Jump to content

Added up profile photo's but now.. you cant register properly

Anxious

By Anxious
in PHP Coding Help

 Share

Recommended Posts

Anxious Member

Anxious

Posted
Posted

Can someone assist me.

I can register, but nothing gets entered into TBL_PROFILE and TBL_PHOTO

I have no idea why, it use to work... needing someone to look through the files i have to spot out the problem...

 

Would anyone be able to help

Cheers.

Link to comment
Share on other sites
Gighalen Member

Gighalen

Posted
Posted

If you edited your table's structure without editing the query used upon signup, the query will not have enough data to complete the query and will fail.

 

Ex.

If your former structure looked like this:

-id

-user

-pass

-email

 

and your new one looks like this

-id

-user

-pass

-photo

-email

 

and your query looks like this: insert into blah (id, user, pass, email), the query will fail because it will try to add values to wrong datatypes and not have enough fields to enter.

 

I would recommend assigning values to your query, as to where it will only try to insert values into the columns you specify:

 

INSERT INTO blah (id, user, pass, email) VALUES ('', '$user', '$pass', '$email')

Link to comment
Share on other sites
Anxious Member

Anxious

Posted
  • Author
Posted

Nope,  I know for a fact thats not the problem though.. It worked before I did anything to them, and all i added on the end of it was profile photo's. I removed those, and it still don't work.. it's just not entering a value at all into TBL_PROFILE, and TBL_PHOTOS.

 

But enters the correct values in TBL_USERS

So I have no idea whats going on..

If I never assigned the values.. it'd still enter but in random slots. I ordered it all up.. so I don't know.

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

Well what has changed? Were you working with PHP4 and switch to PHP5? Did your webserver implement new security restrictions (turning off Register_globals)

 

You are really not giving us much to work here. Chances are if it stopped working, something changed. Most of the time, register_globals was turned off, as it should be. What this means what used to come from a form as the name of the input field (IE: Input field name = fname you could access by $fname) you now have to access it by $_POST['fname']. If you do not know if anything was changed, contact your host and ask them if they did do any updates as that will give you a better clue as to what is now happening.

 

The bottom line: something had to change. Scripts do not just magically stop working for no apparent reason.

Link to comment
Share on other sites
Anxious Member

Anxious

Posted
  • Author
Posted

Well, something has changed.. I did change a whole load, but i put most if not all of it back

I've been working on this for like 7 hours straight now. I lost track on what I had changed... I always thought it'd be somewhere around the area of where it puts the values into the database table.. and i looked, and it looks fine.

Link to comment
Share on other sites
Anxious Member

Anxious

Posted
  • Author
Posted 

<?php       else{
  $activ_code = rand(1000000,9999999);
         if($database->addNewUser($subuser, md5($subpass), $subemail, $subday, $submonth, $subyear, $sublocation, $subgender, $activ_code)){
	   if($database->addNewProfile($subuser, md5($subpass), $subemail)){
	    if($database->addNewPhoto($subuser)){
              if(EMAIL_WELCOME){
                 $mailer->sendWelcome($subuser,$subemail,$subpass,$sublocation,$subgender,$activ_code);
               }
                return 0;  //New user added succesfully
               }
		   }
	     }else{
                return 2;  //Registration attempt failed
           }
      } ?>

 

If it puts the details in database, it then sets up the profile, if profile sets up, it then adds the username into the photoalbum table, if thats done, it then sends the welcome mail.

 

then, it puts the values into the database tables. Which is as follows..

<?php    function addNewUser($username, $password, $email, $day, $month, $year, $location, $gender, $activ_code){
      $time = date("F j, Y, g:i");
  $dob = $_POST['day'] . "/" . $_POST['month'] . "/" . $_POST['year'];
  
      /* If admin sign up, give admin user level */
      if(strcasecmp($username, ADMIN_NAME) == 0){
         $ulevel = ADMIN_LEVEL;
      }else{
         $ulevel = USER_LEVEL;
      }
      $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '$ulevel', '$email', '$time', '$location', '$dob', '$gender', '0', '$activ_code', '1')";
      return mysql_query($q, $this->connection);
   }
   
   function addNewProfile($username, $password, $email){
      $q = "INSERT INTO ".TBL_PROFILE." VALUES ('$username', '$password', '$email', '$slogan', 'Not Set', 'Not Set', 'Not Set', 'Not Set', 'Not Set', 'Not Set')";
  return mysql_query($q, $this->connection);
   }
   
   function addNewPhoto($username){
  $q = "INSERT INTO ".TBL_PROFILE." VALUES ('$username')";
  return mysql_query($q, $this->connection);
   } ?>

 

I don't understand why its not putting any values into Profile and Photos, it Use to.. I don't understand why not now. I don't know what I have changed in order to stop it from working. The values into Users, work, just profiles and photo's dont.

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

Perhaps add mysql error checking to see if the query is failing.

 

  function addNewPhoto($username){
     $q = "INSERT INTO ".TBL_PROFILE." VALUES ('$username')";
     mysql_query($q, $this->connection) or die("SQL Was: {$q}<br />Error Was: " . mysql_error());
     return true;
   }

 

And see what comes of it.

