Jump to content

PHP Membership System problem


Fruddy

Recommended Posts

I followed the PHP Membership System tutorial, and when i go to the register.php i get this message:
Parse error: parse error, unexpected $ in /home/virtual/my-project.dk/public_html/register.php on line 115


On line 119 is where i close my php tag, ?>

its like theres something wrong the the mail function.


[code]
<?
# tip: its always best to have an include file with all your
# database information in one location. I'll post this file next.
include 'database.php';
# grab the POST variables from the HTML form,
# put them into PHP variables so we can work with them
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email_address = $_POST['email_address'];
$username = $_POST['username'];
$info = $_POST['info'];
$first_name = stripslashes($first_name);
$last_name = stripslashes($last_name);
$email_address = stripslashes($email_address);
$username = stripslashes($username);
$info = stripslashes($info);

# Any errors in the posted fields? Lets check...
# If there is an error, then we show the join form again
# so they can fill it out again. If everything
# checks out, then go ahead with your bad self!
if((!$first_name) || (!$email_address) || (!$username)){
    echo 'Du har ikke udfyldt de påkrævede felter! <br />';
    if(!$first_name){
        echo "Fornavn er et påkrævet felt!<br />";
    if(!$email_address){
        echo "Emailadresse er et påkrævet felt!<br />";
    }
    if(!$username){
        echo "Brugernavn er et påkrævet felt!<br />";
    }
    include 'join_form.html';
    exit();
}
   
# does this user already exist in the database? lets check for that now...
$sql_email_check = mysql_query("SELECT email_address FROM users WHERE email_address='$email_address'");
$sql_username_check = mysql_query("SELECT username FROM users WHERE username='$username'");

$email_check = mysql_num_rows($sql_email_check);
$username_check = mysql_num_rows($sql_username_check);

if(($email_check > 0) || ($username_check > 0)){
    echo "Fix følgende fejl: <br />";
    if($email_check > 0){
        echo "<strong>Emailadressen er allerede blevet taget! Vælg et andet.<br />";
        unset($email_address);
    }
    if($username_check > 0){
        echo "Brugernavnet er allerede blevet taget! Vælg et andet.<br />";
        unset($username);
    }
    include 'join_form.html'; // Show the form again!
    exit();
}

# everything checks out so far, so lets add this user!

/* Random Password generator. Thanks a ton, phpfreak!
http://www.phpfreaks.com/quickcode/Random_Password_Generator/56.php
We'll generate a random password for the
user and encrypt it, email it and then enter it into the db.
*/

function makeRandomPassword() {
  $salt = "abchefghjkmnpqrstuvwxyz0123456789";
  srand((double)microtime()*1000000);
      $i = 0;
      while ($i <= 7) {
            $num = rand() % 33;
            $tmp = substr($salt, $num, 1);
            $pass = $pass . $tmp;
            $i++;
      }
      return $pass;
}

$random_password = makeRandomPassword();

$db_password = md5($random_password);

/* Enter info into the Database.
I changed a little bit here from phpfreak's awesome tutorial on this subject. When I would get data from the user, I would not get an unencrypted password, only the md5 encrypted one. I couldn't use that, and me being the powertrip guy, I wrote in another little snippet to grab that password before it gets encrypted and stuff it into a blank variable, and write it to the database. Pretty nifty, eh?
*/
$info2 = htmlspecialchars($info);
$sql = mysql_query("INSERT INTO users (first_name, last_name, email_address, username, password, info, signup_date,

decrypted_password)
        VALUES('$first_name', '$last_name', '$email_address', '$username', '$db_password', '$info2', now(), '$random_password')") or die (mysql_error());

if(!$sql){
    echo 'Det er kommet en fejl. Kontakt webmasteren';
} else {
    $userid = mysql_insert_id();
    // Let's mail the user!
    $subject = "Your Distributor Membership at www.my-project.dk";
    $message = "Dear $first_name $last_name,
    You are now registered at our website, http://www.my-project.dk!
   
    To activate your membership, please login here: http://www.mywebsite.com/distributors_section/login_form.html
   
    Once you activate your membership, you will be able to login with the following information:
    Username: $username
    Password: $random_password
    Please keep this username and password in a location that is easily accessible by you.
   
