richarro1234 Posted April 29, 2009 Share Posted April 29, 2009 Hey all, im having some trouble with this peice of code: <? if($_COOKIE["twstatus"]==TRUE) { header ("Location: main.php?note=account"); die(); } $id = $_GET['userid']; $useremail = $_GET['useremail']; $hash = $_GET['hash']; include("data.php"); //include("funktioner.php"); mysql_connect($server,$anvandare, $losen); mysql_select_db($databas); $query1 = mysql_query("SELECT * from richspri_social.invite where userid = '$id'") or exit( mysql_error() ); $inv = mysql_fetch_array($query1); $invuserid = $inv['userid']; if ($_GET['add'] == 'user') { if ((!isset($_POST['username'])) || ($_POST['username'] == '')) { header ("Location: signup.php?ref=".$_POST['ref']."&fel=username"); die(); } if ((!isset($_POST['username'])) || ($_POST['username'] == '')) { header ("Location: signup.php?ref=".$_POST['ref']."&fel=username"); die(); } if ((!isset($_POST['password'])) || ($_POST['password'] == '')) { header ("Location: signup.php?ref=".$_POST['ref']."&fel=password"); die(); } if ($_POST['password'] != $_POST['repassword']) { header ("Location: signup.php?ref=".$_POST['ref']."&fel=match"); die(); } if (!isset($_POST['name'])) { header ("Location: signup.php?ref=".$_POST['ref']."&fel=name"); die(); } if (!isset($_POST['email'])) { header ("Location: signup.php?ref=".$_POST['ref']."&fel=mail"); die(); } include("match.php"); if (!checkchr($_POST['username'])) { header ("Location: signup.php?ref=".$_POST['ref']."&fel=usernamesql"); die(); } include("data.php"); include "funktioner.php"; $db = mysql_connect($server,$anvandare, $losen); mysql_select_db($databas); $query = mysql_query("SELECT * from richspri_social.users where username = '".$_POST['username']."' or email = '".$_POST['email']."'") or exit( mysql_error() ); $r = mysql_fetch_array($query); if (isset($r['username'])) { //Användarnamnet existerar... det måste vi göra nåt åt header("Location: signup.php?ref=".$_POST['ref']."&fel=user"); die('Användaren existerar redan'); } // Har det kommit så här långt existerar inte användaren och vi kan lägga till den // End... // $password = md5($_POST['password']); mysql_query("INSERT INTO richspri_social.users (username, reggad, password, name, email, logins, lastlogin, status) VALUES ('" . $_POST['username'] . "','" . time() . "','" . $_POST['password'] . "','" . $_POST['name']. "','" . $_POST['email'] . "','0','" . time() ."','online')") or exit( mysql_error() ); header ("Location: index.php?note=accreated"); mysql_close($db); } ?> <?include("header.php");?> <? if ($_GET['fel'] == 'user') { $note = "<br><center> <table border='1' cellpadding='0' cellspacing='0' style='border-collapse: collapse' width='75%' id='AutoNumber1' bordercolor='red' bgcolor='#000000'> <tr> <td width='100%' align='center'><font color='red' size='2'><b>The username or Email already exists, choose another!</b></font></td> </tr> </table> </center><br>"; } if ($_GET['fel'] == 'usernamesql') { $note = "<br><center> <table border='1' cellpadding='0' cellspacing='0' style='border-collapse: collapse' width='75%' id='AutoNumber1' bordercolor='red' bgcolor='#000000'> <tr> <td width='100%' align='center'><font color='red' size='2'><b>You have invalid characters in your username, please choose another!</b></font></td> </tr> </table> </center><br>"; } if ($_GET['fel'] == 'password') { $note = "<br><center> <table border='1' cellpadding='0' cellspacing='0' style='border-collapse: collapse' width='75%' id='AutoNumber1' bordercolor='red' bgcolor='#000000'> <tr> <td width='100%' align='center'><font color='red' size='2'><b>You must choose a password!</b></font></td> </tr> </table> </center><br>"; } if ($_GET['fel'] == 'match') { $note = "<br><center> <table border='1' cellpadding='0' cellspacing='0' style='border-collapse: collapse' width='75%' id='AutoNumber1' bordercolor='red' bgcolor='#000000'> <tr> <td width='100%' align='center'><font color='red' size='2'><b>Your passwords did not match!