Link to comment
Share on other sites
Anxious Member

Anxious

Posted
  • Author
Posted

The first snippet of code I gave remains the same. Here is what I've got updated on the second part.

 

<?php    function addNewUser($username, $password, $email, $day, $month, $year, $location, $gender, $activ_code){
      $time = date("F j, Y, g:i");
     $dob = $_POST['day'] . "/" . $_POST['month'] . "/" . $_POST['year'];
     
      /* If admin sign up, give admin user level */
      if(strcasecmp($username, ADMIN_NAME) == 0){
         $ulevel = ADMIN_LEVEL;
      }else{
         $ulevel = USER_LEVEL;
      }
      $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '$ulevel', '$email', '$time', '$location', '$dob', '$gender', '0', '$activ_code', '1')";
      return mysql_query($q, $this->connection);
   }
   
   function addNewProfile($username, $password, $email){
      $q = "INSERT INTO ".TBL_PROFILE." VALUES ('$username', '$password', '$email', '$slogan', 'Not Set', 'Not Set', 'Not Set', 'Not Set', 'Not Set', 'Not Set')";
     return mysql_query($q, $this->connection);
   }
   
  function addNewPhoto($username){
     $q = "INSERT INTO ".TBL_PHOTO." VALUES ('$username')";
     mysql_query($q, $this->connection) or die("SQL Was: {$q}<br />Error Was: " . mysql_error());
     return true;
   } ?>

 

One did say use mysql_real_escape_string()  however, what are the differences between all the 'mysql's, not sure as to what they do. I haven't tested mysql_real_escape_string()  because I don't know where'd I'd exactly insert it and what it should do?

 

Though note that it doesn't even get to addNewPhoto, seeing asit does do addNewProfile either.

 

Thank you.

Link to comment
Share on other sites
Ken2k7 Member

Ken2k7

Posted
Posted

Ya, I suggested that. It escapes a string so it's safe to be INSERTed into a DB. If you don't have that, people can do SQL injections into your code.

 

Example:

$e = "how're ya";
$sql = "INSERT INTO `tbl` VALUES('$e')";

 

The single quote in $e will close the first single quote after "VALUES(". mysql_real_escape_string() would just add a backslash to the single quote in $e so it doesn't break.

Link to comment
Share on other sites
Ken2k7 Member

Ken2k7

Posted
Posted

See the params you have in the function?

 

function addNewUser($username, $password, $email, $day, $month, $year, $location, $gender, $activ_code){

 

Well, you should do something like:

$username = mysql_real_escape_string($username);

Do that for each param. Do this before you create your $q var.

Link to comment
Share on other sites
Anxious Member

Anxious

Posted
  • Author
Posted

Like this? Should I still have the error given on addNewPhoto, or should I keep that as normal being as the error isn't in that part, its on photo and profile.

 

function addNewUser($username, $password, $email, $day, $month, $year, $location, $gender, $activ_code){
      $username = mysql_real_escape_string($username);
      $q = "INSERT INTO ".TBL_PROFILE." VALUES ('$username', '$password', '$email', '$slogan', 'Not Set', 'Not Set', 'Not Set', 'Not Set', 'Not Set', 'Not Set')";
     return mysql_query($q, $this->connection);
   } ?>

Link to comment
Share on other sites
Anxious Member

Anxious

Posted
  • Author
Posted

I have gotten this far now

 <?php
   function addNewUser($username, $password, $email, $day, $month, $year, $location, $gender, $activ_code){
      $username = mysql_real_escape_string($username);
  $password = mysql_real_escape_string($password);
  $email = mysql_real_escape_string($email);
  $day = mysql_real_escape_string($day);
  $month = mysql_real_escape_string($month);
  $year = mysql_real_escape_string($year);
  $location = mysql_real_escape_string(location);
  $gender = mysql_real_escape_string($gender);
  $activ_code = mysql_real_escape_string($activ_code);
  
      $time = date("F j, Y, g:i");
  $dob = $_POST['day'] . "/" . $_POST['month'] . "/" . $_POST['year'];
  
      /* If admin sign up, give admin user level */
      if(strcasecmp($username, ADMIN_NAME) == 0){
         $ulevel = ADMIN_LEVEL;
      }else{
         $ulevel = USER_LEVEL;
      }
      $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '$ulevel', '$email', '$time', '$location', '$dob', '$gender', '0', '$activ_code', '1')";
      return mysql_query($q, $this->connection);
   }
   
   function addNewProfile($username, $password, $email){
      $username = mysql_real_escape_string($username);
  $password = mysql_real_escape_string($password);
  $email = mysql_real_escape_string($email);
      $q = "INSERT INTO ".TBL_PROFILE." VALUES ('$username', '$password', '$email', '$slogan', 'Not Set', 'Not Set', 'Not Set', 'Not Set', 'Not Set', 'Not Set')";
  return mysql_query($q, $this->connection);
   }
   
   function addNewPhoto($username){
      $username = mysql_real_escape_string($username);
      $q = "INSERT INTO ".TBL_PHOTO." VALUES ('$username')";
      mysql_query($q, $this->connection) or die("SQL Was: {$q}<br />Error Was: " . mysql_error());
      return true;
   }
?>

 

There was no change in what the problem is.

Still enters values into TBL_USERS, but not TBL_PHOTO & PROFILE

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.