Jump to content

Recommended Posts

In a php script I'm using the Registration page only had fields for name and email address, basically. I added fields, just by copying the code on the page. I added Address1, Address2, City and State. Then I added those fields to the mysql db.

 

However, I need help with two things, when I Submit, and some field happens to be incomplete an error message appears and asks the user to complete. All fields remain filled, except the ones I added. How to I keep my just-added-fields populated, like the rest of the fields?

 

And secondly, when I tested my additions, by registering, my newly added fields info, didn't get added to the db.

 

Your help will be appreciated.

 

<div class="signup-right">
    <h1 style="border-bottom: 1px solid #666666;">[var.lang_register_today]!</h1>
    <form action="join.php" method="post" name="capform" class="FormGeneric" onSubmit="return capCheck(this);">
    <div>
      <div style="margin-left:52px; float:left;">
        <b>[var.lang_first_name]:</b>
      </div>
      <div style="margin-right:50px; float:right;">
        <input type="text" name="first_name" size="20" value="[var.first_name]" />
      </div>
    </div>
    <br />
    <br />

    <div>
      <div style="margin-left:52px; float:left;">
       <b>[var.lang_last_name]:</b>
      </div>
      <div style="margin-right:50px; float:right;">
        <input type="text" name="last_name" size="20" value="[var.last_name]" />
      </div>
    </div>
    <br />
    <br />
<div>
      <div style="margin-left:52px; float:left;">
        <b>Address 1:</b>
      </div>
      <div style="margin-right:50px; float:right;">
        <input type="text" name="address_1" size="26" value="[var.Address_1]" />
      </div>
    </div>
    <br />
    <br />
    <div>
      <div style="margin-left:52px; float:left;">
        <b>Address 2:</b>
      </div>
      <div style="margin-right:50px; float:right;">
        <input type="text" name="address_2" size="26" value="[var.Address_2]" />
      </div>
    </div>
    <br />
    <br />

        <div>
	      <div style="margin-left:52px; float:left;">
	        <b>City:</b>
	      </div>
	      <div style="margin-right:50px; float:right;">
	        <input type="text" name="city" size="26" value="[var.city]" />
	      </div>
	    </div>
	    <br />
    <br />


            <div>
		      <div style="margin-left:52px; float:left;">
		        <b>State/Province:</b>
		      </div>
		      <div style="margin-right:50px; float:right;">
		        <input type="text" name="state" size="26" value="[var.state]" />
		      </div>
		    </div>
		    <br />
    <br />


      <div>
        <div style="margin-left:52px; float:left;">
          <b>Zip Code/Mail Code:</b>
        </div>
        <div style="margin-right:110px; float:right;">
          <input type="text" name="zip_code" size="6" maxlength="5" value="[var.zip_code]" />
        </div>
      </div>

 

Thanks for your reply. I think this code below is it. Does it look like it? Thanks

 

<?php
error_reporting (0);


include_once ('classes/config.php');
include_once ('includes/reserved_names.php');

// define access for loading non display php files
define('access',true);

$ahah			= 1;
$show_register	= '';
$load_ajax		= '';
$form_submitted	= '';
$action		= '';
$new_user_name	= '';
$account_type 	= '';
$first_name		= '';
$last_name 		= '';
$email_address 	= '';
$email_address2 = '';
$user_name 		= '';
$password 		= '';
$confirm_password = '';
$country_list	= '';
$dob_month		= '';
$dob_day		= '';
$dob_year		= '';
$zip_code		= '';
$birthday		= '';
$error_message 	= '';
$checked 		= '';

$show_register	= 1;
$load_ajax		= 1;
$procede 		= true;
$action		= mysql_real_escape_string( $_GET['action'] );
$new_user_name	= mysql_real_escape_string( $_GET['new_user_name'] );
$site_name 		= mysql_real_escape_string($config['site_name']);
$form_submitted	= mysql_real_escape_string( $_POST['form_submitted'] );

if ( $action == 'check_user' ) {
$new_user_name	= trim(strtolower($new_user_name));
if ( $new_user_name == '' ) {
	echo "<font color=\"#EE0000\" size=\"2\"><b>".$config['fill_all_fields']."</b></font>";
	die();
}
if ( strlen($new_user_name) < 4 ) {
	echo "<font color=\"#EE0000\" size=\"2\"><b>".$config['username_4_chars']."</b></font>";
	die();
}

// check against reserved names e.g. -> admin etc... or adult words ban
if ( in_array( $new_user_name, $reserved_names ) ) {
	echo "<font color=\"#EE0000\" size=\"2\"><b>".$config['username_not_allowed'] ."";
	die();
}

$sql		= "SELECT user_name FROM member_profile WHERE user_name = '$new_user_name'";
$query	= @mysql_query($sql);
$count	= @mysql_num_rows($query);

if ( $count > 0 ) {
	echo "<font size=\"2\"><b>$new_user_name</b></font><font color=\"#EE0000\" size=\"2\"> <b>=> $lang_not_available</b></font>";
} else {
	echo "<font size=\"2\"><b>$new_user_name</b></font><font color=\"#00DD00\" size=\"2\"> <b>=> $lang_available </b></font>";
}

