Jump to content

Check for the user if exists

designerguy

By designerguy
in MySQL Help

 Share

Recommended Posts

designerguy Newbie

designerguy

Posted
Posted

Hi there,

 

I am working on a community site as an assignment.

 

here it is all the code that I have:

 



<?php


require_once("includes/db.inc.php");

//create a user account

if(isset($_POST['btnRegister'])){
$fname = mysql_real_escape_string(trim($_POST['firstname']));
$lname = mysql_real_escape_string(trim($_POST['lastname']));
$email = mysql_real_escape_string(trim($_POST['email']));
$pass = mysql_real_escape_string(trim($_POST['pass']));
$pass2 = mysql_real_escape_string(trim($_POST['pass2']));
$hint = mysql_real_escape_string(trim($_POST['hint']));
$type = 2;
$key = '1234';
//do some validation...


$valid = true;
$errMsg ="";
//function valid(){
if (empty($fname)){

			$errMsg .=" You must enter a valid name";
			$valid = false;
			}
if(ereg('[^A-Za-z]', $fname)){    //Only lower or upper case letters allowed.
			$errMsg .="( Please use only alphabets a to z as first name   )<br />";
			$valid = false;  //setting the flag to false.
			}

if (empty($lname)){

			$errMsg .=" You must enter a valid last name";
			$valid = false;
			}

if(ereg('[^A-Za-z]', $lname)){    //Only lower or upper case letters allowed.
			$errMsg .="( Please use only alphabets a to z as last name  )<br />";
			$valid = false;  //setting the flag to false.
			}

if (empty($pass)){

			$errMsg .=" You must enter a password";
			$valid = false;
			}

if (empty($pass2)){

			$errMsg .=" You must enter a password";
			$valid = false;
			}

if ($pass <> $pass2){

			$errMsg .=" Passwords do not match";
			$valid = false;
			}

if (empty($email)){

			$errMsg .=" You must enter an email";
			$valid = false;
			}

if (!eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $email)){
			$errMsg .="Invalid email";
			$valid = false;
			}



			//else {

		// some code will go here to check the database for existing name, last name and email
		// if there is a match then user will be notified that there is a first and last name  or email already in the database and he needs to use another. If there is no match then we will get the data and enter in to the users table.

		if($valid){

		$strSQL ="SELECT first_name, last_name, email 
		FROM users";
		$userRS = mysql_query($strSQL, $oConn);


		  $row = mysql_fetch_assoc($userRS); 
		  
		  
             if((strtolower($row['first_name'])==strtolower($fname) && strtolower($row['last_name'])==strtolower($lname)) || strtolower($row['email'])==strtolower($email))
		   
		  
		  
		   {


$errMsg .=" User exists, please enter other information." ;
$valid = false;
}



		else {






$strSQL = "INSERT INTO users(first_name, last_name, email, user_type, pwd_b, pwd_hint)
VALUES('$fname', '$lname', '$email', $type, AES_ENCRYPT('$pass', '$key'), '$hint')";
$ret = mysql_query($strSQL, $oConn);

if($ret){
	//actually send a confirmation email...
	$feedback = "Your confirmation e-mail has been sent. Please use the e-mail to activate your account.";
}else{
	$errMsg = " " . mysql_error();
}





		}


}



}// for if(isset($_POST['btnRegister']))

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>PHP Forum Registration</title>
    <?php
	include("includes/styles.inc.php");
	include("includes/scripts.inc.php");
?>
</head>

<body>
<div id="wrapper">
<div id="masthead">
    	<?php include("includes/masthead.inc.php"); ?>
    </div>
    <div id="main" class="clearfix">
    	<div id="content">
        	<h2>Create an Account</h2>
            <?php
		if(isset($feedback) && !empty($feedback)){
			echo '<p class="info">' . $feedback . '</p>';	
		}
		if(isset($errMsg) && !empty($errMsg)){
			echo '<p class="error">' . $errMsg . '</p>';	
		}
		?>
            <form name="registerForm" id="registerForm" action="<?=$_SERVER['PHP_SELF']?>" method="post">
                <fieldset>
                    <legend>Forum Registration</legend>
                    <div class="formBox">
                        <label for="firstname">First Name</label>
                        <input type="text" name="firstname" id="firstname" value="" class="wide" maxlength="40" />
                    </div>
                    <div class="formBox">
                        <label for="lastname">Last Name</label>
                        <input type="text" name="lastname" id="lastname" value="" class="wide" maxlength="40" />
                    </div>
                    <div class="formBox">
                        <label for="email">E-mail</label>
                        <input type="text" name="email" id="email" value="" class="xtrawide" maxlength="80" />
                    </div>
                    <div class="formBox">
                        <label for="pass">Password</label>
                        <input type="password" name="pass" id="pass" value="" class="mid" maxlength="20" />
                    </div>
                     <div class="formBox">
                        <label for="pass2">Re-Type Password</label>
                        <input type="password" name="pass2" id="pass2" value="" class="mid" maxlength="20" />
                    </div>
                     <div class="formBox">
                        <label for="hint">Password Hint</label>
                        <input type="text" name="hint" id="hint" value="" class="wide" maxlength="120" />
                    </div>
                    <div class="formBox buttons">
                    	<input type="submit" name="btnRegister" id="btnRegister" value="Sign Up" class="btn"  />
                    </div>
                </fieldset>
            </form>
        </div>
    	
    </div>
    <div id="footer">
    	<?php include("includes/footer.inc.php"); ?>
    </div>
</div>
</body>
</html>

 

The problem is that it will add the user even if the users exists in the database.