    Thanks!
    #Fruddy my-project.dk
   
    This is an automated response, please do not reply!";
   
    mail($email_address, $subject, $message, "From: MyWebSite<email@mywebsite.com>\nX-Mailer: PHP/" . phpversion());
}
?> [/code]
Link to comment
Share on other sites

  • Replies 56
  • Created
  • Last Reply

Top Posters In This Topic

I copied this to view in dreamweaver

Line 25-26 of that text is missing an }
3rd line down in my example
[code=php:0]
if((!$first_name) || (!$email_address) || (!$username)){
    echo 'Du har ikke udfyldt de påkrævede felter! <br />';
    if(!$first_name){
        echo "Fornavn er et påkrævet felt!<br />";
    if(!$email_address){
        echo "Emailadresse er et påkrævet felt!<br />";
    }
    if(!$username){
        echo "Brugernavn er et påkrævet felt!<br />";
    }
    include 'join_form.html';
    exit();
}
[/php
Link to comment
Share on other sites

ok did you change

[code=php:0]
if((!$first_name) || (!$email_address) || (!$username)){
    echo 'Du har ikke udfyldt de påkrævede felter! <br />';
    if(!$first_name){
        echo "Fornavn er et påkrævet felt!<br />";
    if(!$email_address){
        echo "Emailadresse er et påkrævet felt!<br />";
    }
    if(!$username){
        echo "Brugernavn er et påkrævet felt!<br />";
    }
    include 'join_form.html';
    exit();
}
[/code]

To

[code=php:0]
if((!$first_name) || (!$email_address) || (!$username)){
    echo 'Du har ikke udfyldt de påkrævede felter! <br />';
    if(!$first_name){
        echo "Fornavn er et påkrævet felt!<br />";
    }
    if(!$email_address){
        echo "Emailadresse er et påkrævet felt!<br />";
    }
    if(!$username){
        echo "Brugernavn er et påkrævet felt!<br />";
    }
    include ("join_form.html");
    exit;
}[/code]

Good luck,
Tom
Link to comment
Share on other sites

Ok i have changes the exit; now, but not the big change:
www.my-project.dk/register.php

[code]if((!$first_name) || (!$email_address) || (!$username)){
    echo 'Du har ikke udfyldt de påkrævede felter! <br />';
    if(!$first_name){
        echo "Fornavn er et påkrævet felt!<br />";
    }
    if(!$email_address){
        echo "Emailadresse er et påkrævet felt!<br />";
    }
    if(!$username){
        echo "Brugernavn er et påkrævet felt!<br />";
    }
    include ("http://www.my-project.dk/join.php");
    exit;
}[/code]
Link to comment
Share on other sites

yea, but if u go to www.my-project.dk/register.php

Du har ikke udfyldt de påkrævede felter!
Fornavn er et påkrævet felt!
Emailadresse er et påkrævet felt!
Brugernavn er et påkrævet felt!
Du har ikke rettigheder til det pågældende sted.

You have not rights to view this area.




And the login_form is missing.
Link to comment
Share on other sites

But my join_form contains PHP:


join.php
<?php
# starting the session here
session_start();
if ($_SESSION['email_address'] != "youremail@here.com" ) {
    echo "<b>Du har ikke rettigheder til det pågældende sted.</b><br><br><br>";

# this prevents a user from typing or pasting a URL string
# into their browser to get to this page. If the $first_name
# variable is empty, then they log in like everyone else.
if ( empty( $first_name ) ) {
    print "Please login below!";
    include 'login_form.php';
}
} else { print "
# Here's the HTML form. Pretty simple, cut and dried.
# You should have learned this in day one of HTML class.
# See, this tutorial isn't that hard, is it?!

<form name=form1 method=post action=register.php>
  <table width=100% border=0 cellpadding=4 cellspacing=0>
    <tr>
      <td width=24% align=left valign=top>Fornavn</td>
      <td width=76%><input name=first_name type=text id=first_name2></td>
    </tr>
    <tr>
      <td align=left valign=top>Efternavne</td>
      <td><input name=last_name type=text id=last_name></td>
    </tr>
    <tr>
      <td align=left valign=top>Email</td>
      <td><input name=email_address type=text id=email_address></td>
    </tr>
    <tr>
      <td align=left valign=top>Brugernavn</td>
      <td><input name=username type=text id=username></td>
    </tr>
    <tr>
      <td align=left valign=top>Lidt om dig</td>
      <td><textarea name=info id=info></textarea></td>    </tr>
    <tr>
      <td align=left valign=top> </td>
      <td><input type=submit name=Submit value=opret bruger!></td>
    </tr>
  </table>
"; } ?>
Link to comment
Share on other sites

