Jump to content

[SOLVED] Inserting invisible user

jrws

By jrws
in PHP Coding Help

Recommended Posts

jrws Member

jrws

Posted
Posted

Hey there guys,

I am currently working on a project for someone, and I have run into a little spot, nothing that will destroy the project but something annoying nonetheless.

So what happens is I wipe my table to test that everything is working and continually when I sign up the first user it inserts an empty row looking like this:

id 	u_id 	stat_id 	value
1 	0 	5 	0

And I can't seem to see where in my code this is happening:

Register.php

<?php 
session_start(); 
if($_SESSION['loggedin'] == 'yes')
{
echo'<body bgcolor="#000000"><script>location.replace("members.php");</script>';
}
else
{
$title="Register"; 
include("includes/header.php"); 
?>
<body><center>

<table cellpadding="0" cellspacing="0" class="mainborder">
<tr><td>
<table cellpadding="0" cellspacing="0" border="0">

<tr>
<td class="title"></td>
</tr>

<tr>
<td class="navigation">
<? include("includes/navigation.php"); ?>
</td>
</tr>

<tr>
<td class="content"><center>


<!----------------------------------------------------------->
<form method="POST" action="register.php">

<table cellpadding="0" cellspacing="1" border="0">
<tr>

<td colspan="3" class="registerheader">Registration Form</td>

</tr><tr class="light">

<td colspan="3" class="registerinfo">
<!--------------------------------------------------------->

<?php

$fullname=clean($_POST['fullname']);
$age=clean($_POST['age']);
$email=clean($_POST['email']);
$player=clean($_POST['username']);
$password=clean($_POST['password']);
$password2=clean($_POST['password2']);
$regdate=clean($_POST['regdate']);
$ip=clean($_SERVER['REMOTE_ADDR']); 

$isplayer="SELECT * from users where username='$player'";
$isplayer2=mysql_query($isplayer) or die("");
$isplayer3=mysql_fetch_array($isplayer2);

$isemail="SELECT * from users where email='$email'";
$isemail2=mysql_query($isemail) or die("not able to query for email");
$isemail3=mysql_fetch_array($isemail2);

if($fullname == '' && $age == '' && $player == '')
   {
    echo 'Please enter your details correctly below to register.';
   }
// Check to see if they have left the username field blank /////////////////////////////////////////////
else if(strlen($player)<1)
   {
    echo 'Please enter a username.<br />';
   }
// Check to see if they have entered a username less than 4 characters ////////////////////////////////////////////////
else if(strlen($player)<4)
   {
    echo 'Your username must be longer than 4 characters.<br />';
   }
// Check to see if the username given is already being used ////////////////////////////////////////////
else if($isplayer3)
   {
    echo 'Somebody already has that username.<br />';
   }
////////////////////////////////// Check For Fullname Field ////////////////////////////////////////////
// Check to see if they have left the fullname field blank /////////////////////////////////////////////
else if(strlen($fullname)<1)
   {
    echo 'Please enter your fullname.<br />';
   }
// Check to see if there full name is less than 5 letters long /////////////////////////////////////////
else if(strlen($fullname)<5)
   {
    echo 'If you fullname is less than 5 letters long, please contact an Admin.<br />';
   }
////////////////////////////////// Check For Age Field /////////////////////////////////////////////////
// Check to see if they have left the age field blank //////////////////////////////////////////////////
else if(strlen($age)<1)
   {
    echo 'Please enter your age.<br />';
   }
// Check to see if they have left the age field blank //////////////////////////////////////////////////
// Check to see if they are 8 years old or over ////////////////////////////////////////////////////////
else if($age < '8')
   {
    echo 'You must be at least 8 years old to play.<br />';
   }
////////////////////////////////// Check For Email Field ///////////////////////////////////////////////
// Check to see if they have left the email field blank ////////////////////////////////////////////////
else if(strlen($email)<1)
   {
    echo 'Please enter your e-mail address.<br />';
   }
// Check to see if they have enter a valid length email ////////////////////////////////////////////////
else if(strlen($email)<5)
   {
    echo 'Please enter a valid e-mail address.<br />';
   }
else if($isemail3)
   {
    echo 'That e-mail address is already in use.';
   }
////////////////////////////////// Check For Password Field ////////////////////////////////////////////
// Check to see if they have left the password field blank /////////////////////////////////////////////
else if(strlen($password)<1)
   {
    echo 'Please enter a password.<br />';
   }
// Check to see if they have entered a sercure password longer than 4 characters ///////////////////////
else if(strlen($password)<4)
   {
    echo 'Your password must be longer than 4 characters for sercurity reasons.<br />';
   }
// Check to see if they have left the re-type password field blank /////////////////////////////////////
else if(strlen($password2)<1)
   {
    echo 'Please re-type your password.<br />';
   }
// Check to see if they have entered a sercure re-typed password longer than 4 characters //////////////
else if(strlen($password2)<4)
   {
    echo 'Please re-type your password correctly.<br />';
   }
// Check to see if they have entered a sercure re-typed password longer than 4 characters //////////////
else if($password != $password2)
   {
    echo 'Please re-type your password correctly.<br />';
   }
// All input is valid so register the user so they can login ///////////////////////////////////////////
else
   { 
   //Set the stats:
   	$password = sha1($password);
$SQL = "INSERT into users(fullname, age, email, username, password, ip, regdate) VALUES ('$fullname', '$age', '$email', '$player', '$password', '$ip', '$regdate')"; 
mysql_query($SQL) or die("could not register");
$userID = mysql_insert_id();
setStat('Turns',$userID,100);
setStat('Cash',$userID,100);
setStat('Followers',$userID,100);
setStat('Attack',$userID,100);
setStat('Health Points',$userID,100);
setStat('defense',$userID,100);
setStat('attacks_in',$userID,100);
setStat('attacks_out',$userID,100);
setStat('total_attacks_in',$userID,100);
setStat('total_attacks_out',$userID,100);
setStat('exp',$userID,100);
setStat('rem_exp',$userID,100);
setStat('Current Level',$userID,100);
$message="Hey ".$player.",<br>Just to say a quick hello to you.<br>Hello! <br><br>If you need any help or get stuck post on the forums or send me a message and you will be replied to as soon as possible.<br><br>Thanks for reading and joining,<br><br>Storm Trooper";