 

I am a newbie so please provide some more details.

 

Thanks in advance.

Link to comment
https://forums.phpfreaks.com/topic/150563-check-for-the-user-if-exists/
Share on other sites
jackpf Member

jackpf

Posted
Posted

You should do something like this to make sure-

 

$username = $_POST['username'];
$sql = mysql_query("SELECT * FROM table WHERE Username='$username'");
if(mysql_num_rows($sql) > 0)
{
die('error');
}

 

Also, you can set the column to be unique in the database which will prevent this from happening.

designerguy Newbie

designerguy

Posted
  • Author
Posted

You should do something like this to make sure-

 

$username = $_POST['username'];
$sql = mysql_query("SELECT * FROM table WHERE Username='$username'");
if(mysql_num_rows($sql) > 0)
{
die('error');
}

 

Also, you can set the column to be unique in the database which will prevent this from happening.

 

Thanks for replying. I understand that you are checking for the number of rows. However shouldn't that be 1 instead of 0 in your code.

 

And what is wrong with my code anyways? I am checking the first_name , last_name and email fileds and if there is a match then it should prevent the user from adding information to the database.

designerguy Newbie

designerguy

Posted
  • Author
Posted

Well, you could put == 1, but > 0 covers that and all other numbers it shouldn't be.

 

And idk tbh, I didn't read all your code, there;s quite a lot of it :P

 

Why don't you try putting in my code and see what it does...

 

ok that worked thanks.

 

I just have one more question and I hope it will be o.k to ask in here.

 

How would I store the user information temporarily in the form? say if the user name exists however the email does not exists I would like to let the information be in the form so the user does not have to enter them again other than the one that he should.

jackpf Member

jackpf

Posted
Posted

If you do something liek this:

 

die('Duplicate username.<br /><a href="#" onclick="history.go(-1);">Back</a>');

 

All it does is go back one place in your history, so it's in effect the same as pressing the back button on the browser. In most modern browsers this leaves the values in the text fields.

designerguy Newbie

designerguy

Posted
  • Author
Posted

If you do something liek this:

 

die('Duplicate username.<br /><a href="#" onclick="history.go(-1);">Back</a>');

 

All it does is go back one place in your history, so it's in effect the same as pressing the back button on the browser. In most modern browsers this leaves the values in the text fields.

 

that does not work. Actually I was not using die I just set my flag to false before.

 

Now what I have is this:

 

$sql = mysql_query("SELECT * FROM users WHERE (first_name='$fname' AND last_name='$lname') OR email='$email'  ");
		if(mysql_num_rows($sql) > 0)
		{
		$errMsg .=" User exists, please enter other information." ;
		$valid = false;
		die('Duplicate email.<br /><a href="#" onclick="history.go(-1);">Back</a>');

 

 

 

designerguy Newbie

designerguy

Posted
  • Author
Posted

It doesn't work? What, do you get a javascript error or something?

 

no errors. validation does not work if I add the 


die('Duplicate email.<br /><a href="#" onclick="history.go(-1);">Back</a>');

 

and it takes me to a page with a text "Duplicate email" and a back link . clicking on the back link will take me to the reg page but no entry in there.

jackpf Member

jackpf

Posted
Posted

Oh right. That's odd because it works on my own site...

 

Anyway, I suppose you could store all the values in a cookie, and then display them in the fields if they exist.

 

set cookie:

$field = $_POST['field'];
$field2 = $_POST['field2'];
$cookie = $field.'.'.$field2;
setcookie('name', $cookie....domain, path etc...

something like this on the reg page:

 

$cookie = $_COOKIE['name'];
$cookie = explode('.', $cookie);
<input type="text" name="field" value="'.$cookie[0].'" />
<input type="text" name="field" value="'.$cookie[1].'" />

designerguy Newbie

designerguy

Posted
  • Author
Posted

Oh right. That's odd because it works on my own site...

 

Anyway, I suppose you could store all the values in a cookie, and then display them in the fields if they exist.

 

set cookie:

$field = $_POST['field'];
$field2 = $_POST['field2'];
$cookie = $field.'.'.$field2;
setcookie('name', $cookie....domain, path etc...

something like this on the reg page:

 

$cookie = $_COOKIE['name'];
$cookie = explode('.', $cookie);
<input type="text" name="field" value="'.$cookie[0].'" />
<input type="text" name="field" value="'.$cookie[1].'" />

 

 

ok thanks a lot for your help. I will try that later. For now I am fine with what I have.

 

I am going to ask a php question in php forum shortly though. Would greatly appreciate your comments.

 

thanks again

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.