DEVILofDARKNESS Posted March 2, 2009 Share Posted March 2, 2009 This code just always create a new row instead of update the user table :S <?php session_start(); require_once 'config.php'; /* DATABASE SETTINGS */ $username = mysql_real_escape_string($_SESSION['username']); $query = "SELECT user_id FROM users WHERE user_name = '$username'"; $result = mysql_query($query); list($userID) = mysql_fetch_row($result); if(!$userID) { // not logged in! header('Location: ../../login.php'); } print "<form action='' method='POST'> Gedicht Naam: <input type='text' maxlength='35' Name='PName'><br> Auteur Naam: <input type='text' maxlength='35' Name='Auteur'><br> bundel: <input type='text' maxlength='35' Name='bundel'><br> Jaartal: <input type='text' maxlength='35' Name='jaartal'><br> Poem Text: <textarea COLS='60' ROWS='5' Name='PText'></textarea> <input type='submit' Value='Add!' name='submit'> <input type='reset'> </form>"; $query = sprintf("SELECT COUNT(DISTINCT poem_id) FROM poems"); $result = mysql_query($query); list($id) = mysql_fetch_row($result); $query = sprintf("SELECT COUNT(DISTINCT book_id) FROM books"); $result = mysql_query($query); list($bookid) = mysql_fetch_row($result); $query = sprintf("SELECT COUNT(DISTINCT author_id) FROM authors"); $result = mysql_query($query); list($authorid) = mysql_fetch_row($result); $query = "SELECT ammount FROM users WHERE user_id = '$userID'"; $result = mysql_query($query); list($ammountU) = mysql_fetch_row($result); $query = "SELECT ammount FROM categories WHERE category_id = '5'"; $result = mysql_query($query); list($ammountC) = mysql_fetch_row($result); if(isset($_POST['submit'])) { $id = $id + 1; $ammountU = $ammountU + 1; $ammountC = $ammountC + 1; $userid = $userid + 1; $bookid = $bookid + 1; $authorid = $authorid + 1; $pname = $_POST['PName']; $ptext = $_POST['PText']; $auteur = $_POST['Auteur']; $bundel = $_POST['bundel']; $jaartal = $_POST['jaartal']; $ip = $_SERVER['REMOTE_ADDR']; if(empty($_POST['PName'])) { print "<script type='text/javascript'>alert('Je hebt geen gedichten naam geschreven!');</script>"; } elseif(empty($_POST['PText'])) { print "<script type='text/javascript'>alert('je hebt geen gedicht geschreven!');</script>"; } elseif(empty($_POST['Auteur'])) { print "<script type='text/javascript'>alert('Je hebt geen Auteur ingevuld, als je het niet weet, schrijf dan Onbekend of UnKnown!');</script>"; } else { $query = sprintf("INSERT INTO poems(poem_id,poem_name,user_id,poem_text,category_id,book_id,poem_added) VALUES ('$id','$pname','$userid','$ptext','5','$bookid','now()')"); $result = mysql_query($query); $query = sprintf("INSERT INTO users(user_id,user_name) VALUES ('$userID','$username')"); $result = mysql_query($query); $query = sprintf("INSERT INTO books(book_id,book_name,author_id) VALUES ('$bookid','$bundel','$authorid')"); $result = mysql_query($query); $query = sprintf("INSERT INTO authors(author_id,author_name) VALUES ('$authorid','$auteur')"); $result = mysql_query($query); $query = "UPDATE users SET ammount = '$ammountU' WHERE user_name = '$username'"; $result = mysql_query($query); $query = "UPDATE categories SET ammount = '$ammountC' WHERE category_id = '5'"; $result = mysql_query($query); print "<script type='text/javascript'>alert('Je gedicht is toegevoegd aan de 'Liefde' categorie);</script><a href='liefde.php'>Zie alle gedichten</a>"; } } ?> With the registration also something goes wrong :s It just add a user when there is no password filled in and it doesn't fill in a password... <?php if($_POST) { $username = $_POST['username']; $password = $_POST['password']; $confirm = $_POST['confirm']; if($password != $confirm) { $color = 'red'; $echo = 'Passwords do not match!'; } else { if($password == '') { $color = 'red'; $echo = 'You haven\'t fill in a password'; } if($username == '') { $color = 'red'; $echo = 'You haven\'t fill in a username'; } else { /*DATABASE SETTINGS */ $query = sprintf("SELECT COUNT(user_id) FROM users WHERE UPPER(user_name) = UPPER('%s')", mysql_real_escape_string($_POST['username'])); $result = mysql_query($query); list($count) = mysql_fetch_row($result); if($count >= 1) { $color = 'red'; $echo = 'that username is taken.'; } else { $query = sprintf("SELECT COUNT(user_id) FROM users"); $result = mysql_query($query); list($id) = mysql_fetch_row($result); $password = md5('ssdùµDSFQ£Fµ^µùµùùù%%*¨£+£%£¨45ss68ee46"é435§(§è)' . $password . 'wadzaa'); $query = sprintf("INSERT INTO users(user_id,user_name,user_pass) VALUES ('$id','$username','$password')", mysql_real_escape_string($_POST['username']), mysql_query($query); $userID = mysql_insert_id($conn); $color = 'green'; $echo = 'Congratulations, you registered successfully!, <a href=\'login.php\'>click here to login</a>'; } } } } ?> <html dir="ltr"> <head> <title>Register</title> <link href="../../standard.css" type="text/css" rel="stylesheet" /> <link href='natuur.css' type='text/css' rel="stylesheet" /> </head> <body> <table class="look" height="100%" width="100%" border="1"> <tbody> <tr> <td width="10%" height="100%"><iframe class="frames" src="../../functieknoppen/functieknoppennatuur.htm" frameborder="0" width="100%" height="100%" scrolling="no"></iframe> </td> <td><center> <font color="<?php echo $color; ?>"><?php echo $echo; ?></font><br> You can register an account by fill in this form.<p> <form method="post" action=""> Username: <input type = "text" name ="username" id="username"><br> Password: <input type="password" name="password"><br> Confirm: <input type="password" name="confirm"><br> <input type="submit" value="Register!"> -- <input type="reset" value="reset"> </form> <script type="text/Javascript"> document.getElementById('username').focus(); </script> </center> </td> </tr> </tbody> </table> </body> </html> Quote Link to comment Share on other sites More sharing options...
phant0m Posted March 2, 2009 Share Posted March 2, 2009 This code just always create a new row instead of update the user table :S well, that's because of this code: <?php $query = sprintf("INSERT INTO users(user_id,user_name) VALUES ('$userID','$username')"); $result = mysql_query($query); ?> With the registration also something goes wrong :s It just add a user when there is no password filled in and it doesn't fill in a password... that's because the else only refers to the preceding "if", which would be if($userbane=='') In other words: A new user is always created when $username != '' - no matter what $password is set to. You could do it like this: <?php $input_is_valid = true; if($password == '') { $input_is_valid = false; $color = 'red'; $echo = 'You haven\'t fill in a password'; } if($username == '') { $input_is_valid = false; $color = 'red'; $echo = 'You haven\'t fill in a username'; } if($input_is_valid){ /*DATABASE SETTINGS */ ?> sidenote: why are you using sprintf when it's not needed?? If you put in any conversion specifications(%x) it's pretty useless. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.