Jump to content

Recommended Posts

Hi, What I'm trying to do is send a user back to a registration form, if the username they entered contained spaces?

 

This is my signup check code:

 

<?php
session_start();
require_once('config.php');
$errmsg_arr = array();
$errflag = false;

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
	die('Failed to connect to server: ' . mysql_error());
}

$db = mysql_select_db(DB_DATABASE);
if(!$db) {
	die("Unable to select database");
}

function clean($str) {
	$str = @trim($str);
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

$name = clean($_POST['name']);
$email = clean($_POST['email']);
$cemail = clean($_POST['cemail']);
$username = clean($_POST['username']);
$password = clean($_POST['password']);
$cpassword = clean($_POST['cpassword']);

if($name == '') {
	$errmsg_arr[] = 'Your name missing';
	$errflag = true;
}
if($email == '') {
	$errmsg_arr[] = 'Email missing';
	$errflag = true;
}
if($cemail == '') {
	$errmsg_arr[] = 'Confirm Email missing';
	$errflag = true;
}
if($username == '') {
	$errmsg_arr[] = 'Desired username';
	$errflag = true;
}
if($password == '') {
	$errmsg_arr[] = 'Password missing';
	$errflag = true;
}
if($cpassword == '') {
	$errmsg_arr[] = 'Confirm password missing';
	$errflag = true;
}
if( strcmp($email, $cemail) != 0 ) {
	$errmsg_arr[] = 'Emails do not match';
	$errflag = true;
}
if( strcmp($password, $cpassword) != 0 ) {
	$errmsg_arr[] = 'Passwords do not match';
	$errflag = true;
}

if($username != '') {
	$qry = "SELECT * FROM members WHERE email='$email'";
	$result = mysql_query($qry);
	if($result) {
		if(mysql_num_rows($result) > 0) {
			$errmsg_arr[] = 'Sorry, E-Mail is already in use. Please contact us!';
			$errflag = true;
		}
		@mysql_free_result($result);
	}
	else {
		die("Query failed");
	}
}

if($username != '') {
	$qry = "SELECT * FROM members WHERE username='$username'";
	$result = mysql_query($qry);
	if($result) {
		if(mysql_num_rows($result) > 0) {
			$errmsg_arr[] = 'Sorry, Username taken!';
			$errflag = true;
		}
		@mysql_free_result($result);
	}
	else {
		die("Query failed");
	}
}

if($errflag) {
	$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
	session_write_close();
	header("location: register_fail.php");
	exit();
}

ini_set('date.timezone', 'Europe/London');
    $datetime = date("F j, Y, g:i a");

$qry = "INSERT INTO members(name, username, email, password, reg_ip, rank) VALUES('$name','$username','$email','$password','".$_SERVER['REMOTE_ADDR']."','0')";
$result = @mysql_query($qry);

$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
    $DB_Query = @mysql_query("UPDATE `members` SET lastlogin='$datetime' WHERE username='$username'") OR die('MySQL error: '.mysql_error());

$qry="SELECT * FROM members WHERE username='$username' AND password='$password'";
$result=mysql_query($qry);

if($result) {
	if(mysql_num_rows($result) == 1) {
		session_regenerate_id();
		$member = mysql_fetch_assoc($result);
		$_SESSION['id'] = $member['member_id'];
		$_SESSION['name'] = $member['name'];
		$_SESSION['user'] = $member['username'];
		$_SESSION['email'] = $member['email'];
		$_SESSION['rank'] = $member['rank'];
		$_SESSION['lastlogin'] = $member['lastlogin'];
		session_write_close();
		header("location: community.php");
		exit();
	}else {

		header("location: fail.php");
		exit();
	}
}else {
	die("Query failed");
}
?>

 

So really, I'd like to create another one of these;

if($cpassword == '') {

But instead of it giving an error message for the field being blank, give an error message for the field having spaces in it? If that makes sense.

 

Any help would be great!

if (strpos($username,' ') === false) {

}

 

Hi, thanks, but this only gives the user an error if their username is just a space, rather than if there was a space in between lettering (eg.  Acceptable:  username  Unacceptable:  user name) Any idea on how to do that?

Shouldn't a single space be an illegal username anyways? lol

 

Sounds like you need regular expressions.  The PHP documentation has a great tutorial on them.

 

Lol yes :)

Do you know where I can find a tutorial on sending the user back to the register form if the username is anything other than aplha-numeric?

no.. strpos read the manual.. it returns the offset of a string inside another string, ' ' would be the substr and it will return false if it doesn't exist.. I put === false to see if it is a VALID username (no spaces)

no.. strpos read the manual.. it returns the offset of a string inside another string, ' ' would be the substr and it will return false if it doesn't exist.. I put === false to see if it is a VALID username (no spaces)

 

:S Hmm, but for me, it's still registering the user if it has a space in the name?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.