$date=date("M jS, Y");
$time=date("g:i:s a");

$SQL2 = "INSERT into messages(recipient, sender, subject, message, date_sent, time_sent) VALUES ('$player', 'Soulstealer', 'Welcome to New Core', '$message', '$date', '$time')"; 
mysql_query($SQL2) or die("could not register");
?>
Registration successful, you may now login.
<? }
?>

<!--------------------------------------------------------->
</td>

</tr><tr class="dark">

<td class="registertype">Fullname</td>
<td class="registerspacer">:</td>
<td class="registerinput"><input class="input" type="text" name="fullname" size="25" value="<?=$fullname?>"></td>

</tr><tr class="light">

<td class="registertype">Age</td>
<td class="registerspacer">:</td>
<td class="registerinput"><input class="input" type="text" name="age" size="25" value="<?=$age?>" onkeyup="valid(this,'notnumbers')" onblur="valid(this,'notnumbers')"></td>

</tr><tr class="dark">

<td class="registertype">E-mail</td>
<td class="registerspacer">:</td>
<td class="registerinput"><input class="input" type="text" name="email" size="25" value="<?=$email?>"></td>

</tr><tr class="light">

<td class="registertype">Username</td>
<td class="registerspacer">:</td>
<td class="registerinput"><input class="input" type="text" name="username" size="25" value="<?=$_POST['username'];?>" onkeyup="valid(this,'special')" onblur="valid(this,'special')"></td>

</tr><tr class="dark">

<td class="registertype">Password</td>
<td class="registerspacer">:</td>
<td class="registerinput"><input class="input" type="password" name="password" size="25" mask="x" onkeyup="valid(this,'quotes')" onblur="valid(this,'quotes')"></td>

</tr><tr class="light">

<td class="registertype">Re-type Password</td>
<td class="registerspacer">:</td>
<td class="registerinput"><input class="input" type="password" name="password2" size="25" mask="x" onkeyup="valid(this,'quotes')" onblur="valid(this,'quotes')"></td>

</tr>
<input type="hidden" name="regdate" size="25" value="<?=date('M d, Y')?>">

<tr>

<td colspan="3" class="registerbutton"><input class="input" type="submit" value="Register" name="submit"></td>

</tr>

</table>


<!----------------------------------------------------------->

<br /><br/></center></td></form>
</tr>
<tr>

<td class="otherlinks">
<? include("includes/otherlinks.php") ?>
</td>
</tr>

<tr>
<td class="footer">
<? include("includes/footer.php") ?>
</td>
</tr>

</table>
</td></tr></table>
</center></body>
</html>

<? } ?>

Functions.php

<?php
include_once("includes/connect.php");
function getStat($statName,$userID) {
createIfNotExists($statName,$userID);
$query = sprintf("SELECT value FROM user_stats WHERE stat_id = (SELECT id FROM stats WHERE display_name = '%s' OR short_name = '%s') AND u_id = '%s'",
	clean($statName),
	clean($statName),
	clean($userID));
$result = mysql_query($query);
list($value) = mysql_fetch_row($result);
return $value;		
}
function setStat($statName,$userID,$value) {
createIfNotExists($statName,$userID);
$query = sprintf("UPDATE user_stats SET value = '%s' WHERE stat_id = (SELECT id FROM stats WHERE display_name = '%s' OR short_name = '%s') AND u_id = '%s'",
	clean($value),
	clean($statName),
	clean($statName),
	clean($userID));
$result = mysql_query($query);
}

function createIfNotExists($statName,$userID) {
$query = sprintf("SELECT count(value) FROM user_stats WHERE stat_id = (SELECT id FROM stats WHERE display_name = '%s' OR short_name = '%s') AND u_id = '%s'",
	clean($statName),
	clean($statName),
	clean($userID));
$result = mysql_query($query);
list($count) = mysql_fetch_row($result);
if($count == 0) {
	// the stat doesn't exist; insert it into the database
	$query = sprintf("INSERT INTO user_stats(stat_id,u_id,value) VALUES ((SELECT id FROM stats WHERE display_name = '%s' OR short_name = '%s'),'%s','%s')",
	clean($statName),
	clean($statName),
	clean($userID),
	'0');
	mysql_query($query);
}	
}
?>

Link to comment
https://forums.phpfreaks.com/topic/155312-solved-inserting-invisible-user/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.