[SOLVED] Registeration bug

[Eggzorcist]

 

I don't understand, I leave everything blank and it passes and echo's out it should register the user.... Why is my regex not working?

 

function register_user($username, $password1, $password2, $email, $captcha){


	if (!preg_match('/^[a-z\d_]{4,15}$/i',$username)){
		$usernameError = true;
	}

	if ($password1 != $password2){
		$passwordError = true;
	}

	if (!preg_match('/^[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/', $email)){
		$emailError = true;
	}

	if ($captcha != $_SESSION['captcha']){
		$captchaError = true;
	}		


	if ($usernameError == true or !isset($passwordError) or !isset($emailError) or !isset($captcha)){
		//Register the user
		echo "will register the user";
	}


	else {

		if ($usernameError == true){
		echo "You're username is not formatted properly.<br>";
		}
		if ($passwordError == true){
		echo "You're entered passwords do not match<br>";
		}
		if ($emailError == true){
		echo "Please enter a correct e-mail adress.<br>";
		}
		if ($captchaError == true){
		echo "Security code did not match.<br>";
		}
	}

}

[uniflare]

There is a forum just for regex but i'll help you out:

 

<?php
// Register User
function register_user($username, $password1, $password2, $email, $captcha){
$Error = null;

// Validate Username Field
if(!preg_match("/\A[a-z0-9_]{4,15}$/i",$username)){
	$Error .= "Username Can Only Contain Letters, Numbers and Underscores (Between 4-15 Characters Long) <br />";
}

// Validate Password Field
if (!preg_match("/\A[a-z0-9 _-]{6,15}$/i",$password1)){
	$Error .= "Password Can Only Contain Letters, Numbers, And Underscores (Between 6-15 Characters Long <br />";
}

// Validate Password Confirmation
if ($password1 != $password2){
	$Error .= "Password and Password Confirmation Do Not Match <br />";
}

// Validate Email Address Format
if (!preg_match("/\A[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/", $email)){
	$Error .= "Email Address Must Be In format: user_name[.subname]@[subdomain.]tld-domain.com <br />";
}

/* Validate Email Address Format
if (!preg_match("/\A[a-z0-9_-]{1,255}(\.[a-z0-9_-]{1,255}){0,255}@[a-z0-9_-]{1,255}(\.[a-z0-9_-]{1,255}){0,255}\.[a-z]{2,5}$/i", $email)){
	$Error .= "Email Address Must Be In format: user_name[.subname]@[subdomain.]tld-domain.com <br />";
} */

// Validate Security Image
if ($captcha != $_SESSION['captcha']){
	$Error = "Your Captcha Input Does Not Match The Image Shown";
}		

// Result Success or Error
if($Error == null){
	// Register The User (MySQL?)
	echo("Thank You for Registering");
}else{
	// Echo the error(s)
	echo($Error);
}
}
?>

 

I've neatened the code, and shown you an alternative to showing the errors.

 

I have also changed all the regex: the Assertion ^ is what i used to use for "Start of Line", though i have found that not all webservers respect that symbol and even apache has its doubts, the correct "Start Of Line" Character should always be: \A (Blackslash Capital A).

 

the snippet you gave shows that if you enter a bad username the form will submit. Or if none of the others gave an error.

 

I have corrected this with a simplified Error System.

 

also i've added a very quick and dirty RegEx for email Validation (By The Way you can also use php's function "gethostbyname" with the domain part of the email address, this will check if the hostname exists and has an ip address, this will prevent people from doing stuff like: blah@thisdomaindoesnotexist.com.

 

Just do an explode("@",$email) and check the 2nd array element.

 

$dmn = explode("@",$email); $ip = gethostbyname($dmn[1]);

-------------------------

Hope this helps,

 

PS: Whilst previewing the TABS (For indentation) Does not appear. (Maybe a phpfreaks Preview Feature Bug)