Jump to content

Registration/login form

etiko123

By etiko123
in PHP Coding Help

 Share

Recommended Posts

etiko123 Newbie

etiko123

Posted
Posted

Hello guys, i am new to php and i am trying to make a registration and login form work but i have been unsucessful so far...the form does not insert the records into the database hence, i cant register a new user or an existing user cant login....i manually inserted some records in my database and tried to login with that but no luck.

 

This is the code for the form

<?php

include("functions.php");                                 #7

?>

<head><title>Customer Login Page</title>

<style type='text/css'>

      <!--

      label {

        font-weight: bold;

        float: left;

        width: 27%;

        margin-right: .5em;

        text-align: right;

        }

      legend {

        font-weight: bold;

        font-size: 1.2em;

        margin-bottom: .5em;

        }

      #wrapper {

        margin: 0;

        padding: 0;

        }

      #login {

        position: absolute;

        left: 0;

        width: 40%;

        padding: 1em 0;

        }

      #reg {

        position: absolute;

        left: 40%;

        width: 60%;

        padding: 1em 0;

        }

      #field {padding-bottom: .5em;}

      .errors {

        font-weight: bold;

        font-style: italic;

        font-size: 90%;

        color: red;

        margin-top: 0;

        }

        -->

    </style>

</head>

<body style="margin: 0">

<?php                                                     #52

$fields_1 =  array("fusername" => "User Name",           #53

                    "fpassword" => "Password"

                  );

$fields_2 =  array("user_name"      => "User Name",     #56

                    "password"      => "Password",

                    "email"          => "Email",

                    "first_name"    => "First Name",

                    "last_name"      => "Last Name",

                    "street"        => "Street",

                    "city"          => "City",

                    "state"          => "State",

                    "zip"            => "Zip",

                    "phone"          => "Phone",

                    "fax"            => "Fax"

                  );                                     #67

?>

<div id="wrapper">

  <div id="login">

  <form action=<?php echo $_SERVER['PHP_SELF']?>

        method="POST">

      <fieldset style='border: 2px solid #000000'>

        <legend>Login Form</legend>

<?php                                                     #75

        if (isset($message_1))                           #76

        {

          echo "<p class='errors'>$message_1</p>\n";

        }

        foreach($fields_1 as $field => $value)           #80

        {

          if(preg_match("/pass/i",$field))

            $type = "password";

          else

            $type = "text";

          echo "<div id='field'>

            <label for='$field'>$value</label>

            <input id='$field' name='$field' type='$type'

            value='".@$$field."' size='20' maxlength='50' />

            </div>\n";

        }                                                 #91

?>

        <input type="submit" name="Button"

              style='margin-left: 45%; margin-bottom: .5em'

              value="Login" />

      </fieldset>

    </form>

    <h3 style='text-align: center; margin: 1em'>

        If you already have an account, log in.</h3>

    <h3 style='text-align: center; margin: 1em'>

        If you do not have an account, register now.</h3>

  </div>

  <div id="reg">

    <form action=<?php echo $_SERVER['PHP_SELF']?>

          method="POST">

      <fieldset style='border: 2px solid #000000'>

      <legend>Registration Form</legend>

<?php                                                   #108

      if(isset($message_2))                             #109

      {

        echo "<p class='errors'>$message_2</p>\n";

      }

      foreach($fields_2 as $field => $value)           #113

      {

        if($field == "state")                           #115

        {

          echo "<div id='field'>

            <label for='$field'>$value</label>

            <select name='state' id='state'>";

            $stateName=getStateName();

            $stateCode=getStateCode();

            for ($n=1;$n<=50;$n++)       

            {

              $state=$stateName[$n]; 

              $scode=$stateCode[$n];

              echo "<option value='$scode'";

              if ($scode== "AL")

                  echo " selected";

  echo " >$state</option>\n";

            }

            echo "</select></div>";

        }

        else                                           #133

        {

          if(preg_match("/pass/i",$field))

            $type = "password";

          else

            $type = "text";

          echo "<div id='field'>

            <label for='$field'>$value</label>

            <input id='$field' name='$field' type='$type'

            value='".@$$field."' size='40' maxlength='65' />

            </div>\n";

        }  //end else

      }  // end foreach field                           #145

?>

      <input type="submit" name="Button"

          style='margin-left: 45%; margin-bottom: .5em'

          value="Register">

      </fieldset>

    </form>

  </div>

</div>

</body></html>

 

 

 

Thi is the script which processes the form

 

<?php

session_start();                                           #9

switch (@$_POST['Button'])                               #10

{

  case "Login":                                           #12

    include("database.php");                               #13

    $cxn = mysqli_connect($host,$user,$passwd,$dbname)

            or die("Query died: connect");              #15

    $sql = "SELECT user_name FROM Customer

              WHERE user_name='$_POST[fusername]'";

    $result = mysqli_query($cxn,$sql)

                or die("Query died: fuser_name");

    $num = mysqli_num_rows($result);                    #20

    if($num > 0)                                        #21

    {

      $sql = "SELECT user_name FROM Customer

              WHERE user_name='$_POST[fusername]'

              AND password=md5('$_POST[fpassword]')";