Alright here go (sorry it took so long)

[b]here is the register.php[/b]

[code=php:0]
<?php
include("db.php");//your database connection file
array_pop($_POST);
if ( get_magic_quotes_gpc() ) {
    $_POST= array_map('stripslashes', $_POST);
}
$username = mysql_real_escape_string(trim($_POST['username']));
$first_name = mysql_real_escape_string(trim($_POST['first_name']));
$last_name = mysql_real_escape_string(trim($_POST['last_name']));
$email = mysql_real_escape_string(trim($_POST['email_address']));    

if ((!$username) || (!first_name) || (!$last_name) || (!email_address)) {
    $message = "info";
    if (!username) {
      $error = "username";
  }
  if (!first_name) {
      $error = "first_name";
  }
  if (!$last_name) {
      $error = "last_name";
  }
  if (!email_address) {
      $error = "email_address";
  }
  include("join.php");
  exit;
}

$user_sql = "SELECT COUNT (*) user_match FROM 'users' WHERE 'username' ='$username'";
$email_sql = "SELECT COUNT (*) email_match FROM 'users' WHERE 'email_address' ='$email'";

$res= mysql_query($user_sql) or die(mysql_error());
$result= mysql_query($email_sql) or die(mysql_error());

$user_match= mysql_result($res, 0, 'user_match');
$email_match= mysql_result($result, 0, 'email_match');

if (($user_match > 0) || ($email_match > 0)) {
    if ($username > 0 ) {
        $message = "username_match";
        unset($username)
    }
    if ($email_match > 0) {
        $message = "email_match";
        unset($email);
    }
    include("join.php");
    exit;
}

function makepassword() {
  $salt = "abchefghjkmnpqrstuvwxyz0123456789";
  srand((double)microtime()*1000000); 
      $i = 0;
      while ($i <= 7) {
            $num = rand() % 33;
            $tmp = substr($salt, $num, 1);
            $pass = $pass . $tmp;
            $i++;
      }
      return $pass;
}

$randompwd =  makepassword();
$mdpwd = md5($randompwd);

$sql = mysql_query("INSERT INTO users (first_name, last_name, email_address, username, password, signup_date)
        VALUES('$first_name', '$last_name', '$email_address', '$username', '$mdpwd', now())") or die (mysql_error());

if(!$sql){
    echo 'Det er kommet en fejl. Kontakt webmasteren';
} else {
    $userid = mysql_insert_id();
    // Let's mail the user!
    $subject = "Your Distributor Membership at www.my-project.dk";
    $message = "Dear $first_name $last_name,
    You are now registered at our website, http://www.my-project.dk!
   
    To activate your membership, please login here: http://www.mywebsite.com/distributors_section/login_form.html
   
    Once you activate your membership, you will be able to login with the following information:
    Username: $username
    Password: $random_password
    Please keep this username and password in a location that is easily accessible by you.
   
    Thanks!
    #Fruddy my-project.dk
   
    This is an automated response, please do not reply!";
   
    mail($email_address, $subject, $message, "From: MyWebSite<email@mywebsite.com>\nX-Mailer: PHP/" . phpversion());
}
?>[/code]

[b]And here is the form that posts to it.

Join.php[/b]

[code=php:0] <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Join Us</title>
</head>

