql_error());
} else {
    echo 'that username is already in use. please choose another';
}

[/code]

poirot · June 2, 2006

There are some small mistakes with the code. Namely:

VALUES('$username','$password','$first','$last'[b], ''[/b])"; - There are more values than it should.
username = [b]'[/b]$username[b]'[/b] - MySQL requires strings to be enclosed in quotes

Rewritten:

[code]$query_1="SELECT * FROM users WHERE username = '$username';
$result_1 = mysql_query($query_1) or die(mysql_error());
$num = mysql_num_rows($result_1); // returns numbers of matches found.
if ($num === 0) {
       // you have to specify in which columns you want to add the information.
    $query_2="INSERT INTO users( username, password, first_name,  last_name)
    VALUES('$username','$password','$first','$last')";
    $result_2 = mysql_query($query_2) or die(mysql_error());
} else {
    echo 'that username is already in use. please choose another';
}[/code]

Pudgemeister · June 3, 2006

Ok I Have Re Coded The register.php file.

It Now Looks Like This:

[b]register.php[/b]

[code]<?

include ("dbinfo.inc.php");

$username=$_POST['username'];
$password=$_POST['password'];
$first=$_POST['first_name'];
$last=$_POST['last_name'];

$query_1="SELECT * FROM users WHERE username=$username";
$result_1=mysql_query($query_1) or die(mysql_error());
$num=mysql_num_rows($result_1); // returns numbers of matches found.
if ($num===0) {
       // you have to specify in which columns you want to add the information.
    $query_2="INSERT INTO users(username, password, first_name, last_name)
    VALUES('$username','$password','$first','$last')";
    $result_2 = mysql_query($query_2) or die(mysql_error());
} else {
    echo 'that username is already in use. please choose another';
}

?>[/code]

I (For A Change) Actually Understand All That Which Is A Miricale.

But I Am Still Stuck As I Am Getting This Error:

" Unknown column 'Pudgemeister' in 'where clause' "

I Have Looked Through It All-Especially At The "WHERE" Line And Have No Idea What Is Wrong-Ne1 Got Any Solutions?

Cheers

B) Pudgemeister B)

poirot · June 3, 2006

Please read my previous post.
The strings must have quotes:

username='$username'

Pudgemeister · June 3, 2006

Hi All Again.

All Sorted And Working.

Thank you for all your help. especially u poirot-u alwys have the right answers!

cheers

B) Pudgemeister B)

Sign In

PHP Noob Returns!

Recommended Posts

Pudgemeister

Link to comment

Share on other sites

countnikon

Link to comment

Share on other sites

play_

Link to comment

Share on other sites

poirot

Link to comment

Share on other sites

Pudgemeister

Link to comment

Share on other sites

poirot

Link to comment

Share on other sites

Pudgemeister

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information