      $result2 = mysqli_query($cxn,$sql)

                  or die("Query died: fpassword");       #27 

      $num2 = mysqli_num_rows($result2);                #28

      if($num2 > 0)  //password matches                   #29

      {

        $_SESSION['auth']="yes";                        #31

        $_SESSION['logname'] = $_POST['fusername'];      #32

        header("Location: SecretPage.php");              #33

      }

      else  // password does not match                  #35

      {

        $message_1="The Login Name, '$_POST[fusername]'

                exists, but you have not entered the

                correct password! Please try again.";

        $fusername = strip_tags(trim($_POST[fusername]));

        include("form_login_reg.php");

      }                                                   #42

    }  // end if $num > 0                                #43

    elseif($num == 0)  // login name not found          #44

    {

      $message_1 = "The User Name you entered does not

                    exist! Please try again.";

      include("form_login_reg.php");

    }

  break;                                                #50

 

  case "Register":                                      #52

  /* Check for blanks */

    foreach($_POST as $field => $value)                  #54

    {

      if ($field != "fax")                              #56

      {

        if ($value == "")

        {

          $blanks[] = $field;

        }

        else

        {

          $good_data[$field] = strip_tags(trim($value));

        }

      }

    } // end foreach POST                                #67

    if(isset($blanks))                                  #68

    {

      $message_2 = "The following fields are blank.

            Please enter the required information:  ";

      foreach($blanks as $value)

      {

        $message_2 .="$value, ";

      }

      extract($good_data);                              #76

      include("form_login_reg.php");

      exit();                                             #78

    }  // end if blanks found                             #79

  /* validate data */

    foreach($_POST as $field => $value)                  #81

    {

      if(!empty($value))                                 #83

      {

        if(preg_match("/name/i",$field) and

          !preg_match("/user/i",$field) and

          !preg_match("/log/i",$field))

        {

          if (!preg_match("/^[A-Za-z' -]{1,50}$/",$value))

          {

            $errors[] = "$value is not a valid name. ";

          }

        }

        if(preg_match("/street/i",$field) or

          preg_match("/addr/i",$field) or

          preg_match("/city/i",$field))

        {

          if(!preg_match("/^[A-Za-z0-9.,' -]{1,50}$/",

                        $value))

          {

            $errors[] = "$value is not a valid address

 

                          or city. ";

          }

        }

        if(preg_match("/state/i",$field))

        {

          if(!preg_match("/^[A-Z][A-Z]$/",$value))

          {

            $errors[] = "$value is not a valid state

                        code. ";

          }

        }

        if(preg_match("/email/i",$field))

        {

          if(!preg_match("/^.+@.+\\..+$/",$value))

          {

            $errors[] = "$value is not a valid email

                        address. ";

          }

        }

        if(preg_match("/zip/i",$field))

        {

          if(!preg_match("/^[0-9]{5,5}(\-[0-9]{4,4})?$/",

                        $value))

          {

            $errors[] = "$value is not a valid zipcode. ";

          }

        }

        if(preg_match("/phone/i",$field) or

          preg_match("/fax/i",$field))

        {

          if(!preg_match("/^[0-9)(xX -]{7,20}$/",$value))

          {

            $errors[] = "$value is not a valid phone

                        number. ";

          }

        }

      } // end if not empty                             #138

    } // end foreach POST

    foreach($_POST as $field => $value)                 #140

    {               

      $$field = strip_tags(trim($value));

    }

    if(@is_array($errors))                               #144

    {

      $message_2 = "";

      foreach($errors as $value)

      {

        $message_2 .= $value." Please try again<br />";

      }

      include("form_login_reg.php");

      exit();

    } // end if errors are found                        #153

 

  /* check to see if user name already exists */

    include("database.php");                             #156

    $cxn = mysqli_connect($host,$user,$passwd,$dbname)

            or die("Couldn't connect to server");

    $sql = "SELECT user_name FROM Customer

                WHERE user_name='$user_name'";          #160

    $result = mysqli_query($cxn,$sql)

                or die("Query died: user_name.");

    $num = mysqli_num_rows($result);                    #163

    if($num > 0)                                        #164

    {

      $message_2 = "$user_name already used. Select another

                      User Name.";

      include("form_login_reg.php");

      exit();

    } // end if user name already exists

    else                                                #171

    { 

    // $today = date("Y-m-d");                          #173

      $sql = "INSERT INTO Customer (user_name,

                password,first_name,last_name,street,city,

                state,zip,phone,fax,email) VALUES

              ('$user_name',md5('$password'),

              '$first_name', '$last_name','$street','$city',

              '$state','$zip','$phone','$fax','$email')";

      mysqli_query($cxn,$sql);                          #180

      $_SESSION['auth']="yes";                          #181

      $_SESSION['logname'] = $user_name;                #182

      /* send email to new Customer */

      $emess = "You have successfully registered. ";

      $emess .= "Your new user name and password are: ";

      $emess .= "\n\n\t$user_name\n\t";

      $emess .= "$password\n\n";

      $emess .= "We appreciate your interest. \n\n";

      $emess .= "If you have any questions or problems,";

      $emess .= " email service@ourstore.com";        #190

      $subj = "Your new customer registration";        #191

      #$mailsend=mail("$email","$subj","$emess");      #192

      header("Location: SecretPage.php");              #193

    } // end else no errors found

  break;                                              #195

 

  default:                                            #197

    include("form_login_reg.php");

}  // end switch

?>

 

 

Link to comment
https://forums.phpfreaks.com/topic/176291-registrationlogin-form/
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.