</b></font></td> </tr> </table> </center><br>"; } if ($_GET['fel'] == 'username') { $note = "<br><center> <table border='1' cellpadding='0' cellspacing='0' style='border-collapse: collapse' width='75%' id='AutoNumber1' bordercolor='red' bgcolor='#000000'> <tr> <td width='100%' align='center'><font color='red' size='2'><b>You must choose a username!</b></font></td> </tr> </table> </center><br>"; } if ($_GET['fel'] == 'namn') { $note = "<br><center> <table border='1' cellpadding='0' cellspacing='0' style='border-collapse: collapse' width='75%' id='AutoNumber1' bordercolor='red' bgcolor='#000000'> <tr> <td width='100%' align='center'><font color='red' size='2'><b>You must fill in a name!</b></font></td> </tr> </table> </center><br>"; } if ($_GET['fel'] == 'mail') { $note = "<br><center> <table border='1' cellpadding='0' cellspacing='0' style='border-collapse: collapse' width='75%' id='AutoNumber1' bordercolor='red' bgcolor='#000000'> <tr> <td width='100%' align='center'><font color='red' size='2'><b>You must fill in a Email!</b></font></td> </tr> </table> </center><br>"; } ?> <center><?=$note?></center> <div id="signup"> <table align="center" class="signuptable"> <form action="signup.php?add=user" method="post"> <input type="hidden" name="ref" maxlength="30" size="20" value="<?=$_GET['ref'];?>"> <tr> <td class="maintitle" colspan="2">Register for Nosepad!</td> </tr> <? if ($id == $inv['userid'] && $useremail == $inv['useremail'] && $hash == $inv['hash']){ ?> <? require("inc/signup.php");?> <?} else { ?> <td class="four">Unable to signup at this stage. If you were given an invite then please follow the link provided in the email. <br/> Thanks</td> <?}?> </form> </table> </div> <?include("footer.php");?> basically, i have sorted out the display. so that it wont display if any of the variables are missing, but i overlooked one thing. if none of them exist then it will load the page. so the link reads: signup.php?id=1&useremail=<useremail>&hash=<hash> the page would load fine and show the signup form. but if it reads: signup.php the page also loads up showing the form aswell, which i dont want to happen as that defies the point. Can someone help me sort it out please. Thanks Rich Quote Link to comment Share on other sites More sharing options...
mrMarcus Posted April 29, 2009 Share Posted April 29, 2009 normally, you'd just have whether the submit button was pushed or not, ie. if (isset ($_POST['submit'])) { //do form stuff here; } else { //form wasn't submitted .. you're not allowed to see this page .. redirecting you; } you gotta unify your code .. you got $_GET and $_POST all over the place .. why? Quote Link to comment Share on other sites More sharing options...
richarro1234 Posted April 29, 2009 Author Share Posted April 29, 2009 no thats not what i mean, i mean as the URL, its an invite system and dont want the form to show up if the info isnt all there, the link needs to be with the userid, useremail and hash ONLY not if there is nothing there (just signup.php [with nothing after it]) and because it works, not sure how to do unifying propaly so it still works Quote Link to comment Share on other sites More sharing options...
mrMarcus Posted April 29, 2009 Share Posted April 29, 2009 that's just simple validation : if (isset ($_GET['userid']) && isset ($_GET['useremail']) && isset ($_GET['hash'])) { //do stuff; } else { //do stuff; } Quote Link to comment Share on other sites More sharing options...
richarro1234 Posted April 29, 2009 Author Share Posted April 29, 2009 Thanks, that does work, but it also needs to check that its in the DB and that its correct. Quote Link to comment Share on other sites More sharing options...
mrMarcus Posted April 29, 2009 Share Posted April 29, 2009 so, get to it .. let me know how it goes. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.