<body>
<?php
if (($message == "info") || ($message == "email_check") || ($message == "username_check")) {
    if ($message == "info") {
        echo "You did not submit the following information";
    if ($error == "username") {
        echo "Username is a required field";
    }
    if ($error == "first_name") {
        echo "First Name is a required field";
    }
    if ($error == "last_name") {
        echo "Last name is a required field";
    }
    if ($error == "email_address") {
        echo "Your email address is a required field";
    }
    }
    if ($message == "email_check") {
    echo "You are already a member.";
}
if ($message == "username_check") {
    echo "Your username is already being used by another member. Please try again.";
    }
}
?>
<form method="post" action="register.php">
  <table width="100%" border="0" cellpadding="4" cellspacing="0">
    <tr>
      <td width="24%" align="left" valign="top">Fornavn</td>
      <td width="76%"><input name="first_name" type="text" id="first_name2"></td>
    </tr>
    <tr>
      <td align="left" valign="top">Efternavne</td>
      <td><input name="last_name" type="text" id="last_name"></td>
    </tr>
    <tr>
      <td align="left" valign="top">Email</td>
      <td><input name="email_address" type="text" id="email_address"></td>
    </tr>
    <tr>
      <td align="left" valign="top">Brugernavn</td>
      <td><input name="username" type="text" id="username"></td>
    </tr>
      <td align="left" valign="top"> </td>
      <td><input type="submit" name="Submit" value="opret bruger!"></td>
    </tr>
  </table>
</form> 
</body>
</html>
[/code]


[b]Here is the checkuser.php[/b]


[code=php:0]<?php
session_start();
include ('includes/db.php');
array_pop($_POST);
if ( get_magic_quotes_gpc() ) {
    $_POST= array_map('stripslashes', $_POST);
}
$username= mysql_real_escape_string(trim($_POST['username']));
$password= mysql_real_escape_string(trim($_POST['password']));
$mdpwd= md5($password);

if ((!$username) || (!password)) {
    $message = "login_info";
    include("login.php");
exit;
}

$sql= sprintf("SELECT COUNT(*) AS login_match FROM `users` WHERE `username` = '%s' AND `password`= '%s'", $username, $mdpwd);
$res= mysql_query($sql) or die(mysql_error());
$login_match= mysql_result($res, 0, 'login_match');

if ( $login_match == 1 ) {
    $_SESSION['username']= "$username";
    include("somepage.php");//where ever you want a loged in user to go to
} else {
    $error ="userinfo";
include('login.php');
// not logged in
}
?>[/code]

[b]and here is the form that posts to it.

login.php[/b]

[code=php:0]<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Login Form</title>
</head>

<body>
<?php
if (($message == "login_info") || (!$message == "userinfo") {
    if ($message == "login_info") {
    echo "You did not enter your username or password. Please try again.";
}
if ($message == "userinfo") {
    echo "Your username and password do not match. Please try again";
}
}
?>
<form action="checkuser.php" method="post" name="form1">
  <div align="justify">
    <table width="50%" border="0" align="center" cellpadding="4" cellspacing="0">
      <tr>
        <td width="20%">Brugernavn</td>
        <td width="80%"><input name="username" type="text" id="username"></td>
      </tr>
      <tr>
        <td>Kodeord</td>
        <td><input name="password" type="password" id="password"></td>
      </tr>
      <tr>
        <td> </td>
        <td><input type="submit" name="Submit" value="Submit"></td>
      </td>
    </table>
  </div>
</form> 
</body>
</html>
[/code]


Hope this helps,
Tom
Link to comment
Share on other sites

Phew! Thansk for the great work Tomfmason!

I think theres missing a end } somewhere, but I cant figure out where  ???
www.my-project.dk/register.php


[code]<?php
include("db.php");//your database connection file
array_pop($_POST);
if ( get_magic_quotes_gpc() ) {
    $_POST= array_map('stripslashes', $_POST);
}
$username = mysql_real_escape_string(trim($_POST['username']));
$first_name = mysql_real_escape_string(trim($_POST['first_name']));
$last_name = mysql_real_escape_string(trim($_POST['last_name']));
$email = mysql_real_escape_string(trim($_POST['email_address']));
if ((!$username) || (!first_name) || (!$last_name) || (!email_address)) {
    $message = "info";
if (!username) {
    $error = "username";
}
if (!first_name) {
    $error = "first_name";
}
if (!$last_name) {
    $error = "last_name";
}
if (!email_address) {
    $error = "email_address";
}
include("join.php");
exit;
}

$user_sql = "SELECT COUNT (*) user_match FROM 'users' WHERE 'username' ='$username'";
$email_sql = "SELECT COUNT (*) email_match FROM 'users' WHERE 'email_address' ='$email'";

$res= mysql_query($user_sql) or die(mysql_error());
$result= mysql_query($email_sql) or die(mysql_error());