@mysql_free_result($result);
@mysql_close();
die();
}

if ( $action == 'show_country' ) {
$country_fields_all	= '';
$show_fields		= '';
$country_list 		= file('includes/country.list');

foreach ( $country_list as $country_select )
{
	$country_fields_all = $country_fields_all . $country_select;
}

$show_fields  = '<div style="margin-left:30px; float:left;"><b>'.$lang_country.':</b></div>';
$show_fields .= '<div style="margin-left:95px; float:left;" id="country_list">';
$show_fields .= '<select class="FormSpecialInput_1" id="country_list" name="country_list" style="font-size: 9pt; width:128px; height:20px; font-weight:bold; color:#444444; letter-spacing: 1; border: 1px solid #DFDCDC; background-color: #FDFDFD">';
$show_fields .= $country_fields_all;
$show_fields .= '</select></div>';

echo $show_fields;
die();
}

if ( $procede == true ) {

$account_type 	= 'Standard';
$first_name		= trim(mysql_real_escape_string( $_POST['first_name'] ));
$last_name 		= trim(mysql_real_escape_string( $_POST['last_name'] ));
$email_address 	= trim(mysql_real_escape_string( $_POST['email_address'] ));
$email_address2 	= trim(mysql_real_escape_string( $_POST['email_address2'] ));
$user_name 		= trim(mysql_real_escape_string( $_POST['user_name'] ));
$password 		= trim(mysql_real_escape_string( $_POST['password'] ));
$confirm_password = trim(mysql_real_escape_string( $_POST['confirm_password'] ));
$country_list	= trim(mysql_real_escape_string( $_POST['country_list'] ));
$dob_month		= (int) mysql_real_escape_string( $_POST['dob_month'] );
$dob_day		= (int) mysql_real_escape_string( $_POST['dob_day'] );
$dob_year		= (int) mysql_real_escape_string( $_POST['dob_year'] );
$zip_code		= (int) mysql_real_escape_string( $_POST['zip_code'] );

if ( $_POST['terms'] == 'yes' ) {
	$checked = 'checked=\"checked\"';
    		$procede = true;

} else {
	$procede = false;
    		$error_message = $config['agree_to_terms'];
}

// dDB birthday must be this format =>2008-09-17
$birthday		= $dob_year .'-'. $dob_month .'-'. $dob_day;

foreach ($_POST as $key => $value) {

      	if (!isset($value) || ($value == '')) {
            	$display_key = @str_replace('_', ' ', $key);
            	if ( $display_key == 'zip code' && $value == '' ) {
            		$value = 'none';
            	} else {
            		$error_message = $error_message . ' - ' . $display_key . '  '.$lang_required.' ';
            		$procede = false;
            	}

        	} else {

        	      if ( $key == 'email_address2' ) $key = 'email_address';

          	      if ( $key !== 'email_address'  && (!eregi("^[ _a-zA-Z0-9-]*$", $value)) ) {
            		$display_key = @str_replace('_', ' ', $key);
                		$error_message = $error_message . ' - ' . $display_key . ' '.$config['invalid_email_text'].' ';
                		$procede = false;
            	}

            	if ( $key == 'email_address' && !eregi("^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*(\.[a-z]{2,3})$", $value) ) {
            		$display_key = @str_replace('_', ' ', $key);
                		$error_message = $error_message . ' - ' . $display_key . ' '.$config['invalid_email_format'].' ';
                		$procede = false;
            	}

            	if ( $key == 'user_name' ) {

            		// check against reserved names e.g. -> admin etc... or adult words ban
            		if ( in_array( $user_name, $reserved_names ) ) {
            			$display_key = @str_replace('_', ' ', $key);
            			$error_message = $error_message . ' ' .$config['username_not_allowed'] . ' !';
            			$procede = false;
            		}
            	}

        	}
    	}
}

// checking if emails match
if ( $procede == true ) {
if ( $email_address !== $email_address2 ) {
      	$error_message = ' '.$config['emails_do_not_match'];
        	$procede = false;
    	}
}

// checking if passwords match
if ( $procede == true ) {
if ($confirm_password !== $password) {
      	$error_message = ' '.$config['password_do_not_match'];
        	$procede = false;
    	}
}

// checking if username and email is unique
if ( $procede == true ) {

$sql = "SELECT user_name, email_address FROM member_profile";
    	$query = @mysql_query($sql);

while ($result = (@mysql_fetch_array($query))) {

      	if ( !empty($result['user_name']) || !empty($result['email_address']) ) {

      		// case insensitive login and registration
        		$reg_user_name	= strtolower($user_name);
        		$db_user_name 	= strtolower($result['user_name']);

            	if ($db_user_name == $reg_user_name) {
                		$error_message = ' '.$config['username_is taken'];
                		$procede = false;
            	}
            	if ( $result['email_address'] == $email_address ) {
                		$error_message = $error_message . ' -'.$config['email_already_exists'];
                		$procede = false;
                	}
           }
    }
}

