Registration problem

[Cory94bailly]

Code:

function usernameTaken($username){
   global $conn;
   if(!get_magic_quotes_gpc()){
      $username = addslashes($username);
   }
   $q = "select username from ".$users_db." where username = '$username'";
   $result = mysql_query($q);
   return (mysql_numrows($result) > 0);
}

 

I am getting an error for "mysql_numrows"

 

Sorry, I can't read it.. It goes by too fast.

 

Any help?

[Philip]

mysql_num_rows, perhaps?

[allworknoplay]

mysql_num_rows, perhaps?

 

LOL....

[Cory94bailly]

mysql_num_rows, perhaps?

LOL....

 

^^

 

They are the same thing..

 

 

And I got a screenshot of the error lol

 

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result in /home/cory/htdocs/massattack/login/register.php on line 16

 

Line 16 is return (mysql_numrows($result) > 0);

[Philip]

Well, technically, isn't mysql_numrows() deprecated?

 

Anyways, change:

$result = mysql_query($q);

to:

$result = mysql_query($q) or die(mysql_error());

[Cory94bailly]

Well, technically, isn't mysql_numrows() deprecated?

 

Anyways, change:

$result = mysql_query($q);

to:

$result = mysql_query($q) or die(mysql_error());

 

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'where username = user' at line 1

 

This is the only place that has 'where username = '

 

function usernameTaken($username){
   global $conn;
   if(!get_magic_quotes_gpc()){
      $username = addslashes($username);
   }
   $q = "select username from $users_db where username = $username";
   $result = mysql_query($q) or die(mysql_error());
   return (mysql_num_rows($result) > 0);
}

[Cory94bailly]

I just realized that I didn't do "global $user_db;", that was the problem...

 

Anyways, now it is bringing me to the failure page, no mysql errors at all...

 

<?
session_start(); 
require('/home/cory/htdocs/massattack/includes/config.php');

/**
* Returns true if the username has been taken
* by another user, false otherwise.
*/
function usernameTaken($username){
   global $user_db;
   if(!get_magic_quotes_gpc()){
      $username = addslashes($username);
   }
   $q = "select username from MASSattack_users where username = '$username'";
   $result = mysql_query($q) or die(mysql_error());
   return (mysql_num_rows($result) > 0);
}

/**
* Inserts the given (username, password) pair
* into the database. Returns true on success,
* false otherwise.
*/
function addNewUser($username, $password){
   global $user_db;
   $q = "INSERT INTO MASSattack_users VALUES ('$username', '$password')" or die(mysql_error());
   return mysql_query($q);
}

/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a 
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus(){
   $uname = $_SESSION['reguname'];
   if($_SESSION['regresult']){
?>

<h1>Registered!</h1>
<p>Thank you <b><? echo $uname; ?></b>, your information has been added to the database, you may now <a href="main.php" title="Login">log in</a>.</p>

<?
   }
   else{
?>

<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b><? echo $uname; ?></b>, could not be completed.<br>
Please try again at a later time.</p>

<?
   }
   unset($_SESSION['reguname']);
   unset($_SESSION['registered']);
   unset($_SESSION['regresult']);
}

if(isset($_SESSION['registered'])){
/**
* This is the page that will be displayed after the
* registration has been attempted.
*/
?>

<html>
<title>Registration Page</title>
<body>

<? displayStatus(); ?>

</body>
</html>

<?
   return;
}

/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if(isset($_POST['subjoin'])){
   /* Make sure all fields were entered */
   if(!$_POST['user'] || !$_POST['pass']){
      die('You didn\'t fill in a required field.');
   }

   /* Spruce up username, check length */
   $_POST['user'] = trim($_POST['user']);
   if(strlen($_POST['user']) > 30){
      die("Sorry, the username is longer than 30 characters, please shorten it.");
   }

   /* Check if username is already in use */
   if(usernameTaken($_POST['user'])){
      $use = $_POST['user'];
      die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
   }

   /* Add the new account to the database */
   $md5pass = md5($_POST['pass']);
   $_SESSION['reguname'] = $_POST['user'];
   $_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass);
   $_SESSION['registered'] = true;
   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[php_SELF]\">";
   return;
}
else{
/**
* This is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
?>

<html>
<title>Registration Page</title>
<body>
<h1>Register</h1>
<form action="<? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="Join!"></td></tr>
</table>
</form>
</body>
</html>


<?
}
?>

[Cory94bailly]

I posted early in the morning when nobody was on.

 

BUMP