$user_match= mysql_result($res, 0, 'user_match');
$email_match= mysql_result($result, 0, 'email_match');

if (($user_match > 0) || ($email_match > 0)) {
    if ($username > 0 ) {
    $message = "username_match";
unset($username)
}
if ($email_match > 0) {
    $message = "email_match";
unset($email);
}
include("join.php");
exit;
}
function makepassword() {
  $salt = "abchefghjkmnpqrstuvwxyz0123456789";
  srand((double)microtime()*1000000); 
      $i = 0;
      while ($i <= 7) {
            $num = rand() % 33;
            $tmp = substr($salt, $num, 1);
            $pass = $pass . $tmp;
            $i++;
      }
      return $pass;
}
$randompwd =  makepassword();
$mdpwd = md5($randompwd);

$sql = mysql_query("INSERT INTO users (first_name, last_name, email_address, username, password, signup_date)
        VALUES('$first_name', '$last_name', '$email_address', '$username', '$mdpwd', now())") or die (mysql_error());

if(!$sql){
    echo 'Det er kommet en fejl. Kontakt webmasteren';
} else {
    $userid = mysql_insert_id();
    // Let's mail the user!
    $subject = "Your Distributor Membership at www.my-project.dk";
    $message = "Dear $first_name $last_name,
    You are now registered at our website, http://www.my-project.dk!
   
    To activate your membership, please login here: http://www.mywebsite.com/distributors_section/login_form.html
   
    Once you activate your membership, you will be able to login with the following information:
    Username: $username
    Password: $random_password
    Please keep this username and password in a location that is easily accessible by you.
   
    Thanks!
    #Fruddy my-project.dk
   
    This is an automated response, please do not reply!";
   
    mail($email_address, $subject, $message, "From: MyWebSite<email@mywebsite.com>\nX-Mailer: PHP/" . phpversion());
}
?>
<script language="JavaScript">
          alert("Du kan nu logge ind!")
          location.href = "http://www.my-project.dk";
</script>[/code]
Link to comment
Share on other sites

no that is not it. For some reason the if's get all messed up when posting them. The problem is with the

[code=php:0]
if (($user_match > 0) || ($email_match > 0)) {
    if ($username > 0 ) {
    $message = "username_match";
unset($username) //<---right here. I forgot a ;
}
if ($email_match > 0) {
    $message = "email_match";
unset($email);
}
include("join.php");
exit;
}[/code]

@onlyican

The if statement there is meant to inclose more ifs. so if there is no username,first_name, last_name or email then it will proceed with the ifs and define the error messages.
Link to comment
Share on other sites

Ok, now theres no error message in the register.php, BUT try to make a user...

[b]You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '(*) user_match FROM 'users' WHERE 'username' ='sdasa'' at line[/b]
:-[ :-[
Is it really that stressfull to make a login system? :-X
Link to comment
Share on other sites

It is not stress ful to me. I like a to be challenged. Any way it is another simple error on my part. I keep saying that I am going to test the scripts that I post(so stuff like this won't happen).

change
[code]$user_sql = "SELECT COUNT (*) user_match FROM 'users' WHERE 'username' ='$username'";
$email_sql = "SELECT COUNT (*) email_match FROM 'users' WHERE 'email_address' ='$email'";
[/code]


To

[code]$user_sql = "SELECT COUNT (*) AS user_match FROM 'users' WHERE 'username' ='$username'";
$email_sql = "SELECT COUNT (*) AS email_match FROM 'users' WHERE 'email_address' ='$email'";
[/code]

Forgot an [b]AS[/b].
Link to comment
Share on other sites

the  field name users is using single quotes

They are not the tick thingies.

$user_sql = "SELECT COUNT (*) AS user_match FROM users WHERE 'username' ='$username'";
$email_sql = "SELECT COUNT (*) AS email_match FROM users WHERE 'email_address' ='$email'";
Link to comment
Share on other sites

change

[code=php:0] $user_sql = "SELECT COUNT (*) AS user_match FROM 'users' WHERE 'username' ='$username'";
$email_sql = "SELECT COUNT (*) AS email_match FROM 'users' WHERE 'email_address' ='$email'";[/code]


to
[code=php:0]$user_sql = "SELECT COUNT (*) AS user_match FROM `users` WHERE 'username' ='$username'";
$email_sql = "SELECT COUNT (*) AS email_match FROM `users` WHERE 'email_address' ='$email'";[/code]

Try this and if there are anymore errors I will debug it on my server and post the fixed code.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.