// if any errors display error message => [var.message_type] - [var.error_message]
if ($procede == false && $form_submitted == "yes") {
$message_type	= $lang_error;
    	$blk_notification = 1;
    	$show_signup = 1;

    	$template 		= "themes/$user_theme/templates/main_1.htm";
    	$inner_template1 	= "themes/$user_theme/templates/inner_signup_form.htm";
    	$TBS 			= new clsTinyButStrong;
    	$TBS->NoErr 	= true;

    	$TBS->LoadTemplate("$template");

    	$TBS->Render 	= TBS_OUTPUT;
    	$TBS->Show();

    	@mysql_close();
    	die();
}

// START => load page with form
if ( !isset($form_submitted) || ($form_submitted == '') ) {

$show_signup 	= 1;
$template 		= "themes/$user_theme/templates/main_1.htm";
      $inner_template1 	= "themes/$user_theme/templates/inner_signup_form.htm";
      $TBS 			= new clsTinyButStrong;
      $TBS->NoErr 	= true;

      $TBS->LoadTemplate("$template");
      $TBS->Render 	= TBS_OUTPUT;
      $TBS->Show();
      die();
}


// if no errors register user and load welcome page
if ($procede == true) {
$random_code	= randomcode();
    	$password_email	= $password;
    	$password		= md5($password);
    	$passwordSalt 	= substr(md5(rand()), 0, 4);

    	if ( $zip_code > '' ) {
    		$country_list = 'USA';
    	}

    	// insert new user record
    	$sql = "INSERT into member_profile (email_address, user_name, password, passwordSalt, first_name, last_name, zip_code, country, birthday, account_status, account_type, date_created, random_code)
    		VALUES ('$email_address', '$user_name', '$password', '$passwordSalt', '$first_name', '$last_name', '$zip_code', '$country_list', '$birthday', 'new', 'standard', NOW(), '$random_code')";

    	@mysql_query($sql) or die($config['error_26']);//error

    	// get new user_id
    	$sql 		= "SELECT user_id, email_address, random_code FROM member_profile WHERE random_code = '$random_code' AND email_address = '$email_address'";
    	$query 	= @mysql_query($sql);

    	while ($result = @mysql_fetch_array($query)) {
    		$user_id 	= $result['user_id'];
}

   	// set new user default privacy settings
    	$sql = "INSERT INTO privacy (videocomments, profilecomments, privatemessage, friendsinvite, newsletter, user_id, publicfavorites, publicplaylists) VALUES ('yes', 'yes', 'yes', 'yes', 'yes', '$user_id', 'yes', 'yes')";

    	$query = @mysql_query($sql);

@mysql_close();

      // send email
      $email_template	= 'email_templates/newmember.htm';
      $subject 		= $config['email_welcome'];
      $to 			= $email_address;
      $from 		= $config['notifications_from_email'];

      //send email template to TBS for rendering of variable inside
      $template 		= $email_template;
      $TBS 			= new clsTinyButStrong;
      $TBS->NoErr 	= true;

      $TBS->LoadTemplate("$template");
      $TBS->tbs_show(TBS_NOTHING);
      $message 		= $TBS->Source;

      //load postage.php
define('access',true);
include ('includes/postage.php');

    	// show success
    	$notification_type	= $config['notification_success'];
    	$message 			= $config['registration_success'];
    	$blk_notification 	= 0;

    	$template 			= "themes/$user_theme/templates/main_1.htm";
    	$inner_template1 		= "themes/$user_theme/templates/inner_notification.htm";
    	$TBS 				= new clsTinyButStrong;
    	$TBS->NoErr 		= true;

    	$TBS->LoadTemplate("$template");
    	$TBS->Render 		= TBS_OUTPUT;
    	$TBS->Show();

    	@mysql_close();
    	die();
}

?>

<?php
$sql = "INSERT into member_profile (email_address, user_name, password, passwordSalt, first_name, last_name, zip_code, country, birthday, account_status, account_type, date_created, random_code)
          VALUES ('$email_address', '$user_name', '$password', '$passwordSalt', '$first_name', '$last_name', '$zip_code', '$country_list', '$birthday', 'new', 'standard', NOW(), '$random_code')";
?>

 

This is the query that inserts the User-Information into the database. You'll have to add in the form-fields you modified yourself and remove the ones in the query that you removed from the form. You can just insert the data directly into the query, but I recommend you sanitize those fields you added in yourself to keep your registration-form from being exploited.

Thanks for your help. I have not removed anything from the form. But I have added.

 

I submitted this in the correct database under Submit Query, and a message appears that states "You have to choose at least one coulmn to display". Can you help direct me from here, please?

 

<?php
$sql = "INSERT into member_profile (email_address, user_name, password, passwordSalt, first_name, last_name, Address_1, Address_2, City, State, zip_code, country, birthday, account_status, account_type, date_created, random_code)
          VALUES ('$email_address', '$user_name', '$password', '$passwordSalt', '$first_name', '$last_name',  '$Address_1' '$Address_2' '$City', '$State', '$zip_code', '$country_list', '$birthday', 'new', 'standard', NOW(), '$random_code')";
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.